Explained – SQL Injection
ASP.NET 2.0 Security Videos
J.D. Meier, Keith Brown, Prashant Bansode
Microsoft Corporation
November 2007
This video module shows you how to protect from SQL injection.
Objectives
- Exploit SQL injection vulnerability.
- Defend against SQL injection by filtering and sandboxing input with a parameterized query.
Video
The video is a small wmv file streaming / download:
- Explained – SQL Injection (Length: 6:01 - Size: 6.37 MB)
Recommended Guidance
- How To: Protect From SQL Injection in ASP.NET
- How To: Protect From Injection Attacks in ASP.NET
- How To: Use Regular Expressions to Constrain Input in ASP.NET
- Security Guidelines: ADO.NET 2.0 (See "Input and Data Validation" section)
- Security Guidelines: ADO.NET 2.0 (See "SQL Injection" section)
- Design Guidelines for Secure Web Applications (See "Input Validation" section)
- Architecture and Design Review for Security (See "Input Validation" section)
- Security Guidelines: ASP.NET 2.0 (See "Input and Data Validation" section)