SQL Injection is among the most dangerous of web application attacks. Hackers can do anything from accessing confidential data (including credit card numbers and social security numbers) to deleting data from databases. Because of the multiple permutations of SQL Injection attacks, comprehensive testing is extremely difficult. Creating tests that safely test production servers without impacting databases adds another level of difficulty.
This voiceover training session will walk you through the key aspects of SQL Injection attacks as well as methods to safely test your web applications.
Duration: 16 minutes
Unlike network security, where vulnerabilities are in known locations in millions of identical setups, web applications are like snowflakes: no two are the same. The first, and possibly the greatest difficulty in securing web applications is understanding the architecture of the application and the resources (e.g. database queries, logins, etc.) that are vulnerable to attack. Once this is known, security administrators can begin to assess their sites vulnerabilities to varying types of attacks.
This voice-over training session, will walk you through the most important aspects of inventorying your website.
Duration: 9 minutes