You are here: silicon.com > Resources > White Papers > Security > Security Administration > Security Management

Security Management White Papers

Eliminate SQL Injection Attacks Painlessly With LINQ

Overview As developers assume more of the security burden, the first web application vulnerability that many developers learn about is a particularly dangerous form of command injection known as SQL injection. Because it's so well-known, SQL injection attacks are common, dangerous, and pervasive. Fortunately, developers can prevent SQL injection easily once they understand the problem. Even better, a new Microsoft data access technology offers .NET developers the opportunity to eliminate SQL injection vulnerabilities altogether - when used properly. That technology is called Language INtegrated Query (LINQ), and it will ship in the upcoming release of Visual Studio "Orcas" and .NET Framework 3.5. This paper explores LINQ's potential for hardening the web application's data access code so that it's impossible to attack through SQL Injection.

Further White Paper Details
Publisher	Jupitermedia	File Format	HTML
Date Published	May 2007	Downloads	3
Format	White Papers
Topics	Security Management, .NET, Application Development

Did you find this white paper useful? 3 out of 5 users found this white paper useful

Take a holistic approach to business-driven security

Publisher:
IBM

Balancing Security Against Productivity

Publisher:
Novell

Novell Zenworks Endpoint Security Management: Total Control from a Single Console

Publisher:
Novell

Secure Desktop On-Demand Webcast

Publisher:
Novell

Web application security: automated scanning versus manual penetration testing

Publisher:
IBM

The .NET gamble: Microsoft's major offensive explained

Microsoft has just launched the beta version of Visual Studio.NET, the development tools it hopes will get people writing apps in the .NET environment. It basically has all the advantages of Java, without insisting you have to re-write everything...

Channel:
Comment & Analysis

Three security threats you'll never have heard of

Security expert Wray said although most companies are aware of viruses, worms, Trojans and Denial of Service (DOS) attacks, many IT departments have never heard of such threats as input validation attacks, SQL injection or reverse channel Trojans.

Channel:
Security Strategy

Slammer time - SQL worm brings net to its knees over weekend

This will prevent external attacks from exploiting the vulnerability. SQL Slammer's code instructs the Microsoft SQL Server to go into an endless loop, continually sending out data to other computers, in effect performing a denial of service attack...

Channel:
Security Strategy

Hackers preying on patching headache

A technique known as SQL injection is also a problem that leaves many companies exposed, according to dryice - who also now works in the IT industry. Gone are the days where you could just compile some readily available source and just give it an...

Microsoft game for plugging two security flaws

The two flaws are ranked as "moderate," the software giant's second-lowest grade for security vulnerabilities. The two software updates bring the total number of bulletins issued by Microsoft to 17 in 2004, though the actual number of...

Channel:
Security Strategy

Facebook under attack: The spam and phishing threat

Kelly also said Facebook had come under attempted cross-site scripting (CSS) and SQL injection attacks, but that the security layer in Facebook's system was successful in intervening and notifying Kelly's security team of such attempts.

Live Webcast: Telecoms 2.0 - Where is telecoms heading?

In this webcast, our panel of experts will review where we are with next generation telecoms in the UK, working through the concept of 'Telecoms 2.0': - Realising the potential of Next Generation Networks - why it isn't just about the technology? - What attributes should firms be looking for in their telco partner? - Is the relationship between telco provider and customer changing? - What things need to happen to make next generation services a reality? - You say you want the supplier to change. Do you want to change too? - What is Telecoms 2.0?

Publisher:
ZDNet UK

Telecom 2.0: Mind over matter

ntl:Telewest Business believes that the role of the telco is evolving. Gone are the days when it was enough to simply focus on circuits and minutes, customers now need a far higher degree of interaction and look for suppliers who will talk business solutions with them.

Publisher:
ntl:Telewest Business

IBM Information Server Change Data Capture

In today's fast-paced world, access to real-time data has never been more important. To be successful, organizations need to be able to report and analyze corporate data quickly and easily, regardless of what applications created the data, what platform they're running on, or what database they're stored in.

Publisher:
IBM

An examination of server consolidation: the trends that can drive efficiencies and help businesses gain a competitive edge

This white paper provides a starting point for organizations contemplating server consolidation. It includes an overview of server consolidation concepts and techniques and provides guidance on methodologies. It also looks at the potential cost savings associated with server consolidation and offers information on how organizations can sustain the advantage they have gained by consolidating their servers.

Publisher:
IBM

Also on silicon.com

Site Navigation:

Security Management White Papers

Eliminate SQL Injection Attacks Painlessly With LINQ

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific