Published the final article in my 3-part series about the challenges of auditing access to data in Microsoft #SQLServer, #AzureSQL, and SQL #database in #Fabric: andreas-wolter.com/en/202510_da...
Shedding light on several tricky ways to evade auditing — were you aware of all of them❓

I was asked to review a vulnerability discovered in Auditing Classified Data in #SQLServer. It is a valid security risk, since it enables undetected data exfiltration by a low-privileged user.
For details and guidance, check out my post here: andreas-wolter.com/en/2509-sql-...

Published a more elegant and straightforward solution for auditing access to specific data in Microsoft #SQLServer and #AzureSQL, using Data Classification: andreas-wolter.com/en/202508_da...

Important Security fixes for #SQLServer 2016–2022: 5 CVE’s of type Elevation of Privilege Vulnerability. Ranging from #SQLInjection via system procedures to permission adjustments and easy to implement. Secure your systems: msrc.microsoft.com/update-guide...

Evading Data Access Auditing in Microsoft #SQLServer 🕵️
this article demonstrates data access that is not captured by common Audit definitions and how to ensure also indirect access to data is audited andreas-wolter.com/en/202508_ev...

Article: recommended minimum security audit definition for database systems, using Microsoft #SQLServer as example:
Audit every change to the system’s security configuration. andreas-wolter.com/en/202507_re...

Tomorrow: live Roundtable on a growing issue: database sprawl. It wreaks havoc on performance, security, and cost. We’ll talk openly about how to assess what’s running and take back control. If this has become a challenge in your organization, I hope you’ll join us. www.linkedin.com/events/manag...

What happens if you leave #SQLServer exposed to the internet? As you may have seen, that is exactly what I did for my PreCon at the #SQLSaturday New York City conference. Here I am sharing what happened:
10 hours of SQL Server under attack – takeaways
andreas-wolter.com/en/2505_sqls...

And the winner of the first hacking attempt on the #SQLSaturday NYC Performance Monitoring lab environment is: #Iran 👏 applause applause.. 😀
I am taking bets for the main event Friday!

Next Thursday, 4/17, at the NTSSUG user group meeting: how to approach #DataSecurity for #SQLServer and #AzureSQL from a strategic perspective, live at the Microsoft office in Irving, TX. Sign up for the free event here: www.meetup.com/north-texas-...

31 days left: #SQLServer Performance Monitoring at #SQLSaturday in New York City on May 9th!
Your chance to test your knowledge and analyze my server's workload live during the session! - using Extended Events or DMV queries from your own machine: www.eventbrite.com/e/practical-...

Are you interested in learning how to troubleshoot performance issues on your own, rather than relying on costly consultants like me? 😉
Join me and others for my PreCon on #SQLServer Performance Monitoring at #SQLSaturday in New York City on May 9th!
Sign-up here: www.eventbrite.com/e/practical-...

#SQLServer #security admins, attention: #Auditing is missing attempts to change permissions, leading to #repudiation and miss elevation attempts
Please upvote for bug-fix
andreas-wolter.com/en/2502-sql-...

The challenges for least privilege: When sysadmin is still required in Microsoft #SQLServer
a fresh update on the sysadmin requirements for SQL Server 2022 - and why CONTROL SERVER can be dangerously misleading. andreas-wolter.com/en/least-pri... #DataSecurity

New article out> Protecting database data at rest:
Comparing the different encryption methods SQL Server offers, regarding how well they protect data at rest, and why I don't push for #TDE everywhere.
andreas-wolter.com/en/protectin... #DataEncryption #DatSecurity

New article: #TLS 1.2 and trusted certificates to encrypt data in transit for all SQL Servers, including development environments andreas-wolter.com/en/tls-trust... #SQLServer #Encryption