NYOUG: Spring Meetup – April 27, 2017
PRESENTER: Arup Nanda
PRESENTATION: Preventing SQL and PLSQL Injection
Security is no longer a nice to have, it’s a requirement thanks to many regulations and mandates worldwide.
You have heard about SQL Injection attacks; but what about PL/SQL Injection? It’s more common than you may think. In this session you will learn about defensive coding to prevent PL/SQL injection attacks using techniques such as NLS parameters, assertion testing, literal pollution and much more. At the end your code will be much less susceptible to PL/SQL Injection attacks.
Arup Nanda has been an Oracle DBA for over 20 years with experience spanning all aspects from Modeling to performance tuning and Exadata. He speaks frequently, has authored about 300 articles, co-authored 5 books, blogs at arup.blogspot.com and mentors new and seasoned DBAs. He won Oracle’s DBA of the Year in 2003, Enterprise Architect of the Year in 2012, is an ACE Director and a member of Oak Table Network.