SQL Server under attack: SQL Injection

One of the most frequently attacked targets is the data stored on database servers and SQL Injection remains one of the most prevalent attack methods.
In this demo-based session, Andreas Wolter, former Program Manager for SQL security at Microsoft will demonstrate several real-life attacks - ranging from simple data reading to service disruption through various manual SQL Injection techniques. He’ll cover privilege escalation to sysadmin level and even a DoS attack on SQL Server using SQL commands.
If you have a database server that can be accessed by processes beyond your direct control or through frontend applications, and you’re concerned about the potential security implications, this session is for you. You'll learn how specific configuration settings can pose risks to your environment, helping you engage more effectively with your developers or database application vendors to mitigate security risks in your SQL Server environment.

understand the different types of SQLinjection learn how SQLinjection can be prevented learn about specific high-risk settings in SQL server