Welcome to the SQL Injection Hall-of-Shame

In this day and age it’s ridiculous how frequently large organizations are falling prey to SQL Injection (SQLi) which is almost totally preventable as I’ve tell people all the time as part of my day job at Parasoft and written previously.

Note that this is a work in progress. If I’ve missed something you’re aware of please let me know in the comments at the bottom of the page or on Twitter.

Don’t let this happen to you! For some simple tips see the OWASP SQL Injection Prevention Cheat Sheet. For more security info check out the security resources page and the book SQL Injection Attacks and Defense or Basics of SQL injection Analysis, Detection and Prevention: Web Security for more info.