I gave a presentation today at the MySQL Conference & Expo 2010, titled SQL Injection Myths and Fallacies. Thanks to everyone who came to my talk! I appreciate your interest in learning to develop more secure applications. SQL Injection is a serious threat to web applications, and it's only going to get worse. It's incumbent on you as software developers to learn how to write secure code!
My slides are now online in two places: on the MySQL Conference website, and at SlideShare.net/billkarwin.
I also handed out cards for a 20% discount on my upcoming book, SQL Antipatterns. One chapter in my book is devoted to SQL Injection risks and methods for defending against them. You can pre-order the hardcopy book and receive it as soon as it ships. You can also get the downloadable beta e-book right away, and receive an update when the editing is done.
I left a stack of the leftover discount cards on the collateral table in the hallway. If you didn't get one, you'll have another chance when I talk at the PHP TEK-X conference in Chicago in May!