Immortalized by “Little Bobby Drop Tables” in XKCD 327, SQL injection (SQLi) was first discovered in 1998, yet continues to plague web applications across the internet. Even the OWASP Top Ten lists ...

Don Boxley, CEO and Founder of DH2i, spent some time with me recently to discuss his company and DxConsole and DxTransfer. The company's goal is addressing the product limitations of Microsoft's SQL ...

I have written an application that takes in a fixed-width file (thanks in no small part to advice I recieved in a seperate thread) and then dissasembles each line, runs a fairly meaty SQL SELECT query ...

There has been a lot of interest lately in NoSQL databases and, of course, many of us have strong backgrounds and experience in traditional relational "SQL" databases. For application developers this ...

I've said it before and I'll say it again: If you want to speed up your application, don't look at your code, look at your data access. The two slowest things you can do in application development are ...

The Honeynet Project, a non-profit organization that develops open-source security research tools, has created a component for the Glastopf Web application honeypot software that can emulate ...

Security researchers have developed a generic technique for SQL injection that bypasses multiple web application firewalls (WAFs). At the core of the issue was WAF vendors failing to add support for ...

For more than a decade, injection vulnerabilities have literally topped the charts of critically dangerous software flaws, deemed more serious than all other types of vulnerabilities in the 2010, 2013 ...

These days SQL injection vulnerabilities may seem like a dime a dozen, but creative penetration testers and attackers continue to come up with new ways to take advantage of this vulnerability class ...

One of the critical decisions facing companies embarking on big data projects is which database to use, and often that decision swings between SQL and NoSQL. SQL has the impressive track record, the ...