Oracle Database Security For Developers

The last blog post of Jeff Smith (18.1 Features: SQL Injection Detection) about little, but nice feature of SQL Developer detecting if your PL/SQL code might be vulnerable for SQL Injection, reminded me about the presentation I’ve delivered during Oracle Tutorials at CERN in 2013.

After all those years, SQL Injection is still one of the biggest security threat for your data, so even after 5 years, the content of this presentation is still valid. In fact, general type of Injection attacks, were still on top of OWASP Top 10 Application Security Risks in 2017.

So, please have a look into the presentation here: Oracle Database Security For Developers. There are some examples of different types of SQL Injection attacks (starting from slide 31, but the most interesting example of SQL Injection without providing any inputs can be checked on slide 47). Apart from that, one can also find introductory information about Oracle Security model in general, which should be helpful not only for developers planning to write tons of PL/SQL code on a daily basis. Enjoy!

Advertisements

2 thoughts on “Oracle Database Security For Developers”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s