Watch an Application Security Tutorial

Understanding SQL Injection: Safely Testing your Production Site

SQL Injection is among the most dangerous of web application attacks. Hackers can do anything from accessing confidential data (including credit card numbers and social security numbers) to deleting data from databases. Because of the multiple permutations of SQL Injection attacks, comprehensive testing is extremely difficult. Creating tests that safely test production servers without impacting databases adds another level of difficulty.

This voiceover training session will walk you through the key aspects of SQL Injection attacks as well as methods to safely test your web applications.

Duration: 16 minutes

Inventorying Your Site: You Can’t Defend What You Can’t Inventory

Unlike network security, where vulnerabilities are in known locations in millions of identical setups, web applications are like snowflakes: no two are the same. The first, and possibly the greatest difficulty in securing web applications is understanding the architecture of the application and the resources (e.g. database queries, logins, etc.) that are vulnerable to attack. Once this is known, security administrators can begin to assess their sites vulnerabilities to varying types of attacks.

This voice-over training session, will walk you through the most important aspects of inventorying your website.

Duration: 9 minutes

NTOSpider Product Tour

These NTOSpider video demonstrations will guide you through software scan configuration settings, reviewing reports, managing vulnerabilities, and more.