Stumbleupon

Data theft has become so common that the price of a stolen credit card number in the black market has fallen from $10 in 2006 to a few pennies in 2009. Consumers are losing confdence in ecommerce, online banking and other electronic means of doing business. Meanwhile, attackers are devising even more clever ways to steal data and increasing numbers of companies are falling prey to those techniques. Legal and compliance requirements are getting stricter to protect the consumer, but still new incidents are on the rise in 2009. In a recent Verizon Business Data Breach Investigations Report, studying over 600 incidents in the past fve years, SQL Injection was identifed as the single largest attack vector responsible for data theft. Following are 10 steps that both developers and database administrators can take to prevent applications from being vulnerable to SQL injection attacks.