What is a SQL injection?

A sql injection put simply is when someone injects their own code or information into your site or apps database. The way this happens is usually due to a vulnerable piece of code that didn’t put in security measures around the interaction allowed with the database.

What is a database?

A database stores everything you write, all your images, everything. Personal information including usernames, and any personally identifying information is stored there.

How do I know if my site can be hacked with a sql injection?

If you aren’t a developer and don’t know how to read code, the short answer is you don’t know. Many developers tell you everything is secure, when it certainly most isn’t. 3rd party companies like ourselves are able to check the security of your site for you and coordinate with the developers to make it more secure.

Do sql injections cause bad publicity or put companies out of business?

Yes, they do. Whenever you hear a company has been breached and the database has been compromised, that most likely was a sql injection. While there are other ways to get into the database, a persistent xss, a sql injection is very common and quite often the culprit.