Dynamic SQL pp 31-60 | Cite as

Protecting Against SQL Injection

  • Edward Pollack


There are few SQL vulnerabilities as commonly exploited as SQL injection. This form of database attack has destroyed companies, ruined careers, and is a constant challenge for security officers. As database professionals, data is our greatest asset, and it is our responsibility to guard it above all else. SQL injection is not limited only to dynamic SQL, but is a technique that can be applied to many areas of SQL Server. Therefore, understanding and defending against it are among the most important priorities when considering SQL Server security.

Copyright information

© Edward Pollack 2019

Authors and Affiliations

  • Edward Pollack
    • 1
  1. 1.AlbanyUSA

Personalised recommendations