SQL Injection 2.0: SQL Injection 2.0: Bigger, Badder, Faster…and More Dangerous Than Ever (Webinar)
Thursday, July 31, 2008 2:00 am
Singapore Standard Time (GMT +08:00, Philippines)
SQL Injection has existed as a very real – and documented – threat to enterprise security for years. While the concept is far from novel, the techniques, tools, and scope of SQL Injection attacks is growing exponentially – and at a rate that far outpaces traditional, time-consuming defense mechanisms such as code review. Need proof? A quick scan of the industry headlines produces a lengthy list of international SQL Injection victims, including the United Nations and UK Civil Service.
Join Amichai Shulman, CTO of Imperva and Director of the Application Defense Center (ADC), as he pulls back the covers on the next generation of SQL Injection attacks and provides directions on how you can protect your organization against these increasingly sophisticated and dangerous threats. Mr. Shulman will highlight how hackers are launching non-customized attack code via “botnets” and Google searches to distribute malware with lightning-fast speed and precision efficiency. This educational webinar will also feature live demonstrations of several different types of SQL Injection attacks. Specific topics that will be covered during the webinar include:
SQL Injection Cocktails
Mass SQL Injection Attacks and Google Hacking
SQL Injection Automation Tools
SQL Injection DoS Attacks
Lateral SQL Injection and other Database-Related SQL Injection Attacks
VTC and FileMaker invite you to avail of their promotional offer to get FREE 30 days unlimited access to allIT trainings available in the VTC library.
A regular VTC subscription will set you back around US$30 a month, or US$250 for a year. But you can get avail of a whole month of free access simply by entering the promo code “fmfr33trial” (case sensitive without the quotes).
The Philippine SQL Server Users Group (PHISSUG) will be holding their first chat for this year:
Forget SQL, Meet ORM
Date: June 7 2007, 08:00GMT
Target Audience: SQL Developers
Abstract: If you have been writing SQL via stored procedures all your life, this new approach could cost you your decades old investment. Are you ready to throw away your SPs and embrace ORM?
The chat will be based on threaded discussion format on the PHISSUG forum.
Alpha Five Version 8 is a Rapid Application Development tool that drastically cuts development time for your web database projects.
Deliver projects faster than you thought possible. Add the features you thought you wouldn’t have time for.
The key is the point-and-click component builders and security framework that automatically write code for you. Also includes the powerful Xbasic programming language and full featured report writer. Works with any SQL backend database. Applications can be transported across different backends thanks to Portable SQL.
Alpha Five is the winner of CRN Best Database Development Tool, PC Magazine Editors’ Choice, and ZDNet “Perfect 10″ rating.
Purchase your Microsoft SQL Server 2005 Enterprise and Standard Open Licenseby June 15, 2007 and to avail of a 15% discount and a PhP 25,000 Migration Package voucher from DBWizards.
For more information, please call the Microsoft Hotline at 632.672.7230 or e-mail: .
Brainbench offers some pretty interesting certifications this September for free.
FREE for September
Cisco Router Fundamentals
Computer Forensics (U.S.)
Computer Fundamentals (Win XP)
Computer Technical Support
English Vocabulary
Medical Transcription (U.S.)
Math Fundamentals
MS Office 2003 Fundamentals
MS Windows Server 2003 Administration
Network Security
Project Management (2005)
RDBMS Concepts
Pre-Release (Beta)
Pre-release (beta) exams are certification exams that are currently under development and getting testing feedback from beta test takers. You will be getting credit if you pass the exam just like taking the regular non-beta exam.
Following Microsoft’s recent initiative in releasing SQL Server 2005 Express, a free version of their SQL Server 2005 Server Family, Oracle also releases their first free version which they call Oracle 10g XE short for Express Edition. Just like Micorosoft SQL Server Express, Oracle’s 10g XE is free to develop, free to deploy and free to distribute.
Oracle Database 10g Express Edition (Oracle Database XE) is an entry-level, small-footprint database based on the Oracle Database 10g Release 2 code base. It is a great fit for developers working on PHP, Java, .NET, database, html, and open-source applications.
With Oracle Database XE, you can:
Gain practical, resume-building experience working with the world’s number one database
Get easy access to the Oracle Database on your machine for course work
Share your work with your colleagues, instructors, and classmates
Once you have installed Oracle Database XE, learn the latest tips, tricks, and techniques by registering for the free Oracle Database XE Discussion Forum, hosted by Oracle Database master Tom Kyte.
