Structured Query Language, or SQL, is a method of managing relational databases that was first conceived of in the 1970s. SEE: A winning strategy for cybersecurity (ZDNet/TechRepublic special feature) | Download the PDF version (TechRepublic) What are SQL injection attacks? This article is also available as a download, SQL injection attacks: A cheat sheet for business pros (free PDF). It's essential that not only IT security professionals, but also the decision makers they protect, understand the risk of this security threat. SQL databases store critical information, and despite that fact, many websites remain vulnerable to SQLi attacks, like those that target SQL, which remain the most critical web app security risk. One of the most common methods of stealing sensitive data is SQL injection (SQLi), which targets security vulnerabilities in web applications in order to inject a malicious SQL statement into the database that stores the web app's records. A moment more, and that data is available for sale to the highest bidder. In a single moment, a company's private data, customer records, employee IDs, and myriad other types of confidential data can be lifted from internal servers.
Few things terrify IT security professionals-and the organizations they protect-as much as data theft.