i used to be a penetration tester for a company and they made us do a extensive amounts of traning in the field of SQL its commonly know the be the easiest thing to hack and that companys are wanting trained professionals to block it