- Product
Product Overview
Sophisticated security with unmatched simplicityCloud SIEM
Pre-configured detections across your environmentHoneypots
Deception technology to detect lateral movementEndpoint Visibility
Real-time monitoring with added detection & responseSecurity Reports
Data visualizations, compliance reports, and executive summariesAutomated Response
Detect, prioritize, and neutralize threats around the clockIntegrations
Cloud, on-prem, and open API connectionsXDR Platform
A complete view to identify risk, and things operational
- Pricing
- Why Blumira
Why Blumira
The Security Operations platform IT teams loveWatch A Demo
See Blumira in action and how it builds operational resilienceUse Cases
A unified security solution for every challengePricing
Unlimited data and predictable pricing structureCompany
Our human-centered approach to cybersecurityCompare Blumira
Find out how Blumira stacks up to similar security toolsIntegrations
Cloud, on-prem, and open API connectionsCustomer Stories
Learn how others like you found success with Blumira
- Solutions
- Partners
- Resources
SQL Injection (SQLi)
An SQL injection (SQLi) is a computer attack in which malicious code is embedded in a poorly-designed application and then passed to the backend database. The malicious data then produces database query results or actions that should never have been executed.
Example:
An application running a bank’s operations contains menus that may be used to search for customer details using data points such as the customer’s Social Security number. In the background the application calls an SQL query that runs in the database by passing the entered search values as follows:
SELECT client_name, telephone, address, date_of_birth WHERE social_sec_no=23425
In this sample script, the user enters the 23425 value in the application menu window, requesting the user to enter the Social Security number. Then, using the value provided by the user, an SQL query runs in the database.
A user with SQL knowledge may understand the application and, instead of entering a single value when asked for the Social Security number, enter the string “23425 or 1=1,” which is passed to the database as follows:
SELECT client_name, telephone, address, date_of_birth WHERE social_sec_no=23425 or 1=1
The WHERE clause is important because it introduces vulnerability. In a database, the condition 1=1 is always true, and because the query has been specified to return client Social Security number details (23425) or WHERE 1=1, the query will return all rows in the table, which was not the original intention.
The above SQL injection attack example is simple, but it shows how exploiting a vulnerability to trick the application into running a backend database query or command.
SQL injection attacks can be mitigated by ensuring proper application design, especially in modules that require user input to run database queries or commands. In the above example, the application could be changed so that it accepts one numeric value only.