Injection attacks -- Knowledge and prevention

SQL injection is recognized as a major threat to application security, but what about other injection attacks? SPI Dynamics' Caleb Sima dissects these exploits and offers straightforward prevention techniques in this podcast.

Caleb Sima
Caleb Sima, CTO, SPI Dynamics

SQL injection is widely recognized as one of the biggest threats to application security, but there isn't nearly as much concern over other injection attacks. LDAP injection, XPath injection and similar exploits are just as damaging and receive a fraction of the attention.

In this podcast, expert Caleb Sima, co-founder and CTO of SPI Dynamics Inc. and director of SPI Labs, discusses the various injection attacks, including cross-site scripting (XSS), and recommends tools to help secure your applications. Additionally, Caleb offers straightforward prevention techniques -- including one that prevents about 80% of all injection attacks.

The podcast may be downloaded here:
Injection attacks -- Knowledge and prevention

(To listen to the podcast now, left click on the link. To download it and save it for later, right click on it.)

A glossary of common injection attacks:

These tips and articles offer more information on this topic:

This was first published in October 2006

Dig deeper on Software Requirements Gathering Techniques



Enjoy the benefits of Pro+ membership, learn more and join.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:


This Content Component encountered an error