In the last project I worked on, an SQL injection vulnerability was deployed in production. Our cybersecurity team discovered that, in a specific field of the body of a REST post method, it was possible to insert, without any countermeasures applied, the dreadful SQL escape character “ ‘ “.
What does that mean? Well, it means that any kind of query could be run exploiting that unsupervised passage—even a drop schema.
The first public discussions regarding SQL injection started around 1998. So, it is not a newly discovered vulnerability. Still, some of the developers working in our team were not aware of it. This is one of the reasons why staying updated about cybersecurity breakthroughs is a fundamental aspect of working in IT.
In this article, I’ll provide a list of best practices that you should follow if you want to stay updated and secure.
Hack an existing system
Yes, I’m really suggesting that. However, let’s add the word ‘ethical’ before ‘hacking’. Ethical hacking is the authorized process of hacking vulnerable systems with the aim of raising awareness about security gaps in a particular system. Ethical hacking is also called “white hat” hacking.
What can be better than putting yourself in the position of your enemy to see what measures are being used by others to keep hackers out? This is what ethical hacking helps you achieve. This process will bring you to a whole new level of knowledge. Learning about the latest tools and skills for exploiting systems is a positive consequence.
Practical experience with hacking into other devices teaches you more than theoretical learning. That’s why you’ll see that many of the highest-paid and most-skillful security experts have been hackers in the past. In this field, having knowledge but not hands-on practice is somewhere useless.
Fix existing security issues
Having active experience in fixing security leaks is obviously a step in the right direction. Even if the system you are working on is already pretty robust and secure, you can always try to enhance its security. After all, as Gene Spafford said: “The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete bunker, and is surrounded by nerve gas and very highly paid armed guards. Even then, I wouldn’t stake my life on it.”
You can use tools like Sonarqube that do static code analysis and start fixing issues reported by the tool. It’s very easy and proficient because it does not involve actively searching for security fallouts.
In the example given in the introduction, if one of these tools had been used, the SQL injection would not have deployed in production, and the developer would have learned what an SQL injection is.