Jun 07, 2012
Strategy: How Attackers Find and Exploit Database Vulnerabilities
Fourteen years ago, an article in Phrack magazine made history when it made what is believed to be the first publicized mention of SQL injection. In the years since then, SQL injection has become a common way for hackers to work their way into a database and swipe information.
Fortunately, developers can close these security holes by baking security into the development process and following best practices for coding. But database security goes way beyond SQL injection. It includes password management, sound approaches to user provisioning and the deployment of patches in a reasonable amount of time. The arms race between malicious hackers the security community will continue. In the end, stopping these hackers at the gate requires a multipronged approach and constant vigilance. (S4920512)