Sometimes using dynamic SQL is the only way to write a query that accomplishes what you need. But did you know that dynamic SQL statements can leave you vulnerable to SQL injection attacks?
In this session we'll examine how SQL injection works and how we can write injection-proof queries through a series of examples and demos. We'll also look at why some commonly used techniques aren't as secure as many people think.
If you ever write or maintain dynamic SQL queries, or work with developers who do, then this session is for you. After all, do you really want to be the person responsible for allowing hackers into your database?
Speaker: Bert Wagner
Bert is a business intelligence developer from Cleveland, Ohio. He loves writing queries that run fast and enjoys helping others learn to be self-sufficient SQL problem solvers.