The emails came in today and 2 out of 4 of my sessions were selected. Both are the ones I originally did at the Spring SQL Connections. Here's what I wrote about them earlier (the title links to the actual PASS abstract).
Yes, I know it's rated 100. That's because there is content in the presentation that can be usable by a novice. But based on the ratings I got at SQL Connections, it was applicable to all levels. That's the way it was designed. So why is this presentation different from normal security presentations like the other ones out there? Three key reasons:
- It's from an attacker's perspective. As defenders we tend to focus on our strengths. That's natural. As attackers we tend to focus on the defender's weaknesses. That's also natural. And there's a typical methodology attackers employ to gut a SQL Server. This session presents things from an attacker's view. If you can see through the attacker's eyes, you can align your defenses accordingly.
- It's not just about SQL Server. I was an infrastructure and security architect. I still function in that role from time to time within my organization. So I know that protecting SQL Server is more than just about SQL Server and often getting into SQL Server is about a weakness at another layer. So I cover it all. Network. OS. Utilities. Apps. And SQL Server. Even if you're "just" a DB pro, you should know the other areas where weaknesses can occur. You need to know where to look to make sure others in your organization are looking in those areas, too.
- I talk about real world compromises. Not just theory, but why these defenses and these mechanisms need to be in place to prevent attacks we've seen and know all too well.
I did rate this a 400 because we'll delve into thread scheduling and kernel vs. user mode and the like. One of the biggest strengths I think I bring to my organization as a SQL Server DBA is my operating system knowledge. It allows me to spot issues affecting our SQL Servers that others might miss. Having a deep understanding of how the OS functions and how it can affect SQL Server can really set you apart if you're trying to troubleshoot a problem. That's what I talk about in this session. And once again, I bring real world examples of why knowing this stuff can help solve the issue with problems I have personally encountered that weren't due to SQL Server but what was making our SQL Servers look bad.
I am also contributing to another presentation, and that's being led by Brian Moran and Andy Leonard. It's a professional development session, and I think it should prove to be informative and worthwhile to anyone, regardless of what stage of your career you're in:
Speaker(s): Brian Moran, Andy Warren, Brent Ozar, Brian Kelley, Jeremiah Peschka, Kevin Kline, Louis Davidson, Stacia Misner, Thomas LaRock
Are consultants better than people who work for ‘regular’ companies? Perhaps it is the other way around? No classification of IT worker is inherently smarter or better than another. However, I believe that many successful SQL Server professionals share similar characteristics that shape their careers and success. Of course they have interesting differences as well! This session explores 20 years of my ideas, learning, and research on this topic. The session also highlights the experience of top SQL Server professions who will share personal thoughts on what has made them indispensible. The panel includes leading professionals from the consulting and corporate side of life as well as a mix of BI/relational and technology/leadership roles.
Brian's [Moran] 20 year career in SQL Server and personal experience in working with and mentoring dozens of highly succesful SQL Server professionals around the world adds unique value to this panel discussion.