For relational databases, you say that SQL queries are run with the correspondent filters, so, like a "where" clause in a normal sql query right?
Yes, this is correct.
Could you explain what type of security do you have regarding protection againts SQL injection type of attacks?
In order to prevent SQL injection, it is required to use parameters. Unfortunately, Skyvia Connect does not use parameters, however, we have taken all possible measures to eliminate such situations. You can check SQL queries being sent to your database in the Log of your endpoint:
Common words about Skyvia security:
- all interactions of our UI with API are encrypted with SSL
- by default we use OAuth to authorize Skyvia in Salesforce, so user credentials are not stored on our server
- connection strings (for datasources that do not support OAuth) are stored encrypted in our database
- we host our service in Windows Azure, so all the latest security updates are applied
- only admins have access to our server
- we have passed Salesforce AppExchange Certification