SQL Injection — All Your Data Are Ours

Relational databases store information in tables — with columns that are analogous to elements in a data structure and rows which are one instance of that data structure. The SQL language is used to interact with that database information.

SQL injection refers to programming laziness when dealing with processing SQL allows clever attackers to manipulate HTML forms to “poison” SQL to subvert security measures and open up all your data to their scrutiny. There are few circumstances more terrifying than discovering your precious intellectual property, customer information including credit card details, and more are being perused by your competition or being sold on the dark web.

Herein we cover the basics of SQL injection, a huge topic with decades of background, to provide the first steps in understanding the importance of properly handling your SQL, the techniques used by your adversaries (even if you didn’t realize you had adversaries), and starting points to armoring your database.

The SQL injection attack works on “poisoning” dynamic SQL statements to cause a behavior other than what the programmers intended. A “dynamic statement” is one that’s generated at run-time using parameters passed in from a web form or URI query string.



Continue Reading

SQL — Structured Query Language — Hub

SQL (Structured Query Language) — pronounced “sequel” or “ess queue ell” — is a computer programming language tailored to interacting with data stored in relational databases. SQL provides all the necessary tools to create, read, update, and delete (CRUD) that data.

This SQL hub lists all the Udacity blog posts which cover SQL. Armed with this information you can craft “SQL queries” — tailored requests for information — from virtually any database (including MySQL, SQLite, Apache Presto, Firebird SQL, Google BigQuery, Oracle, Microsoft SQL Server, Sybase, SAP HANA, IBM DB2, and many others).



Continue Reading

SQL Coalesce — Weeding Through The NULLs

Relational databases store information in tables — with columns that are analogous to elements in a data structure and rows that are one instance of that data structure. In SQL, a table cell without a value contains a special marker, NULL, which is not the same as zero, an empty string, or any other kind of value that works with equality tests; i.e. NULL != 0, NULL != "“, etc. The SQL Coalesce statement is one way of processing these NULL values for common uses like text processing.



Continue Reading

Data Analyst vs. Data Scientist: What You Need To Know in 2021

Did you know that the global revenue for big data and analytics is expected to reach nearly 275 billion dollars by 2022? For enterprises looking to leverage their data to its highest potential, one of the biggest challenges is finding practical and scalable ways to use the data. To fully unlock the power of that data, you’ll likely need a data analyst or a data scientist on your team.

The real question then is: do you need a data analyst or a data scientist? Let’s take a look at the role of data analyst vs. data scientist to figure out what’s right for your enterprise.



Continue Reading

Data Engineer vs Data Scientist: What’s the Difference?

The roles of “data engineer” and “data scientist” are often conflated and it’s common practice, but they’re actually completely different jobs.

Both require a high degree of skill in data science, but they each have their own specific responsibilities.

Learn more about the difference between data engineers and data scientists, including the skill sets necessary, job roles and salary info.



Continue Reading

SQL Where — Getting At Your Dreams

Relational databases store information in tables — with columns that are analogous to elements in a data structure and rows which are one instance of that data structure — the order of which is undetermined; in no way guaranteed to reflect the order in which the data was inserted into the table.

The SQL Where clause restricts actions to those rows which satisfy a condition. The general form of SQL Where is:

SELECT column1, column2, … 
FROM table 
WHERE predicate;

Because SQL creates, reads, updates, and deletes (CRUD) database information, the WHERE predicate is used to corral its actions in SELECT, UPDATE, and DELETE statements.



Continue Reading

SQL Delete — All Good Things Must End

Relational databases store information in tables — with columns that are analogous to elements in a data structure and rows which are one instance of that data structure — which are brought into existence via the SQL Create Table statement. 

The SQL Delete statement is used to remove rows from data from the tables. It looks like:

DELETE FROM table WHERE condition ;

Be exceedingly careful around the WHERE clause; an error in restricting the scope of deletion can have shocking consequences. (Consider making a table backup with the SQL Create Table From statement.)



Continue Reading