On March 1, Partners Information Security & Privacy Office is offering a free introductory course on Structured Query Language Injection (SQLi). SQLi can be used by cyber attackers to penetrate any vulnerable SQL based database by inserting a command into a standard end-user entry field. When the command executes, it can spoof an individual’s identity, void transactions, tamper with existing data, disclose all data on the system, destroy data, or even make it otherwise unavailable, etc. To learn more about SQLi and how to avoid it, join us for a 90-minute, interactive WebEx training.
This training covers the following areas:
- Basic definition of SQL Injection and history of the flaws origin
- Types of SQL Injection
- Discussion of exploitation of the flaw and the impact
- OWASP DVWA screen shots utilized for demonstration and visual aid.
- Detection and Remediation options
- C# and Java Used for Code Examples
The session is from 1:30PM- 3:00PM. To sign up, please contact AFAIRHALL@PARTNERS.ORG. For more information about course offerings, contact CISPO@partners.org or visit https://pulse.partners.org/hub/departments/ispo/our_services