CCSK

Expand all | Collapse all

SQL Injection

Jump to Best Answer
  • 1.  SQL Injection

    Posted 24 days ago

    Hello!

    In module 5 unit 5 of the CCSK training they mentioned SQL injection as a reason to use a NoSQL database. I was wondering, what exactly is SQL injection? Also, are there any other reasons to not use an SQL database? Alternatively, are there any preventative measures to protect against SQL injection?

    Thanks :)



    ------------------------------
    Jenna Morrison
    Training Department Intern
    Cloud Security Alliance
    ------------------------------


  • 2.  RE: SQL Injection
    Best Answer

    CSA Instructor
    Posted 23 days ago
    Edited by Jenna Morrison 19 days ago
    The Owasp Top 10 project has an Injection section (link: https://owasp.org/www-project-top-ten/ ), which explains what injection attacks are and how to protect against them. SQL injections typically target web applications using SQL databases.

    NoSQL databases tend to be used in distributed big data environments (where standard SQL databases are not efficient). NoSQL databases are not impacted by standard SQL injection attacks, but they can be vulnerable to other types of injections.


    ------------------------------
    Guillaume Boutisseau
    CCSK Authorized Instructor , CCSP
    ------------------------------



  • 3.  RE: SQL Injection

    Posted 20 days ago
    Interesting! Thanks for the clarification!

    ------------------------------
    Jenna Morrison
    Training Department Intern
    Cloud Security Alliance
    ------------------------------