{"id":91420,"date":"2024-03-04T08:16:52","date_gmt":"2024-03-04T13:16:52","guid":{"rendered":"https:\/\/staging.checkmarx.com\/?p=91420"},"modified":"2026-03-24T16:14:50","modified_gmt":"2026-03-24T14:14:50","slug":"what-is-sql-injection","status":"publish","type":"learn","link":"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/","title":{"rendered":"What is SQL Injection, and How Can Today\u2019s Organizations Prevent it with Application Security?"},"content":{"rendered":"<section class=\"section-article-tldr\">\n            <div class=\"acf-innerblocks-container\">\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-1\">Summary<\/h2>\n\n\n\n<p>The best approach to protecting against SQL injection attacks &#8212; which happen when threat actors feed malicious code into SQL databases &#8212; is to implement multiple layers of defense, such as validating input received by applications, scanning source code to detect SQL injection vulnerabilities and testing live applications to check how they respond to malicious SQL queries.<\/p>\n\n<\/div>\n        <\/section>\n\n\n<p>SQL injection attacks are the main source of critical vulnerabilities for web applications in 2024, making up 23.4% of all vulnerabilities. To understand this risk better, this article answers the question, \u2018what is SQL injection?\u2019, explains SQLi, (meaning SQL injection attacks) and how they impact your organization. It describes how you can protect yourself against this growing and complex threat with the support of application security testing that includes SAST as a core feature.<\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-2\">\n<span style=\"color: #333333;\"><\/span><wp-block data-block=\"core\/more\"><\/wp-block>What is SQL injection?<\/h2>\n\n\n\n<p><span style=\"font-weight: 400;\">Let\u2019s start with an SQL injection definition, for those who haven\u2019t heard the term before. SQL commands are a normal part of interacting with databases, allowing applications to read and write data using the language SQL, which stands for Structured Query Language.&nbsp;<\/span><\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img decoding=\"async\" width=\"469\" height=\"579\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/08\/sqli_code_sample.png\" alt=\"\" class=\"wp-image-97387\" srcset=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/08\/sqli_code_sample.png 469w, https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/08\/sqli_code_sample-243x300.png 243w\" sizes=\"(max-width: 469px) 100vw, 469px\" \/><figcaption class=\"wp-element-caption\">SQLi Code Sample<\/figcaption><\/figure>\n<\/div>\n\n\n<p><span style=\"font-weight: 400;\">However, when threat actors use SQL to insert malicious commands instead of legitimate ones, this is a <\/span><span style=\"font-weight: 400;\">SQL injection attack<\/span><span style=\"font-weight: 400;\">, also known as SQLi. By using malicious SQL code, back end databases can be manipulated to access sensitive information, allowing attackers to monitor, extract, delete or share data which they should not have been able to reach.&nbsp;<\/span><\/p>\n\n\n\n<p><span style=\"font-weight: 400;\">Common consequences of a SQLi attack include:&nbsp;<\/span><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"font-weight: 400;\">Modifying of database schemas, such as stored functions or processes<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400;\">Altering passwords or permissions<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400;\">Subverting application logic to change a query<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400;\">Modifying of T-SQL statements, leading to more data access<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400;\">Testing for database configuration, including storage or server infrastructure<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400;\">Launching ransomware or DDoS attacks from inside the database<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400;\">Deleting, stealing, or encrypting sensitive or critical data<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400;\">Gaining a foothold for long-term monitoring or stealth attacks<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400;\">Executing admin operations, including shutdown of the database<\/span><\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-3\">Understanding SQLi Attacks by Examples<\/h2>\n\n\n\n<p><span style=\"font-weight: 400;\">There are three main methods of injecting malicious input using SQLi.&nbsp;<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span style=\"font-weight: 400;\">In-band injection<\/span><\/h3>\n\n\n\n<p><span style=\"font-weight: 400;\">With in-band injection, the attacker utilizes the same communication channel to inject the code, and view the results. Examples include Error-based SQLi and Union-based SQLi. Error-based SQLi uses database error messages that have not been disabled or logged with restricted access permissions. With these messages an attacker can gain information about the database. Union-based SQLi is also an in-band injection technique, and it uses the UNION SQL operator, taking advantage of multiple SELECT statements which are then returned as part of the HTTP response.