SQL Injection Resources

Security Innovation takes a unique approach to Education and offers foundational training to build core skills, and reinforcement assets to provide knowledge at the time of need.

SQL Injection - Damaging, but Preventable

SQL Injection is considered by security experts to be the number one attack today and has been on every popular “top ten” list for the past decade.  It is the root cause of many high-profile data breaches against data breaches for Global Payments, JetBlue, NASDAQ, Dow Jones, 7-Eleven and others.   Although it’s the most prevalent and damaging, it’s also very preventable.

Anti-SQL Injection Library & Training

Security Innovation and Ironbox co-created an Anti-SQL Injection Library (AntiSQLi) that developers can easily implement to prevent SQL Injection vulnerabilities. We also created a 10 minute course that provides an overview of SQL Injection and how to implement AntiSQL.

AntiSQLi Library

Developers: Joe Basirico, Security Innovation & Kevin Lam, IronBox

AntiSQLi allows developers to write parameterized queries in a single line using the String.format paradigm common form in programming. It is easy to implement, highly extensible and includes pre-written .NET classes for Microsoft SQL Server. It can be easily extended to support other database platforms.
Download | Dark Reading Article

Free eLearning course: Preventing SQL Injection & Implementing AntiSQLi Library

This free, 10-minute course examines the risks associated with SQL injection (SQLi) attacks and shows how to use the AntiSQLi Library to mitigate these attacks.
Take course

Other Resources

Below are some additional resources to help protect your applications and business against SQL injection attacks. 

Blog Articles

Security Innovation eLearning Courses (sample for free)

Other SQL Injection Resources: