This session will explain and demonstrate exactly how a SQL Injection attack occurs. While the core vulnerability is easy to understand, exactly how hackers exploit that vulnerability is not. I'll show you how a hacker explores your database through SQL Injection to find vulnerabilities and sensitive data. Better still, I'll show you the errors that this exploration generates as a mechanism for monitoring your systems to find SQL Injection attacks. Finally, I'll show you the steps you should be taking to properly secure your systems in order to completely avoid SQL Injection attacks.

Presented by Grant Fritchey at SQLBits XX