Microsoft delivered the first Community Technology Preview (CTP) of Service Pack 1 for SQL Server 2005, including the data mirroring technologies that missed last fall’s release of the big update to Microsoft’s flagship database product.
The CTP process is one that has been spreading like a virus across Microsoft in the past two years or so. The team that developed Visual Studio 2005 started the ball rolling, and the SQL Server group picked it up during the development of SQL Server 2005, which was released with much fanfare last November.
“The SQL Server team is introducing a new transparent customer collaboration model, which will extend the CTP process to service packs, re-engineer the development process for more predictability, and release isolated security updates,” a Microsoft spokeswoman said in an e-mail.
Meanwhile, Wednesday’s SP1 CTP includes data mirroring capabilities that weren’t ready in time for last fall’s delivery of SQL Server.
SP1 will also include SQL Server Management Studio Express, a scaled-down version of SQL Server’s Management Studio tool, as well as other feature fixes and adjustments, according Microsoft. Final release of SP1 is currently on track for April, the Microsoft spokeswoman said in an e-mail.
“The new CTP model is the first step SQL Server has taken to re-engineer its product release and service pack schedule and provide greater predictability and functionality to its customers” the Microsoft spokeswoman continued. In addition to extending CTPs to service packs, the new customer collaboration model will enable a separate release mechanism for security fixes.
This month, SQL Server Standard magazine takes an in-depth look at T-SQL in SQL Server 2005 with two examinations of the CLR architecture in 2005 and why this is a good enhancement. Also examined is the OUTPUT clause and how it aids in auditing, larger data type support, NULLS, and the performance of the PIVOT operator.
SQL Server Standard is a technical journal for the SQLServerCentral.com and PASS communities.
This is the March/April 2006 Issue containing 36 pages.
If you’ve been looking forward to taking the New Generation of Microsoft Certification Exams, your wait is over. The following seven exams are now available at both Prometric and VUE testing centers.
These documents provide a detailed discussion describing how the Enterprise Application Services group in Microsoft IT used the new features in SQL Server 2005 to dramatically increase the availability of SAP R/3 at Microsoft.
PASS is the definitive, global community for SQL Server professionals. It is the first independent, user-run, not-for-profit association committed to providing SQL Server professionals around the world with the resources and knowledge necessary to achieve unparalleled business results.
Co-founded by Microsoft, and Computer Associates, supported by our Charter Vendors, PASS’ mission is to provide our members with a forum for education, facilitate networking, and influence the direction of SQL Server and related products and services.
PHISSUG is also a member organization of Culminis for Asia Pacific.
Culminis is an international not-for- profit organization representing the culmination of ideas, aspirations, and needs of IT Professionals. By building a partnership between IT Pros and information technology solution providers, Culminis strives to improve the skills, abilities and knowledge of our members along with the technologies they depend on.
PHISSUG continues to provide its members with more benefits in terms of access to training and educational materials, software access, networking and forums that comes with the affiliation with PASS, Culminis and MSNERDS.
The Philippine SQL Server Users Group (PHISSUG) is a non-profit Filipino association of SQL Server enthusiasts with the goal of providing the Filipino community quality professionals in the field of databases.
In behalf of Philippine SQL Server Users Group (PHISSUG),we would like to take this opportunity to invite everybody to join us in our first General Assembly which will be held 7:00PM today, Monday, February 20, 2006 at McDonalds AIM/Greenbelt, Paseo de Roxas, Makati City.
We would like to apologize for the short notice.
To those who would like to join, please send your confirmation to membership [at] ph-ssug.net though there are only 30-40 slots available.
SQL Server 2005 is Microsoft’s next-generation data management and analysis software that will deliver increased scalability, availability, and security to enterprise data and analytical applications while making them easier to create, deploy, and manage. In these labs, you will get to experience many of the new features in SQL Server 2005 including XML support and deep business intelligence integration.
It’s simple—no complex setup or installation is required to try out Microsoft SQL Server 2005. You get a downloadable manual in Adobe PDF format and a 90-minute block of time for each module. You can sign up for additional 90-minute blocks anytime. (more…)
This weeks’ online chat session will cover the last part of the 3-part chat session on SQL Query Optimization.
Topic : Query Optimization (Part III)
Mood : Moderated
Moderator(s) : bobbit_angeles
Time : February 16 2006, 10:00AM (GMT +8)
Duration : 60 minutes
Who This Chat Is For? : Any SQL SERVER / database enthusiast with basic knowledge on the topics below.
How To Join? : Download MIRC. Details on the irc server and room will be posted at the PHISSUG forums.Query Optimization (Part III)
