SQL Clone
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in

Databases – Infrastructure – Security

Brian Kelley is an author, columnist, and Microsoft SQL Server MVP focusing primarily on SQL Server security. He is a contributing author for How to Cheat at Securing SQL Server 2005 (Syngress), Professional SQL Server 2008 Administration (Wrox), and Introduction to SQL Server (Texas Publishing). Brian currently serves as an infrastructure and security architect. He has also served as a senior Microsoft SQL Server DBA, database architect, developer, and incident response team lead.

ISACA Class: Auditing SQL Server in Every Way Possible

At this year’s TechnoSecurity and Digital Forensics Conference I gave a 1 hour presentation on auditing SQL Server. There were a lot of things I covered only in the conceptual, such as building a framework using Extended Events. The SC Midlands Chapter of ISACA is giving me the opportunity to… Read more

0 comments, 129 reads

Posted in Databases – Infrastructure – Security on 9 August 2018

New at Simple-Talk: Principles of Data Protection

My latest article, Principles of Data Protection, has been published at Simple-Talk! I address the basic problem and how we have to realize that technology alone can’t solve the issue (and why). I then delve into what we can do from a SQL Server perspective.

Read more

0 comments, 196 reads

Posted in Databases – Infrastructure – Security on 2 July 2018

I’m published at Simple-Talk!

My first article has gone live at Simple-Talk! Thanks to Aunt Kathi for the opportunity!

Detecting Data Breaches

I’m also still writing at MSSQLTips. I’m currently writing a series covering DMOs. The latest is on sys.dm_exec_sessions.

Read more

0 comments, 166 reads

Posted in Databases – Infrastructure – Security on 12 June 2018

New Article: Return SQL Server Connections Information Using sys.dm_exec_connections

I’ve started a new series at MSSQLTips.com walking through the various Dynamic Management Objects we have available to us in SQL Server. A couple of encounters with some folks in recent months showed a need as more than one person responsible for managing SQL Servers didn’t know about these helpful… Read more

0 comments, 222 reads

Posted in Databases – Infrastructure – Security on 18 May 2018

Speaking at Idera’s Live Virtual Conference

Have you heard about Idera’s Live Virtual Conference? It is being held on May 16, from 9 AM to 3 PM Central Time. The conference is completely free to attend.

I’m speaking on SQL Server security basics. Where do you start? What should you definitely do? Where do you go… Read more

0 comments, 160 reads

Posted in Databases – Infrastructure – Security on 1 May 2018

Webinar: Auditing with Extended Events

I’m giving a webinar today, April 5th, at 3 PM Eastern, on using Extended Events to audit your SQL Servers. I’ll be covering the basics of why you should migrate from Profiler to Extended Events, what Extended Events are and how they are structured, as well as some initial use… Read more

0 comments, 214 reads

Posted in Databases – Infrastructure – Security on 5 April 2018

Webinar: Identify and Eliminate SQL Server Performance Issues

I’m giving a webinar tomorrow, March 22, 2018, at 3 PM Eastern.

Free Registration Link

Here’s what I’ll be covering:

Are you struggling with pesky SQL Server performance issues that are impacting your business? Are you not sure where to turn next to focus your efforts to resolve the issue? Read more

0 comments, 246 reads

Posted in Databases – Infrastructure – Security on 21 March 2018

Speaking at the 2018 Techno Security and Digital Forensics Conference

One of my favorite conferences is held in Myrtle Beach, SC, in June. It’s a security and digital forensics conference which I try to make each year.

This year I’ve been selected as a speaker. Here is the talk I’m currently scheduled to give:

Auditing SQL Server in Every Way… Read more

0 comments, 204 reads

Posted in Databases – Infrastructure – Security on 1 March 2018

Settings Goals Professionally

I was reminded of this topic after yesterday’s #SQLChat. Have you set professional goals for yourself? If so, have you set them professionally? What do I mean?

