Please start any new threads on our new site at https://forums.sqlteam.com. We've got lots of great SQL Server experts to answer whatever question you can come up with.

 All Forums
 SQL Server 2012 Forums
 SQL Server Administration (2012)
 How Secure Are My Databases?

Author  Topic 

jbates99
Constraint Violating Yak Guru

396 Posts

Posted - 2014-12-05 : 22:26:49
Are there any built-in tools in 2012 Enterprise that can be used to detect security holes or servers that are subject to SQL injection?
Thanks for any suggestions.

jackv
Master Smack Fu Yak Hacker

2179 Posts

Posted - 2015-01-02 : 05:12:54
Definately, sql server 2012 comes with a more locked down variation than earlier version. I think it's important to go through some hardening process before the database server goes into Production. Therefore implementing a Security checklist or risk analysis has good results - http://www.sqlserver-dba.com/2012/09/sql-server-security-risk-analysis-and-database-security.html

One way SQL Injection Attacks occur is via identifying security gaps in the IS_GRANTABLE status , read more here
http://www.sqlserver-dba.com/2014/11/how-to-manage-the-is_grantable-security-risk.html

Jack Vamvas
--------------------
http://www.sqlserver-dba.com
Go to Top of Page

jbates99
Constraint Violating Yak Guru

396 Posts

Posted - 2015-01-12 : 23:36:02
Thank you, jacky.
Go to Top of Page
   

- Advertisement -