&nbsp;<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span style=\"font-weight: 400;\">Out-of-band injection&nbsp;<\/span><\/h3>\n\n\n\n<p><span style=\"font-weight: 400;\">Unlike in-band injection, with out-of-band injection, the attacker injects the code into the application and then relies on special database features to gain access to the sensitive information. These techniques are less common, because they are only used when a threat actor cannot use the same channel to both launch an attack and collect results. One example of an out-of-band injection technique is Microsoft SQL Server\u2019s xp_dirtree command. This can be leveraged to make a DNS request to a malicious server which is under the control of a threat actor.&nbsp;<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span style=\"font-weight: 400;\">Blind injection<\/span><\/h3>\n\n\n\n<p><span style=\"font-weight: 400;\">Finally, the third category is blind injection. These are different in the kind of code that is injected to the database. Instead of manipulating the database to access sensitive information, these commands evaluate how the database is configured, giving the attacker greater information about how they can launch an attack. This is also known as inferential SQLi. The attacker usually sends SQL queries to the database, and then observes the response. By monitoring how long a database waits before responding, or whether the HTTP response changes or remains the same, attackers can infer a TRUE or FALSE outcome, even without data being returned.&nbsp;<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-4\">How Do Attackers Take Advantage of SQLi Vulnerabilities?<\/h2>\n\n\n\n<p><span style=\"font-weight: 400;\">So, why do SQL attacks happen? No development team is intentionally leaving the door open for SQL injections, but there are a number of factors that contribute to the growing problem, and some can be solved by shoring up poor security hygiene.&nbsp;<\/span><\/p>\n\n\n\n<p><span style=\"font-weight: 400;\">First, input validation is really critical. Many applications automatically pass commands to the database with no validation, and if an attacker has inserted malicious SQL commands &#8211; there would be no way of knowing. It\u2019s also important to check legacy code, as many applications have sat dormant for years, and what was secure when it was written may not be sufficient today. Code which is no longer necessary should be removed, as its only purpose is to add risk to your environment. This level of due diligence is not only about code. Other ways that attackers launch SQLi attacks are via unpatched applications and legacy software.&nbsp;<\/span><\/p>\n\n\n\n<p><span style=\"font-weight: 400;\">A lack of testing is also part of the growing risk of SQLi. You can often detect SQL vulnerabilities with common tests such as looking for the single quote character \u2018, analyzing differences in application responses with SQL-specific syntax, or inputting payloads in SQL queries designed to trigger time delays and measuring the time taken to respond. Common locations for SQLi vulnerabilities are in the WHERE clause of a SELECT query, in UPDATE statements, or in the table or column name of SELECT statements. Unfortunately, this is by no means a comprehensive list, and vulnerabilities can occur anywhere &#8211; making manual testing an insufficient answer to the SQLi problem.&nbsp;<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-5\">How to Detect and Prevent SQLi<\/h2>\n\n\n\n<p>While there are some simple ways to encourage developers to reduce the likelihood of SQL injection attacks, such as deleting error messages and restricting the maximum length of data input, to be truly secure against this threat &#8211; Application Security Testing (AST) is paramount. These automated tools shift security early in the software development lifecycle, and actively search for where applications connect to a database and test its vulnerabilities. Robust AST will include:<\/p>\n\n\n\n<p><strong>Input validation:<\/strong> A thorough validation of all application input, with a broad range of attack scenarios including known threats and edge cases.<br><strong>Static Application Security Testing:<\/strong> <a href=\"https:\/\/checkmarx.com\/cxsast-source-code-scanning\/\">SAST scans<\/a> the source code before deployment, detecting vulnerabilities at the code level, ahead of time.<br><strong>Dynamic Application Security Testing:<\/strong> DAST finds the vulnerabilities in live applications, knowing security can evolve past deployment.<br><strong>Simulations:<\/strong> Testing applications for SQL vulnerabilities by attempting to insert malicious commands, and evaluating the response.<\/p>\n\n\n<section class=\"section-block-info light-theme\">\n    <div class=\"main-wrapper block-info__wrapper\">\n        <div class=\"block-info center\">\n\t\t\t\n\t\t\t<h2 class=\"section-title article-anchor\" id=\"article-anchor-6\">Protect from SQL Injection Attacks Today!