So-called SQL injection (SQLi) attacks can be used to delete, modify or retrieve information from the database, and even execute commands on the underlying operating system. Discover how to prevent SQLi on your network.

Structured Query Language (SQL) is the standard method of accessing data in most databases. SQL queries are generated by the website, passed to the database and executed to retrieve or modify the information that it holds.
However, if user input is not appropriately validated, it may be possible for an attacker to ‘inject’ raw SQL statements as part of a malicious input, and for these to be executed by the database.
So-called SQL injection (SQLi) attacks can be used to delete, modify or retrieve information from the database, and even execute commands on the underlying operating system. The most common SQLi attacks result in an attacker gaining access to and ‘dumping’ large amounts of data in the database that they should not have been able to access...