Introducing SQL Information Protection for Azure SQL Database and on-premises SQL Server!

We are delighted to announce the public preview of SQL Information Protection (Data Discovery & Classification), introducing advanced capabilities built into Azure SQL Database for discovering, classifying, labeling & protecting the sensitive data in your databases. Similar capabilities are also being introduced for on-premises SQL Server via SQL Server Management Studio. Discovering and classifying your most… Read more

Azure Log Analytics (OMS) Agent now collects SQL Server audit logs

We are happy to inform that the Azure Log Analytics (OMS) Agent is now capable of pushing SQL Server audit logs into Azure Log Analytics (OMS), supporting SQL Server both on-premises, as well as on Azure VMs. The Azure Log Analytics (OMS) platform can now be used as a centralized data store for all your… Read more

SQL Vulnerability Assessment now available for SQL Server 2012 and up

SQL Vulnerability Assessment has been available for preview on Azure SQL Database for a couple of months, and has now been released on SSMS 17.4, supporting scanning of SQL Server 2012 and up. Whether on-premises or on a VM! SQL Vulnerability Assessment SQL Vulnerability Assessment (VA) is your one-stop-shop to discover, track and remediate potential… Read more

Enabling Confidential Computing with Always Encrypted using Enclaves (Early Access Preview)

Last week at Ignite, we announced a major SQL security investment that enhances Always Encrypted with secure enclave technologies to enable: Rich computations on encrypted columns, including pattern matching, range comparisons, and sorting, which unlocks Always Encrypted to a broad range applications and scenarios that require such computations to be performed inside the database system…. Read more

Enabling communication traces in C# application for Azure AD authentication with SQL DB using token-based mechanism with Multi-factor authentication (MFA)

SQL server security team presents a code sample ( as VS project) allowing to enable communication traces for ADAL managed library used to support Universal Authentication with MFA for SQL DB ( see also Azure AD authentication extensions for Azure SQL DB and SQL DW tools). The ADAL traces help to troubleshoot communication issues related… Read more

Token-based authentication including Multi-factor auth (MFA) for Azure SQL DB using Azure Active Directory (AD)

SQL server security team presents an application solution for token-based authentication with multi-factor (MFA) support for SQL DB using Azure AD auth. The zip file attached below with the codes sample and a Readme doc present more details on this topic. For additional information see also Azure AD authentication extensions for Azure SQL DB and SQL DW tools. For further… Read more

Now Available: Guide for enhancing privacy and addressing GDPR requirements with the Microsoft SQL platform

Data privacy and data security have become one of the most prominent topics in organizations in almost every industry across the globe. New regulations are emerging that formalize requirements around these topics, and compel organizations to comply. The upcoming EU Global Data Protection Regulation (GDPR) is one of the most noteworthy of these new regulations…. Read more

Threat Detection in Azure SQL Database is now Generally Available

We are excited to announce that Threat Detection is now Generally Available in Azure SQL Database. Threat Detection detects anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. Threat Detection leverages machine learning to provide an additional layer of security built into the SQL Database service, enabling SQL Database customers to… Read more

Newly created Azure SQL databases will be encrypted at rest by default

Earlier today, we announced that all new Azure SQL databases will be encrypted with Transparent Data Encryption (TDE) by default, to make it easier for everyone to benefit from encryption at rest. The change in default will happen gradually by region. Visit the Azure Service Updates blog to learn more about this recent update…. Read more

Certificate-based authentication for Azure SQL DB using Azure Active Directory with recent Azure RM PowerShell version

This is a new version of the previous blog on Token-based authentication (see https://blogs.msdn.microsoft.com/sqlsecurity/2016/02/09/token-based-authentication-support-for-azure-sql-db-using-azure-ad-auth/ ) updated to accommodate recent Azure RM PowerShell version. The certificate-based authentication allows to use a local certificate that can be registered with Azure AD to serve as an authentication mechanism to connect to Azure SQL DB without using user/password or… Read more