Using SQL as your approach to interrogating data in one data component makes it easier to transfer over to using another option if your needs change.

SQL injection is a type of attack that can give an adversary complete control over your web application database by inserting arbitrary SQL code into a database query.

Errors that allow SQL injection and cross-site scripting attacks are still the top vulnerabilities that pen-testers find, especially at smaller companies.