SQL Vulnerability Assessment now supports Azure SQL Data Warehouse and Azure SQL Database Managed Instance

SQL Vulnerability Assessment is now available for Azure SQL Data Warehouse and for Azure SQL Database Managed Instance. The assessment functionality and experience are similar to that of SQL Vulnerability Assessment for Azure SQL Database, while exposing vulnerabilities and security best practices covering the surface area of each particular service. SQL Vulnerability Assessment is an… Read more

Always Encrypted with Secure Enclaves – Try It Now in SQL Server 2019 Preview!

Last year, we revealed our efforts to bring confidential computing capabilities of Always Encrypted to the next level, by leveraging secure enclave technologies. Over the last twelve months, the SQL team, alongside Microsoft Research, Windows and Developer Tools groups, have worked together to make the SQL Server platform the first commercial RDBMS that can protect… Read more

SQL Audit logs in Azure Log Analytics and Azure Event Hubs

We are pleased to announce that Azure SQL Database Audit logs can now be written directly to Azure Log Analytics or Azure Event Hubs. This ability, now available in public preview, provides SQL Database Auditing customers with an easy way to centrally manage all of their log data, along with a rich set of tools… Read more

Azure SQL Vulnerability Assessment – now with PowerShell support!

You can now manage your SQL Vulnerability Assessments at scale using the new SQL VA PowerShell cmdlets. The cmdlets can be found in the Azure Resource Manager module, AzureRM 6.6.0, within the AzureRM.Sql package. Take a look at the AzureRM PowerShell Gallery for more details. Managing Vulnerability Assessment with cmdlets SQL Vulnerability Assessment (VA) is… Read more

PowerShell cmdlets for managing SQL Vulnerability Assessments

We are pleased to announce the availability of PowerShell cmdlets for managing SQL Vulnerability Assessments for your SQL Servers. The cmdlets can be used to run assessments programmatically, export the results and manage baselines. They enable the scenario of running assessments and managing baselines across multiple databases in your environment. To get started, download the… Read more

Introducing SQL Information Protection for Azure SQL Database and on-premises SQL Server!

We are delighted to announce the public preview of SQL Information Protection (Data Discovery & Classification), introducing advanced capabilities built into Azure SQL Database for discovering, classifying, labeling & protecting the sensitive data in your databases.¬†Similar capabilities are also being introduced for on-premises SQL Server via SQL Server Management Studio. Discovering and classifying your most… Read more

Azure Log Analytics (OMS) Agent now collects SQL Server audit logs

We are happy to inform that the Azure Log Analytics (OMS) Agent is now capable of pushing SQL Server audit logs into Azure Log Analytics (OMS), supporting SQL Server both on-premises, as well as on Azure VMs. The Azure Log Analytics (OMS) platform can now be used as a centralized data store for all your… Read more

SQL Vulnerability Assessment now available for SQL Server 2012 and up

SQL Vulnerability Assessment has been available for preview on Azure SQL Database for a couple of months, and has now been released on SSMS 17.4, supporting scanning of SQL Server 2012 and up. Whether on-premises or on a VM! SQL Vulnerability Assessment SQL Vulnerability Assessment (VA) is your one-stop-shop to discover, track and remediate potential… Read more

Enabling Confidential Computing with Always Encrypted using Enclaves (Early Access Preview)

Last week at Ignite, we announced a major SQL security investment that enhances Always Encrypted with secure enclave technologies to enable: Rich computations on encrypted columns, including pattern matching, range comparisons, and sorting, which unlocks Always Encrypted to a broad range applications and scenarios that require such computations to be performed inside the database system…. Read more

Enabling communication traces in C# application for Azure AD authentication with SQL DB using token-based mechanism with Multi-factor authentication (MFA)

SQL server security team presents a code sample ( as VS project) allowing to enable communication traces for ADAL managed library used to support Universal Authentication with MFA for SQL DB ( see also Azure AD authentication extensions for Azure SQL DB and SQL DW tools). The ADAL traces help to troubleshoot communication issues related… Read more