Connect with us


What is SQL?



Structured Query Language (SQL) is a standardized programming language that is used to manage relational databases and perform various operations on the data in them. Initially created in the 1970s, SQL is regularly used not only by database administrators but also by developers writing data integration scripts and data analysts looking to set up and run analytical queries.

SQL queries and other operations take the form of commands written as statements and are aggregated into programs that enable users to add, modify or retrieve data from database tables.

A table is the most basic unit of a database and consists of rows and columns of data. A single table holds records, and each record is stored in a row on the table. Tables are the most used type of database objects or structures that hold or reference data in a relational database.

Relational databases are relational because they are composed of tables that relate to each other. For example, a SQL database used for customer service can have one table for customer names and addresses and other tables that hold information about specific purchases, product codes, and customer contacts. A table used to track customer contacts usually uses a unique customer identifier called a key or primary key to reference the customer’s record in a separate table used to store customer data, such as name and contact information.

SQL became the de facto standard programming language for relational databases after it emerged in the late 1970s and early 1980s.

SQL standard and proprietary extensions

An official SQL standard was adopted by the American National Standards Institute (ANSI) in 1986, with the International Organization for Standardization (ISO) adopting the standard in 1987. New versions of the SQL standard are published every few years, the most recent in 2016.

ISO/IEC 9075 is the ISO SQL standard developed jointly by ISO and the International Electrotechnical Commission. The standard way of referring to an ISO standard version is to use the standards organizations — ISO/IEC — followed by the ISO standard number, a colon, and the publication year. The current ISO standard for SQL is ISO/IEC 9075:2016.

Both proprietary and open-source RDBMSes built around SQL are available for use by organizations.

Some versions of SQL include proprietary extensions to the standard language for procedural programming and other functions. For example, Microsoft offers a set of extensions called Transact-SQL, while Oracle’s extended version of the standard is Procedural Language for SQL. Commercial vendors offer proprietary extensions to differentiate their product offerings by giving customers additional features and functions. As a result, the different variants of extended SQL offered by vendors are not fully compatible with one another.

SQL commands and syntax

SQL is, fundamentally, a programming language designed for accessing, modifying, and extracting information from relational databases. As a programming language, SQL has commands and syntax for issuing those commands. These are the following:

  • Data Definition Language (DDL) commands are also called data definition commands because they are used to define data tables.
  • Data Manipulation Language (DML) commands are used to manipulate data in existing tables by adding, changing, or removing data. Unlike DDL commands that define how data is stored, DML commands operate in the tables defined with DDL commands.
  • Data Query Language consists of just one command, SELECT, used to get specific data from tables. This command is sometimes grouped with the DML commands.
  • Data Control Language commands are used to grant or revoke user access privileges.
  • Transaction Control Language commands are used to change the state of some data — for example, to COMMIT transaction changes or to ROLLBACK transaction changes.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *


Four Ways AI Can Improve Your Next Meeting



It may not be noticeable to most, but AI is now rooted in many aspects of our lives. From voice assistants to the cars we drive, to social media and shopping – AI is integrated into a multitude of everyday processes.

It should be of little surprise that AI is also becoming heavily embedded in our businesses. And while some people feel uncomfortable about this intersection of human and machine, it truly offers an abundance of transformative opportunities.

Here are four reasons why AI will continue to be important today and in the future:

  1. Automated note-taking allows brainstorms to go full speed

The days of being the meeting scribe and not absorbing what’s been said around you are over. Automated note-taking and accurate meeting transcripts are one of the simplest ways AI can help free up meeting attendees to focus on the discussion taking place.

Using this software means that transcripts can be searched for important keywords and ideas, allowing participants to fully absorb details after the meeting has concluded. Giving everyone at the meeting the ability to participate without the burden of constant note-taking fosters a lively and uninhibited discussion, encouraging a seamless flow of ideas.

  1. AI-powered action items, agenda updates, and deadline management

AI technology is founded on rules-based responses to decisions, meaning it can be taught to recognize keywords. Organizers can plug in important words such as “follow up” or “action item” and the AI can recognize them and react for easier sharing and review after a meeting.

In addition, AI can help to record deadlines and, if programmed to do so, could send out reminders as deadlines approach. With something like Natural Language Processing (NLP) embedded, AI can also know which parts of the meeting are most important, based on vocal tones, and can automatically record and share those parts with attendees, ensuring that none of the actions are forgotten.

  1. Automated capture of nonverbal cues

We all know those golden moments during a meeting where ideas are born and everyone reacts in a positive way – but they can be hard to identify, particularly if you’re engaging with remote workers on the phone or via video conference.

Wouldn’t it be great if AI was able to more easily recognize and record those moments, because they are generally identified by nonverbal cues such as facial expressions, nods, laughter, or peaks in the audio when everyone has that aha moment? A human note-taker may not be able to accurately capture this, but AI may be able to.

  1. Improved overall efficiency prevents meetings from dragging on

Everyone has experienced a meeting that seems to drag on endlessly, or watched co-workers talk in circles. This can happen when people are not paying attention because they’re scribbling on notepads and typing on laptops, bringing up topics that were already discussed. This is what turns meetings into chores instead of the energizing moments of team collaboration they are meant to be.

When AI removes the more mundane aspects of a meeting like scheduling or taking attendance, attendees can move through administrative tasks and housekeeping items rapidly, knowing the AI will have it all recorded for later reference, and move into free-flowing exchanges of ideas.

And for those routine meetings that occur frequently and don’t always entail a major brainstorming, AI also facilitates effective and concise meetings, so everyone can get into the meeting quickly, be productive with the time set out, and then get back into more inspiring work.

