SQL injection techniques are an increasingly becoming a dangerous threat to the security of information stored upon any Oracle database. Oracle is a huge product and SQL injection can be applied to many of its modules, languages and APIs making oracle database likely to be susceptible to SQL injection attacks.

SQL injection attacks can be easily defeated with simple programming changes, however, developers must always ensure to be discipline enough to apply some important methods to every web accessible procedure and function.

Every dynamic SQL statement must be protected because a single unprotected SQL statement can result in compromising of the application, data or database server. Some of this important methods are:

Bind Variables

The most powerful and advisable protection …

Read More →