SQL Injection isn't special code. It consists of regular, valid T-SQL that is unexpected by the application. Steve Jones notes that using the principle of least privilege can help to limit the damage from SQL Injection if the application fails to properly check input.
2015-12-28 (first published: 2011-04-12)
597 reads
Steve Jones talks about the possibility of SQL Injection, or other security issues from malformed input, affecting our lives in new and annoying ways.
2011-04-11
579 reads
Quite a few utility companies and energy producers have ha data breeches in the last year, yet most of them don't have good tools to detect the intrusions or the support of executive management. Steve Jones talks about this being a problem in many companies.
2011-04-11
91 reads
This Friday Steve Jones asks what you would like to see in Standard Edition. Is there one feature that would make a big difference to you?
2011-04-08
123 reads
If the future of out IT works involves more ad hoc, swarming project teams, are you prepared? Steve Jones talks about social networking being something you might consider as a way to build some skills to work with others in a less formal way.
2011-04-07
102 reads
We never know enough ourselves to be sure that we have completely thought through all the scenarios or holes in our logic. This is why it makes sense for us to have a group that spends time looking for problems.
2011-04-06
192 reads
Today Steve Jones asks for your ideas on Microsoft's Connect. It's a good way to submit bugs and suggestions, but it seems to suffer from a scale problem. What do you think would help?
2011-04-05
154 reads
What value can you place on data? It can be hard to determine, especially when so many sites on the Internet want data to be free. However the New York Times is going to a subscription model, with the idea that there is some value to their data and people will pay for it.
2011-04-04
101 reads
Any DBA who has been bitten by these subtle data integrity issues, or reports that erratically produce the wrong results, will know how much careful testing is involved in mitigating them.
2011-04-04
269 reads
Today Steve Jones talks about changes that are coming to SQLServerCentral.
2011-04-01
195 reads
By Steve Jones
I hosted this month, but I decided to put my own entry in as...
By Chris Yates
I get asked a lot about why or how I began working with databases...
By Steve Jones
Earlier this year I visited a customer that was using the Redgate Monitor webhook...
Comments posted to this topic are about the item Implementing PostgreSQL with Python for...
Comments posted to this topic are about the item Identify a Slipstream Installation
Comments posted to this topic are about the item Internal Staff Growth, which is...
I get a new SQL Server instance from my build team. How can I tell if the instance was installed using a slipstream installation later?
See possible answers