Viewing 15 posts - 346 through 360 (of 515 total)
below86 (2/1/2016)
roger.plowman (2/1/2016)
"Instant fail.
You NEVER EVER EVER put a change into production without going through development/QA/approval/whatever.
NEVER.
Here is the reason I would NEVER EVER want to be on call for this...
February 1, 2016 at 3:48 pm
"Certainly hot fixes need to occur, and there are times that you can't wait for a set of changes to be made in development, tested, approved, and then deployed to...
February 1, 2016 at 12:04 pm
I love the idea of forcing the C-level to actually become acquainted with security. Then again, given the PHB factor I suppose I should be careful what I ask for...
On...
January 29, 2016 at 6:33 am
TomThomson (1/21/2016)
roger.plowman (1/19/2016)
SQL (in most of its variants) makes it stupidly easy to SQL inject. We can control our own code, but what about a third...
January 22, 2016 at 6:14 am
Which is my entire point.
SQL (in most of its variants) makes it stupidly easy to SQL inject. We can control our own code, but what about a third party product?...
January 19, 2016 at 6:37 am
100 hours? You're off by an order of magnitude.
Assuming you spend a full year working @ 40 hours/week that's 2,080 hours.
It takes *at least* two months (8 weeks or 320...
January 11, 2016 at 7:15 am
If it's just the thought of writing 30-40 SPs that gives you pause, you can always write a program that writes the code for you. I did this to create...
January 6, 2016 at 6:54 am
TomThomson (1/3/2016)
T-SQL is not the only dialect of SQL that is vulnerable to injection attacks if the application is...
January 4, 2016 at 6:49 am
I think I'm going to have to disagree with Steve about SQL injection attacks not being T/SQL's fault.
I mean, T/SQL allows SQL code to have concatenation of statements seperated by...
December 28, 2015 at 7:50 am
Ok, as a developer I'm gonna reveal a dirty little secret that NO ONE wants to admit.
Yes, there are best practices in security. Every developer knows (or should know!)...
December 24, 2015 at 9:41 am
GeorgeCopeland (12/21/2015)
Tom and Barry said something like, If you pick good you get all three--Yes this.
I disagree with them, you can only get two of the three, depending on the...
December 21, 2015 at 1:58 pm
barry.mcconnell (12/21/2015)
TomThomson (12/21/2015)
roger.plowman (12/21/2015)
Jeff Moden (12/21/2015)
roger.plowman (12/21/2015)
Good, fast, and cheap, pick any two...Always include "Good". Fast and cheap usually follow auto-magically.
I wish. Good and fast (delivered) isn't cheap, good...
December 21, 2015 at 12:13 pm
Jeff Moden (12/21/2015)
roger.plowman (12/21/2015)
Good, fast, and cheap, pick any two...Always include "Good". Fast and cheap usually follow auto-magically.
I wish. Good and fast (delivered) isn't cheap, good and cheap isn't...
December 21, 2015 at 9:55 am
TomThomson (12/19/2015)
jshahan (12/10/2015)
December 21, 2015 at 6:48 am
This happened to us. We were running SQL Server on a 16GB TS server (don't ask) and one day SQL Server just pegged the CPU. Impressive, considering this machine has...
December 17, 2015 at 8:09 am
Viewing 15 posts - 346 through 360 (of 515 total)