Welcome
to the Tutorial
on Defending Against SQL Injection Attacks!
Without
proper safeguards, applications are vulnerable to various forms of
security attack. One particularly pervasive method of attack is called
SQL injection. Using this method, a hacker can pass string input to an
application with the hope of gaining unauthorized access to a database.
By taking this self-study tutorial, you
can arm yourself with techniques and tools to strengthen your code and
applications against these attacks. This tutorial employs text and
diagrams to present concepts, design issues, coding standards,
processes, and tools. Flash-based demos and simulations allow you to
visualize what you have learned, and assessment quizzes help you gauge
your learning progress.
Learning Objectives
After taking this tutorial, you should be able to:
 |
Categorize and explain various types of SQL injection attacks |
|
Describe coding and design strategies for avoiding SQL injection attacks |
|
Use DBMS_ASSERT to validate input values |
|
Use code review tools to identify possible SQL injection vulnerabilities |
|
Apply coding standards to eliminate SQL injection vulnerabilities Site From : http://st-curriculum.oracle.com/tutorial/SQLInjection/index.htm |
No comments:
Post a Comment