Continue Reading


How To Mitigate Shadow IT Risks



Using unapproved tools, software, and devices is risky. You never know what vulnerabilities so-called shadow IT may have. The pandemic that began in 2020 put a new spin on the shadow IT problem. The sudden need to handle all processes remotely was a true challenge since the majority of corporate networks were not configured to be safely accessed by employees from home.

Although it may seem that telecommuters got used to the security rules for remote work, there’s a risk they learned how to get around them. Using unauthorized third-party software while accessing corporate networks may pose a danger to an organization’s critical assets. In this article, we define what shadow IT is and why employees use unapproved software. We also specify major cybersecurity risks that can be caused by shadow IT and offer six ways to effectively address them.

What is Shadow IT?

Shadow IT refers to any IT system, solution, device, or technology used within an organization without the knowledge and approval of the corporate IT department.

Common examples of shadow IT are cloud services, file-sharing applications, and messengers that aren’t explicitly allowed according to an organization’s cybersecurity rules and guidelines. The risk of using such software is that it can have cybersecurity flaws and lead to various incidents like sensitive data exposure.

How to mitigate shadow IT risks:

  1. Build a flexible corporate policy

A well-thought-out corporate policy that addresses your business’s most critical cybersecurity issues is a must. To achieve it, start with establishing comprehensible guidelines around the use of personal devices, third-party applications, and cloud services. For starters, you can divide your software into categories to help employees better understand the risks of using shadow IT and offer them alternatives. Here are examples of categories in which you can place shadow IT resources:

  • Sanctioned. Tools that are approved by an organization’s IT department and recommended for use within the corporate network
  • Authorized. Additional software whose use is allowed
  • Prohibited. Potentially dangerous solutions that may have vulnerabilities or store data insecurely.
  1. Educate your employees on shadow IT

One of the most effective ways to mitigate shadow IT risks is to educate your employees about the true dangers of using unapproved software. People often don’t fully understand the possible consequences of their actions and don’t realize the risks.

By explaining the true reasons behind shadow IT prohibitions, you can significantly lower the number of unsanctioned software installations. Also, it will help you encourage workers to be more transparent about the difficulties they have with approved solutions and the true reasons for secretly deploying alternatives.

  1. Give your employees the tools they need

Remember why people usually turn to shadow IT in the first place? In most cases, it’s because the standard corporate tools aren’t effective and convenient enough.

A good practice is to create a space for open communication between workers and the IT department. When you learn what your employees really need, you can find efficient software and eliminate the risks of employees using unapproved software in secret.

In case a solution your employees want to use isn’t secure enough or may lead to non-compliance with requirements, it’s essential to clearly explain the potential risks. And if possible, offer alternatives that provide the required data security.

Continue Reading


Google Dorking And How Are Hackers Using This Technique Against You



Google is the encyclopedia of the internet that carries the answer to all your questions and curiosity. After all, it is just a web index to find images, articles, and videos, right?

Well, if you think so, you are turning a blind eye to the untapped potential of the behemoth search engine’s crawling capabilities. This side of Google is lesser-known to the average user but propelled effectively by bad actors to hijack websites and steal sensitive data from companies. Here, we’ll address how security professionals and hackers use Google as an effective reconnaissance tool to access sensitive data, hijack websites, and more.

What is Google Dorking?

Google dorking or Google hacking is the technique of feeding advanced search queries into the Google search engine to hunt for sensitive data such as username, password, log files, etc., of websites that Google is indexing due to site misconfiguration. This data is publicly visible and, in some cases, downloadable.

A regular Google search involves a seed keyword, sentence, or question. But, in Google dorking, an attacker uses special operators to enhance search and dictate the web crawler to snipe for very specific files or directories on the internet. In most cases, they are log files or website misconfigurations.

How Hackers Use Google Dorking to Hack Websites

Google dorking involves using special parameters and search operators called “dorks” to narrow down search results and hunt for exposed sensitive data and security loopholes in websites.

The parameters and operators direct the crawler to look for specific file types in any specified URL. The search results of the query include but are not limited to:

  • Open FTP servers.
  • A company’s internal documents.
  • Accessible IP cameras.
  • Government documents.
  • Server log files containing passwords and other sensitive data can be leveraged to infiltrate or disrupt an organization.

Most-Used Google Dorking Operators

Although there are tons of operators and parameters that one can apply to a search query, it only takes a handful of them to serve the needs of a security professional. Here are a few commonly used queries:

  • inurl: Dictates the crawler to search for URLs that contain a specified keyword.
  • allintext: This parameter searches for user-specified text in a webpage.
  • filetype: This parameter tells the crawler to look for and display a specific file type.
  • intitle: Scrapes for sites containing specified keywords in the title.
  • site: Lists all the indexed URLs for the specified site.
  • cache: When paired with the site parameter, this one displays the cached or older version of a website.
  • Pipe operator (|): This logical operator will list results that contain either of two specified search terms.
  • Wildcard operator (*): This is a wildcard operator that searches for pages that contain anything connected to your search term.
  • Subtract operator (-): This eliminates unwanted results from your search.

Is Google Dorking Illegal?

While it may seem intimidating, Google dorking will not land you behind bars, given you are only using it to refine your search results and not infiltrate an organization.

It is a necessary evil and, in fact, an encouraged practice amongst power users. Keep in mind that Google is tracking your searches all the time, so if you access sensitive data or search with malicious intent, Google will flag you as a threat actor.

In case you are carrying out a pen test or hunting for bug bounty, ensure that you are fully authorized and backed by the organization. Otherwise, if you get caught, things can take a turn for the worst, and one can even slap you with a lawsuit.

Continue Reading