SQL Injection & Prevention | Web Security

featured image

SQL stands for Structured Query Language. To understand what SQL Injection is, it is important to understand how information on the web is stored. A database is used to store data such that it is easy to access and manage data efficiently. There are two kinds of databases – Relational and Non-Relational. Relational database stores data in the form of rows and columns while non-relational database store data mainly in four fashions – Key-value, Graph, Column, and Document.

Continue reading “SQL Injection & Prevention | Web Security”

XSS Attacks (Cross-Site Scripting) | Web Security

XSS, an acronym derived from Cross ‘X’ Site Scripting, refers to the injection of malicious scripts into a legitimate website or web application. It is similar to other web attacks such as SQL injection, however, it is more devastating since an XSS attack does not target the application concerned rather it puts the users of the application at risk.

Continue reading “XSS Attacks (Cross-Site Scripting) | Web Security”