About the Authors

David Litchfield specializes in searching for new threats to database systems and web applications and holds the unofficial world record for finding major security flaws. He has lectured to both British and U.S. government security agencies on database security and is a regular speaker at the Blackhat Security Briefings. He is a co-author of The Shellcoder's Handbook, SQL Server Security, and Special Ops. In his spare time he is the Managing Director of Next Genera-tion Security Software Ltd.

Chris Anley is a co-author of The Shellcoder's Handbook, a best-selling book about security vulnerability research. He has published whitepapers and secu- rity advisories on a number of database systems, including SQL Server, Sybase, MySQL, DB2, and Oracle.

John Heasman is a principal security consultant at NGS Software. He is a pro-lific security researcher and has published many security advisories relating to high-profile products such as Microsoft Windows, Real Player, Apple Quick-Time, and PostgreSQL.

Bill Grindlay is a senior security consultant and software engineer at NGS Software. He has worked on both the generalized vulnerability scanner Typhon III and the NGSSQuirreLfamily of database security scanners. He is a co-author of the database administrator's guide, SQLServer Security.

Next Generation Security Software Ltd is a UK-based company that develops a suite of database server vulnerability assessment tools, the NGSSQuirreL family. Founded in 2001, NGS Software's ...