Despite the plentiful information in Books Online and on the official “SQL Server 2000 Security” document Microsoft offers online, setting up a truly secure SQL Server remains a difficult task. In ...

In my next several posts, I'd like to take a good look at SQL Server security. We'll primarily focus on SQL Server 2008 R2, which is the latest release. Many of the concepts I plan to discuss will ...

How to protect your database from SQL injection, data theft, rogue users, and well-meaning meddlers without tying your environment in knots Like so much of IT, database security requirements largely ...

Microsoft at its Tech Ed conference in San Diego on Tuesday will tout plans to add data encryption to its SQL Server database and seek federal government security certification for the platform as ...

Recently, my good friend and co-worker Aaron Bertrand and I were producing a video for the upcoming PASS Summit 2015 event. (Learn more about the international SQL ...

Sentrigo discovered a new security hole in SQL Server, but so far Microsoft isn't paying attention. Let me show you why they should Last week Sentrigo brought a security hole in SQL Server to my ...

I have worked with SQL Server for many years now, back to Sybase SQL Server days and there has always been confusion over Logins and Users. Even though they typically use the same name they are ...

If you've read the IT press at all these days, you know that SQL Injection (SI) attacks are very common and can be devastatingly effective. In fact, SI attacks-equally easy to execute against Oracle, ...

Microsoft is offering users on Windows Server 2008 and 2008 R2 and SQL Server 2008 and 2008 R2 a way to keep getting security updates for free after the official support period ends. Read also: Here's ...

A security flaw in Microsoft Corp.’s SQL Server 7.0 and SQL Server 2000 Gold databases can allow an attacker to take control of a targeted server, the company said in a security bulletin late Tuesday ...