SQL injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution. SQL Injection attacks are typically the result of misplaced trust in the data inputs to a system. In this video, Todd Miranda demonstrates a simple SQL Injection attack and how to prevent it.

Presented by Todd Miranda on December 18, 2007
Length: 22 minutes 51 seconds

If you've installed Silverlight, click the Play button in the video player at left.

Video Downloads
WMV (Zip) | WMV | iPod | MP4 | 3GP | Zune | PSP

Audio Downloads
AAC | WMA | MP2 | MP3 | MP4

Code Downloads
Visual Basic | Visual C#