PL/SQL Secure Coding

Track

Development and Tools

Date and time

Friday, 18. October 2019., 15:25

Room

Hall A

Duration

45'

This is a 45 minute session that is an expansion to “Holistic Database Security” presentation that will help you secure your high performance code from sql injection attacks.We will examines common errors in pl/sql that leads to sql injection attacks. This session will define the sql injection attack vector and various ways to write code that is immune to sql injection and improve the performance of your code.-We will be covering a code architecture that separate data from code that also helps trace bottlenecks.-We will be covering Oracle PL/SQL 12C features that limit access paths to data thereby implementing part of the trusted path.-We will be covering other PL/SQL features from before 12C that help to ensure your pl/sql does what you expect it to do.- We will covering how to handle errors in your code. One of the first thing an attacker will try to generate is error messages to learn about your system. These error messages can tell the attacker what database and version you are running, and is their sql injection attack properly constructed.

Lecture details

Type: Lecture
Level of difficulty: Detailed
Experience Level: Experienced
Desirable listeners function: Developers
Group of activity: Development and Tools

About speaker

The Best Sponsor

Better Sponsor

Educational Sponsor

Media Sponsor

HrOUG.hr

The conference is organized by the Croatian Association of Oracle users. More about the association can be found at Hroug.hr.

Follow us on Twitter

Keep yourself up to date with all updates!

Follow us on Facebook