SQL Injection Defenses
Publisher: O'Reilly Media
Final Release Date: March 2007

This Short Cut introduces you to how SQL injection vulnerabilities work, what makes applications vulnerable, and how to protect them. It helps you find your vulnerabilities with analysis and testing tools and describes simple approaches for fixing them in the most popular web-programming languages.

This Short Cut also helps you protect your live applications by describing how to monitor for and block attacks before your data is stolen.

Hacking is an increasingly criminal enterprise, and web applications are an attractive path to identity theft. If the applications you build, manage, or guard are a path to sensitive data, you must protect your applications and their users from this growing threat.

Product Details
About the Author
Recommended for You
Customer Reviews


by PowerReviews
oreillySQL Injection Defenses

(based on 2 reviews)

Ratings Distribution

  • 5 Stars



  • 4 Stars



  • 3 Stars



  • 2 Stars



  • 1 Stars



Reviewed by 2 customers

Displaying reviews 1-2

Back to top


Just what I was looking for

By LivvyWalker

from Palo Alto, CA

About Me Developer

Verified Reviewer


  • Concise
  • Easy to understand
  • Helpful examples


    Best Uses

    • Intermediate
    • Novice

    Comments about oreilly SQL Injection Defenses:

    I was looking for something brief and convincing to share with managers and developers, and this is it. It's just the right balance of persuasion and technical information. So many of the resources that I found assumed the reader already understood why SQL injection is something to worry about, that could happen to YOU, and leapt directly into technical arcana. I am so grateful to have this to suggest to everyone at the next staff meeting. (Along with some request logs that clearly show someone probing for the vulnerability.)


    Great Information on SQL Injection

    By Frank Stepanski

    from Undisclosed

    Comments about oreilly SQL Injection Defenses:

    For people who use databases for web applications, the threat of attacks is great no matter how small or large your database is. It doesnt matter what type of database you use either (SQL Server, ORACLE, MYSQL). As long as there are hackers out there, then your data is at risk. This great guide gives and overview as well as practical examples for various DBMS on the different types of SQL Injection and how to prevent it from working within your server-side script (PHP, ASP.NET, Java) with filtering, or from within your DBMS using stored proceedures or other techniques.

    This is a great guide for the novice getting started in web development or the DBA who needs a quick reference to find specific information. OF course there are books out there with more detail but you don't have to page through 1000+ page books or go searching for hours online. And for 9.99 its worth every penny!

    Go get it and keep your data safe!

    Displaying reviews 1-2

    Back to top

    Buy 2 Get 1 Free Free Shipping Guarantee
    Buying Options
    Immediate Access - Go Digital what's this?
    Ebook:  $9.99
    Formats:  ePub, Mobi, PDF