Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


This Short Cut introduces you to how SQL injection vulnerabilities work, what makes applications vulnerable, and how to protect them. It helps you find your vulnerabilities with analysis and testing tools and describes simple approaches for fixing them in the most popular web-programming languages.

This Short Cut also helps you protect your live applications by describing how to monitor for and block attacks before your data is stolen.

Hacking is an increasingly criminal enterprise, and web applications are an attractive path to identity theft. If the applications you build, manage, or guard are a path to sensitive data, you must protect your applications and their users from this growing threat.

Subscriber Reviews

Average Rating: 3.5 out of 5 rating Based on 2 Ratings

"Attacks are under emphasized " - by RandomGuy on 02-NOV-2011
Reviewer Rating: 1 star rating2 star rating3 star rating4 star rating5 star rating
Attack vectors are key in validating the controls that are introduced as a result of these "defenses" not sure if the author doesn't know how as attack seemed to be glazed over with blanket statements like "fuzz inputs"
Report as Inappropriate

"SQL Injection Defenses" - by Anonymous on 27-SEP-2010
Reviewer Rating: 1 star rating2 star rating3 star rating4 star rating5 star rating
This a great introdutory paper
Report as Inappropriate


The publisher has provided additional content related to this title.


Visit the catalog page for SQL Injection Defenses

  • Catalog Page

Visit the errata page for SQL Injection Defenses

  • Errata