<\/h2>\t\t\t<p class=\"section-description\">Get everything your enterprise needs to integrate AppSec across every stage of the SDLC and  secure your applications from code to cloud on a unified application security platformrnrn<\/p>\n\t\t\t<div class=\"actions\">\n\t\t\t\t        <a href=\"https:\/\/checkmarx.com\/request-a-demo\/\" class=\"btn btn-2 btn-bg white demo\">Book a Custom Demo<\/a>\n        \t\t\t\t        <a href=\"\/product\/application-security-platform\/\" class=\"btn btn-2 btn-bg border-2 demo\">Discover Checkmarx One<\/a>\n        \t\t\t<\/div>\n        <\/div>\n    <\/div>\n<\/section>\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-7\">Using Checkmarx to Prevent SQL Injection Attacks<\/h2>\n\n\n\n<p><span style=\"font-weight: 400;\">Checkmarx One is our leading application security testing solution, and it is a powerful tool to <\/span><span style=\"font-weight: 400;\">prevent SQL injection attacks<\/span><span style=\"font-weight: 400;\"> in your applications, .&nbsp; identifying potential SQL injections for developers to fix, ahead of deployment. It includes a comprehensive next-generation SAST tool that <\/span><span style=\"font-weight: 400;\">scans against application security risks<\/span><span style=\"font-weight: 400;\"> at the earliest stage, allowing you to shift left, while the whole platform supports shifting everywhere &#8211; from code to cloud..&nbsp;<\/span><\/p>\n\n\n\n<p><span style=\"font-weight: 400;\">Integrated with the IDE, build management tools, bug tracking and source repositories, developers can work without friction &#8211; continuing their workflow as they prefer, and fixing source code issues with ease. In the background, thorough and customizable scans and testing give you peace of mind that all code is going to production without vulnerabilities. If a problem or risk is found, the fix is explained in natural language, alongside the <\/span><a href=\"https:\/\/checkmarx.com\/blog\/introducing-ai-security-champion-with-auto-remediation-for-sast\/\"><span style=\"font-weight: 400;\">exact code snippet to make the change.&nbsp;<\/span><\/a><\/p>\n\n\n\n<p><i><span style=\"font-weight: 400;\">Looking to prevent the risk of SQL attacks in your environment? Learn more about Checkmarx by <\/span><\/i><a href=\"https:\/\/checkmarx.com\/request-a-demo\/\"><i><span style=\"font-weight: 400;\">requesting a demo.<\/span><\/i><\/a><\/p>","protected":false},"author":83,"featured_media":106857,"parent":0,"menu_order":0,"template":"","meta":{"_acf_changed":false,"footnotes":""},"learn-cat":[853],"class_list":["post-91420","learn","type-learn","status-publish","has-post-thumbnail","hentry","learn-cat-appsec"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.1.1 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>What is SQL Injection + Examples<\/title>\n<meta name=\"description\" content=\"Understanding SQLi - meaning more than a SQL injection definition but how it affects your organization\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What is SQL Injection + Examples\" \/>\n<meta property=\"og:description\" content=\"Understanding SQLi - meaning more than a SQL injection definition but how it affects your organization\" \/>\n<meta property=\"og:url\" content=\"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/\" \/>\n<meta property=\"og:site_name\" content=\"Checkmarx\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-24T14:14:50+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/03\/application-security.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@checkmarx\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/\"},\"author\":{\"name\":\"Steve Boone\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/person\/b18c949667890c9cc96de7d4d274fdd6\"},\"headline\":\"What is SQL Injection, and How Can Today\u2019s Organizations Prevent it with Application Security?\",\"datePublished\":\"2024-03-04T13:16:52+00:00\",\"dateModified\":\"2026-03-24T14:14:50+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/\"},\"wordCount\":1238,\"publisher\":{\"@id\":\"https:\/\/checkmarx.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/03\/application-security.webp\",\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/\",\"url\":\"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/\",\"name\":\"What is SQL Injection + Examples\",\"isPartOf\":{\"@id\":\"https:\/\/checkmarx.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/03\/application-security.webp\",\"datePublished\":\"2024-03-04T13:16:52+00:00\",\"dateModified\":\"2026-03-24T14:14:50+00:00\",\"description\":\"Understanding SQLi - meaning more than a SQL injection definition but how it affects your organization\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/#primaryimage\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/03\/application-security.webp\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/03\/application-security.webp\",\"width\":1200,\"height\":600},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/checkmarx.com\/#website\",\"url\":\"https:\/\/checkmarx.com\/\",\"name\":\"Checkmarx\",\"description\":\"The world runs on code. We secure it.\",\"publisher\":{\"@id\":\"https:\/\/checkmarx.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/checkmarx.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/checkmarx.com\/#organization\",\"name\":\"Checkmarx\",\"url\":\"https:\/\/checkmarx.