I now realise that I last posted on the topic of a forthcoming book in October last year. Well, the book has now gone to production and should be hitting the shelves in May of 2009. For those of you who haven't been denial-of-serviced with my LinkedIn status updates on the progress of the book, its called "SQL Injection Attacks and Defense", from Syngress.
I'm very happy with the great team of folks I managed to pull together for the book. The author list is as follows (in alphabetical order):
- Justin Clarke - i.e. me
- Dave Hartley - author of Bobcat
- Joe Hemler - colleague and fellow contributing author to Network Security Tools
- Alexander Kornbrust - CEO of Red Database Security and Oracle security guru with hundreds of Oracle bugs to his name
- Rodrigo Marcos - author of TAOF
- Haroon Meer - Technical Director at Sensepost, and well known speaker and researcher
- Gary Oleary-Steele - author of Automagic SQL Injector
- Alberto Revelli - author of sqlninja
- Marco Slaviero - primary author of Squeeza
- Dafydd Stuttard - AKA Portswigger, author of Burp Suite and the Web Application Hackers Handbook
Hopefully we'll be able to see the proofs in the next couple of weeks, and see what the production folks have done with the 520-odd pages of code-heavy goodness we sent them :-)
Found this useful? Then Digg It.
Comments (1)
hello,
we have suffered from SQL injection attack. we found a software solution, called dotdefender. they say it gives protection against SQL injection atttacks but they cant give a 100% guaranty it wont happen. we installed it for 30 day trial, to check it , but are still checking other solutions.
Posted by John sreeder | March 1, 2009 6:27 AM
Posted on March 1, 2009 06:27