Monday , January 30 2023

SQL Server Security

In this article, I will explain how to use and perform SQL Server security testing.

Data is very important to everyone, but how safe is our SQL Server, where we host our data? Security is a critical area for any database environment.

Database security measures help an organization protect its data to maintain its confidentiality and integrity.

Security tests should be performed regularly to ensure that all security policies are properly configured to protect systems.

It helps us discover and fix potential database vulnerabilities with SQL Server Vulnerability Assessment(VA).

With this tool, you can identify all database-based security vulnerabilities and take the necessary precautions in advance by doing pinpoint work.

So how can you run this tool? On the database you want to scan, you need to select Tasks –> Vulnerability Assesment –> Scan For Vulnerabilies.. as in the image below.

After selecting this action, it will ask you to choose a file directory to save the scan result.

In the image below, I choose the G:\BACKUP directory.

In a few minutes, you will be given information about your security weakness at the SQL Server database level on a screen about the scan results.

The information here is provided to you through Microsoft Defender. You can also use the Microsoft Defender service for Azure SQL and Azure SQL Managed Instance.

Microsoft Defender for SQL is a service developed for uncovering and mitigating potential database vulnerabilities, detecting a threat and abnormal activity against your database.

The image below shows a sample report generated for the database you are running the tool on.

Below are the main points you need to focus on to understand this report.

You can see your vulnerability assessment with a dashboard showing the number of Failed or Successful rules.

In our example, we can see that 6 rules failed, 29 rules passed.

Controls that fail are further classified under the High, Medium, and Low risk categories. It will help you determine the severity of the risk.

If you want, you can get the report as Excel and examine it.

In the image above, you can see the 6 alerts we failed. You can go inside each of them and see what they can do to solve it.

We have seen how important it is for the database administrator and the institution to implement the necessary solutions by focusing on the ones you failed.

If we get into one of the items that I failed, you can see the steps about why and how to solve it as follows.

We can see the details of the subject title as in the image below.

One of the most beautiful parts is that the output of how we can solve the vulnerability is included in this detail.

After applying the solutions you deem necessary in the report, you can either ignore the vulnerability notifications or mark that you approve the solution by selecting the “Approve as Baseline” or “Clear Baseline” options on the top left of the detail window.

Thus, it will not appear in the next scan.

As a result, it is a recommended way of working to take this vulnerability report in certain periods and make the necessary analyzes and apply it.

Because for the security of your data, Security tests are an important part of our security policies.

You should also consider that this vulnerability scan is applicable to all databases of your SQL Server.

About Çağlar Özenç

Leave a Reply

Your email address will not be published. Required fields are marked *