The Owasp Top 10 project has an Injection section (link:
https://owasp.org/www-project-top-ten/ ), which explains what injection attacks are and how to protect against them. SQL injections typically target web applications using SQL databases.
NoSQL databases tend to be used in distributed big data environments (where standard SQL databases are not efficient). NoSQL databases are not impacted by standard SQL injection attacks, but they can be vulnerable to other types of injections.
------------------------------
Guillaume Boutisseau
CCSK Authorized Instructor , CCSP
------------------------------
Original Message:
Sent: Feb 04, 2021 02:18:13 PM
From: Jenna Morrison
Subject: SQL Injection
Hello!
In module 5 unit 5 of the CCSK training they mentioned SQL injection as a reason to use a NoSQL database. I was wondering, what exactly is SQL injection? Also, are there any other reasons to not use an SQL database? Alternatively, are there any preventative measures to protect against SQL injection?
Thanks :)
------------------------------
Jenna Morrison
Training Department Intern
Cloud Security Alliance
------------------------------