GitHub

writing-secure-dynamic-sql-in-sql-server.md

SQL Injection is the process by which a malicious user enters Transact-SQL statements instead of valid input. If the input is passed directly to the server without being validated and if the ...
Visual Studio Magazine

Dynamic Data Access with Plain Old SQL and SqlQuery

You don't have to give up using dynamic SQL just because you're using Entity Framework. The Entity Framework SqlQuery method will give you back the flexibility of dynamic SQL and still let you work ...
Visual Studio Magazine

SQL Server 2022: Ledger, DDM and T-SQL Enhancements

Data developers are still learning about all the new goodies that arrived with SQL Server 2022, which is chock full of new features and enhancements such as ledger for blockchain security. Microsoft ...
ZDNet

Developers at fault? SQL Injection attacks lead to wide-spread compromise of IIS servers

There's been a lot of noise and violent thrashing over the last couple days regarding a flaw that was originally believed to be a flaw in Microsoft's IIS (Internet Information Server), but has since ...
Microsoft

The year ahead for SQL Server: Ground to cloud to fabric

In November 2024, we announced the next major release of SQL Server: SQL Server 2025. SQL Server 2025, now in private preview, includes capabilities to build AI applications including vector and AI ...