Death of SQL Injection, long live SQL Injection

I very rarely hear people talking about SQL injection anymore. Just a few years ago, it was a very common problem that all developers needed to understand, in and out. My guess is, the prevalence of database abstraction layers in all languages have helped remove this problem from most developers minds. Hibernate, ActiveRecord, Zend_DB, and all the other frameworks in nearly every language are used much more than hand-written queries. The death of SQL injection. »

Simple Security Tips

In many startups, the developer of an application is also in charge of managing the server. Since resources are thin, this is how it has to be. Developers don’t always make the best decisions when it comes to managing security concerns on servers though. Here a few tips to you developers in charge of managing servers. Believe me, if you’re successful, you will regret not having followed security best practicies from the beginning. »