Date: Aug 12th, 2021
Time: 11:00am or 3pm
Databases are fantastic – providing a standardised interface for creating, updating, reading and deleting data from a backend system. They can be optimised to efficiently service your applications data storage and retrieval requirements, allowing it to scale effortlessly… and, via common pitfalls in their use, they can give a hacker access to all your data too.
When paired with a public web interface, it becomes critical to ensure that any data access or modification is strictly controlled. When attackers are able to bypass installed access controls and exploit common pitfalls in web application implementations, they can often gain the “keys to the kingdom” – the ability to modify, create or delete any or all of an organisation’s data, at will.
We will explore how such common OWASP Top 10 vulnerabilities arise, looking at SQL and NoSQL injection attacks and exploits, and importantly at how to avoid them, sparing no detail whilst being accessible also at a non-technical level.
• The basics of SQL injection
• Advanced exploitation
• NoSQL vulnerabilities and exploitation
• How to avoid these vulnerabilities
No software to download or install.
Contact us or call us 0113 887 8380