 |
 |
| sss |  |
 |
 |
 |
 |
 |
||
 |
 |
|
|
NT OBJECTives, Inc. Web Application Security Educational Series Understanding SQL Injection Safely Testing your Production Site SQL Injection is among the most dangerous of web application attacks. Hackers can do anything from accessing confidential data (including credit card numbers and social security numbers) to deleting data from databases. Because of the multiple permutations of SQL Injection attacks, comprehensive testing is extremely difficult. Creating tests that safely test production servers without impacting databases adds another level of difficulty. This voiceover training session, created by NT OBJECTives, Inc. CSO and published author Michael Shema, will walk you through the key aspects of SQL Injection attacks as well as methods to safely test your web applications . Length: 16 minutes Download the training session Inventorying Your Site You Can't Defend What You Can't Inventory Unlike network security, where vulnerabilities are in known locations in millions of identical setups, web applications are like snowflakes: no two are the same. The first, and possibly the greatest difficulty in securing web applications is understanding the architecture of the application and the resources (e.g. database queries, logins, etc.) that are vulnerable to attack. Once this is known, security administrators can begin to assess their sites’ vulnerabilities to varying types of attacks. This voiceover training session, created by NT OBJECTives, Inc. CEO JD Glaser, will walk you through the most important aspects of inventorying your website. Length: 9 minutes Download the training session Coming soon What to Fix First Focusing Remediation Priorities A great deal of time and energy has been focused on finding web application vulnerabilities, with good reason. Because web applications are all unique, and there are many variations on the attacks, efficient vulnerability scanning is critical to securing web applications. But it is only the first step. A single coding flaw can be replicated on hundreds of links across hundreds of applications and can have thousands or tens of thousands of instantiations across an enterprise. Some of these applications access databases that contain critical data or are mission critical from a business standpoint. Prioritizing, categorizing and assigning the remediation of these vulnerabilities can be as difficult a task as finding them in the first place. This voiceover training session, created by NT OBJECTives, Inc. Engineer and Project Founder of php GroupWare, Dan Kuykendall, will walk you through prioritizing the remediation of vulnerabilities across your enterprise. |
|||||||||||||||||||||||||||||||||
