Databases are fantastic – providing a standardised interface for creating, updating, reading and deleting data from a backend system. They can be optimised to efficiently service your applications data storage and retrieval requirements, allowing it to scale effortlessly… and, via common pitfalls in their use, they can give a hacker access to all your data too.
When paired with a public web interface, it becomes critical to ensure that any data access or modification is strictly controlled. When attackers are able to bypass installed access controls and exploit common pitfalls in web application implementations, they can often gain the “keys to the kingdom” – the ability to modify, create or delete any or all of an organisation’s data, at will.
We will explore how such common OWASP Top 10 vulnerabilities arise, looking at SQL and NoSQL injection attacks and exploits, and importantly at how to avoid them, sparing no detail whilst being accessible also at a non-technical level.
Overview:
• The basics of SQL injection
• Advanced exploitation
• NoSQL vulnerabilities and exploitation
• How to avoid these vulnerabilities
Benefit to the delegate:
• Unlimited delegates per organisation, therefore a FREE 1-hour training session for all personnel
• An appreciation of the exploitation potential of SQL and NoSQL
• An understanding of how to avoid these vulnerabilities
Sign-up to your preferred time slot below:
11am: https://zoom.us/webinar/register/9616104721947/WN_ZEogLvRCTLqSlSsPU5O3Ng
3pm: https://zoom.us/webinar/register/2716104722336/WN_58hkb9cjSuyFSqzyZJCmAw
If you require any additional information please get in contact with us: info@localhost
No software to download or install.
Contact us or call us 0113 887 8380
AppCheck is a software security vendor based in the UK, offering a leading security scanning platform that automates the discovery of security flaws within organisations websites, applications, network and cloud infrastructure. AppCheck are authorized by te Common Vulnerabilities and Exposures (CVE) Program aas a CVE Numbering Authority (CNA)