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg\",\"width\":1,\"height\":1,\"caption\":\"Checkmarx\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis\",\"https:\/\/x.com\/checkmarx\",\"https:\/\/www.youtube.com\/user\/CheckmarxResearchLab\",\"https:\/\/www.linkedin.com\/company\/checkmarx\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/person\/b18c949667890c9cc96de7d4d274fdd6\",\"name\":\"Steve Boone\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/06\/avatar_83.jpeg\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/06\/avatar_83.jpeg\",\"caption\":\"Steve Boone\"},\"url\":\"https:\/\/checkmarx.com\/author\/steveboone\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"What is SQL Injection + Examples","description":"Understanding SQLi - meaning more than a SQL injection definition but how it affects your organization","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/","og_locale":"en_US","og_type":"article","og_title":"What is SQL Injection + Examples","og_description":"Understanding SQLi - meaning more than a SQL injection definition but how it affects your organization","og_url":"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/","og_site_name":"Checkmarx","article_publisher":"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis","article_modified_time":"2026-03-24T14:14:50+00:00","og_image":[{"width":1200,"height":600,"url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/03\/application-security.webp","type":"image\/webp"}],"twitter_card":"summary_large_image","twitter_site":"@checkmarx","twitter_misc":{"Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/#article","isPartOf":{"@id":"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/"},"author":{"name":"Steve Boone","@id":"https:\/\/checkmarx.com\/#\/schema\/person\/b18c949667890c9cc96de7d4d274fdd6"},"headline":"What is SQL Injection, and How Can Today\u2019s Organizations Prevent it with Application Security?","datePublished":"2024-03-04T13:16:52+00:00","dateModified":"2026-03-24T14:14:50+00:00","mainEntityOfPage":{"@id":"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/"},"wordCount":1238,"publisher":{"@id":"https:\/\/checkmarx.com\/#organization"},"image":{"@id":"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/#primaryimage"},"thumbnailUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/03\/application-security.webp","inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/","url":"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/","name":"What is SQL Injection + Examples","isPartOf":{"@id":"https:\/\/checkmarx.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/#primaryimage"},"image":{"@id":"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/#primaryimage"},"thumbnailUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/03\/application-security.webp","datePublished":"2024-03-04T13:16:52+00:00","dateModified":"2026-03-24T14:14:50+00:00","description":"Understanding SQLi - meaning more than a SQL injection definition but how it affects your organization","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/learn\/application-security\/sql-injection\/#primaryimage","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/03\/application-security.webp","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/03\/application-security.webp","width":1200,"height":600},{"@type":"WebSite","@id":"https:\/\/checkmarx.com\/#website","url":"https:\/\/checkmarx.com\/","name":"Checkmarx","description":"The world runs on code. We secure it.","publisher":{"@id":"https:\/\/checkmarx.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/checkmarx.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/checkmarx.com\/#organization","name":"Checkmarx","url":"https:\/\/checkmarx.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg","width":1,"height":1,"caption":"Checkmarx"},"image":{"@id":"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis","https:\/\/x.com\/checkmarx","https:\/\/www.youtube.com\/user\/CheckmarxResearchLab","https:\/\/www.linkedin.com\/company\/checkmarx"]},{"@type":"Person","@id":"https:\/\/checkmarx.com\/#\/schema\/person\/b18c949667890c9cc96de7d4d274fdd6","name":"Steve Boone","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/#\/schema\/person\/image\/","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/06\/avatar_83.jpeg","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/06\/avatar_83.jpeg","caption":"Steve Boone"},"url":"https:\/\/checkmarx.com\/author\/steveboone\/"}]}},"_links":{"self":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/learn\/91420","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/learn"}],"about":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/types\/learn"}],"author":[{"embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/users\/83"}],"version-history":[{"count":0,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/learn\/91420\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/media\/106857"}],"wp:attachment":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/media?parent=91420"}],"wp:term":[{"taxonomy":"learn-cat","embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/learn-cat?post=91420"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}