Security Basics: Applying the Principle of Least Privilege Properly
Whenever I do a security presentation, I make sure to cover the Principle of Least Privilege. And when I do...
2009-05-29
3,152 reads
Whenever I do a security presentation, I make sure to cover the Principle of Least Privilege. And when I do...
2009-05-29
3,152 reads
On a couple of recent webcasts, I pointed out the folks were running with the local Administrator account. To start...
2009-05-28
2,150 reads
I was playing around with the endpoint catalog views this afternoon just looking at ways to do poor man's configuration...
2009-05-27
2,816 reads
Tomorrow night, May 28th, I'll be speaking the Augusta Developer's Guild. This is a make-up from earlier in the year...
2009-05-27
1,378 reads
One of the main defenses touted against SQL injection attacks is to use proper parameterization at the application layer. But while this gets most of the cases, there are clearly examples where this alone fails. For instance, consider the stored procedure...
2009-05-20
3,948 reads
Yesterday I did something I wouldn't have thought of doing a year ago: I stayed home. When I woke up,...
2009-05-19
843 reads
Note:Since there have been several comments on this, I'm using parameterization at the application layer in the security sense of...
2009-05-15
2,703 reads
This is spurred on by a comment a pen tester made. He was referring to a particular technology and said something to the effect of, "What do you expect? It's 30 year-old technology." I was stunned when the comment was relayed to me. My response...
2009-05-13
2,363 reads
This is spurred on by a comment a pen tester made. He was referring to a particular technology and said...
2009-05-05
1,246 reads
In my security presentations, another basic I talk about is defense-in-depth. The idea here is to produce multiple layers of protection against a particular attack. For instance, imagine malicious code against your home computer. This is a case where...
2009-05-05
1,971 reads
Unused Indexes in SQL Server: Find them, vet them, and drop them safely Indexes are...
By Steve Jones
I hosted this month, late as it turns out, but we still had a...
By Brian Kelley
I'm speaking on Quantum Computing at the PASS Data Community Summit. It's scheduled for...
Comments posted to this topic are about the item Create an HTML Report on...
While doing some housekeeping activity on several old but large production databases, I come...
How important to SQL Server is the speed of the SSD and network latency?...
In SQL Server 2022, how many backup files can I have in a striped backup?
See possible answers