Advanced Incident Response
Having a known and documented incident response plan is important these days, as more and more companies are having security incidents.
2022-04-06
132 reads
Security
2022-03-26
109 reads
The Level of Security These Days
How comfortable are you with your password security? Today Steve asks given some data on the various times it takes to crack passwords.
2022-03-25
85 reads
Can We Please Stop Sending Passwords Over the Wire?
While analyzing SQL Server's network protocol, I came across a weird fact: when a database client logs in using SQL Server authentication (as opposed to Windows authentication), it has to send the user's password to the server, in blatant violation of common security guidelines. At first, I couldn't believe it; SQL Server generally does an […]
2022-03-02
5,607 reads
A Real World Security Reminder
A reminder today that security in the physical world can affect the digital world.
2022-02-23
208 reads
Teams Security Issues
There are a few security issues in the Teams application from Microsoft, and Steve notes that some of the push for new features can be a problem in this area.
2022-01-10
296 reads
Query control made easy
Overview As we all know, data security is a never-ending battle. Every day, we hear of new data breaches. It's a hard problem, and there is no single solution, other than a defense in depth. Let's look at one of those defenses for databases: query control. Query control is a simple idea: most applications access […]
2022-01-07
4,040 reads
How to (Somewhat) Increase SQL Server Security
Problem Some time ago Argenis Fernandez(@DBArgenis) found and described a vulnerability that allows you to get into SQL Server with 'sa' rights. This method does not require a restart of the SQL Server service or the whole machine, the condition is a local administrator account on the server. Reminder SQL Server until 2008R2: Until SQL 2008R2, […]
2022-01-03
8,461 reads
The Challenge of Edge Security
We will see databases deployed on the edge, and we will need strong security patches.
2021-12-20
300 reads
2021-12-15
356 reads
Blogs
ISACA AI Material/Exam Prep Discount (May 18 – June 30, 2026)
By Brian Kelley
If you are considering any of the ISACA AI certs like the Advanced Artificial...
A Fabric solution can be very cost effective
By ChrisJenkins
Are you currently using Microsoft Fabric or considering migrating to it? If so, there...
Track SQL Server Configuration Changes Using the Error Log
By SQLPals
Track SQL Server Configuration Changes Using the Error Log If you...
Forums
We Are Eating Our Own Seed Corn
Comments posted to this topic are about the item We Are Eating Our Own...
Before Using AI with Business Data, Read This
Artificial intelligence tools are quickly becoming part of daily business operations, from document analysis...
Designing SQL Server ETL Pipelines That Don't Break at Scale
Comments posted to this topic are about the item Designing SQL Server ETL Pipelines...
Question of the Day
Detecting Deadlocks Quickly
In the Database Engine, when a deadlock is detected, what does the detection interval shrink to (in time)?
See possible answers