There’s a difference between a wish and a goal. A wish is something we want to happen but we don’t make any effort… Read more

0 comments, 1,918 reads

Posted in Databases – Infrastructure – Security on 8 February 2018

Tinker as You Learn

In recent weeks I’ve seen my brother from another mother, Andy Leonard (twitter | blog), write or post about his learning activities. In one case he remarked that he liked it when he went to complete a learning lab exercise and it didn’t work as expected the first… Read more

0 comments, 1,821 reads

Posted in Databases – Infrastructure – Security on 24 January 2018

WIT: A Quick Thought

I recently had the opportunity to be a Dungeon Master (DM) at a gaming convention. It was my first time. I loved it. So what does that have to do with Women in Technology (WIT)?

The young lady standing up also DMed her first convention. She’s my daughter and she’s… Read more

3 comments, 1,457 reads

Posted in Databases – Infrastructure – Security on 22 January 2018

DevOps Does Not Make Admins Obsolete

As a follow up to my tweet, I stand by my belief that DevOps does not make administrators obsolete. I include Database Administrators in my statement. The core point of embracing DevOps is to determine what is repeatable and see if you can automate it. Why?

  • You’re trying to move…

Read more

0 comments, 950 reads

Posted in Databases – Infrastructure – Security on 3 January 2018

BK’s Professional Learning Plans for 2018 #tsql2sday

With 2018 coming, I’ve thought about the question, “What do I want to be when I grow up?” I ask this question every few years because it helps me develop a plan of attack with respect to learning and opportunities to pursue. As a result, this T-SQL Tuesday topic comes… Read more

1 comments, 1,298 reads

Posted in Databases – Infrastructure – Security on 12 December 2017

Learning to Give Presentations Well (Part 3)

See Part 1 and Part 2.

Perfect Practice Makes Perfect

I can remember my Air Force ROTC class on communications skills where we had to put together a “talking paper” and give a presentation to the class. We were advised to practice with our peers before the… Read more

0 comments, 1,323 reads

Posted in Databases – Infrastructure – Security on 11 December 2017

Register for Red Gate’s SQL in the City

Aunt Kathi. Grant Fritchey. Steve Jones. They’re part of five hours of training on SQL Server performance and DevOps with the database in mind. And it’s free. And it’s on-line. I’m looking forward to this. If you’re not familiar with what I’m talking about, it’s Red Gate’s SQL in the… Read more

0 comments, 392 reads

Posted in Databases – Infrastructure – Security on 8 December 2017

Kalen Delaney’s Weekly Webinars

Anyone who has been working with SQL Server for any length of time should be aware of the name Kalen Delaney. She is one of the luminaries in our community. Therefore, the opportunity to learn from her is definitely one you should seize upon.

Back in September she began a… Read more

0 comments, 257 reads

Posted in Databases – Infrastructure – Security on 7 December 2017

Webinar: Understanding SQL Injection and Its Consequences

On Thursday, December 14, at 3 PM Eastern, I will be giving a presentation on SQL injection. Registration is required but otherwise the webinar is free:

Register for Webinar

This is put on by the MSSQLTips folks and we hope you’ll find it informative. If there’s anything specific you’d like… Read more

0 comments, 410 reads

Posted in Databases – Infrastructure – Security on 6 December 2017

More Beginner / Fundamentals Content

Not surprisingly, there are folks who want beginner / fundamentals presentations and blog posts. 

I put up the poll based on a brief conversation on Twitter about some folks wanting more advanced content and complaining when beginner content was offered. I’ve heard the same comments when I ran a beginner… Read more

2 comments, 1,785 reads

Posted in Databases – Infrastructure – Security on 5 December 2017

Security Architecture: Knowing the Adversary

When I present or teach on a security topic, I take the time to cover the mindset of the adversary. There are a lot of maxims out there to “know thine enemy,” but here’s a good recent one that explains why:

“Unless you can think the way that an evil…

Read more

6 comments, 1,622 reads

Posted in Databases – Infrastructure – Security on 4 December 2017

Geek Sync Recording: Taking Control of Your SQL Server Sprawl

Back in July, I gave a webcast for Idera’s Geek Sync. They’ve published the recording. You can find it here:

Take Control of Your Organization’s SQL Server Sprawl

It’s about an hour long and it focuses on automation, setting up sized templates for servers, pushing and enforcing OS settings using… Read more

0 comments, 368 reads

Posted in Databases – Infrastructure – Security on 17 November 2017

Older posts