T-SQL Tuesday #198–Change Detection

Posted on May 12, 2026 by way0utwest

This month we have a new host, Meagan Longoria, who graciously agreed to help me this month. I’ve known Meagan for a number of years and she’s been a person whom I’ve asked questions about data visualization and analysis in the past. I was slightly surprised by the topic this month, but only slightly. I’ll write my answer below, but if you want to try blogging and host a future month, let me know.

Change Detection

The topic this month is change detection, which is important for efficient ETL work, but also for other areas, such as auditing. I haven’t tended to work in high volume systems where we did a lot of ETL and needed to very efficiently detect changes. Most of the time I’ve had ETL pipelines they were busy, but not excessively so.

As a result, in the past, I’ve often used a roll-your-own approach in the SQL 6.5->2008 era. As I’ve worked on those systems, we’ve usually used a simple update or modified date in the table that tracked when something was altered. By knowing the last time a pipeline ran, we could gather all data from that point forward and extract it.

We used a similar approach to send a lot of emails from SQL Server Central years ago. That can work well, and as long as you track the last execution of your pipeline process, whatever that is, you minimize the data being transferred.

A Modern Approach

I ran into dbt a few years ago and did a one day class on how it works. It was interesting to me, and I could see the appeal. Recently I had a conversation with John Miner, who’s used it in his Fabric Modern Data Platform series. I would be very tempted to use dbt, in conjunction with a modified date as described above, to ETL data around today.

However.

I have been seeing that Change Data Capture (CDC) is being used by lots of products these days. It’s behind the Fabric mirroring, Oracle has used it for years, when you look to move data into Databricks, CDC is common, it seems like it’s everywhere. 

If I were going to be regularly moving data in 2026, CDC seems like something I’d experiment with and test, since it’s a known technology that works across many platforms and there is a lot of knowledge out there on how it works. AI can certainly help with experiments, and with understanding the overhead on your system, because there is some overhead.

I haven’t looked at the new Change Event Streaming, though I’m always wary of anything that limits me to one cloud. The more generic CDC, with AI assisted configuration and maintenance, seems like a better approach.

Posted in Blog | Tagged , , | Leave a comment

Redgate and Rome

Posted on May 11, 2026 by way0utwest

I’m at the UK Redgate office today, meeting with senior leaders in all areas of the business. I was honored to be awarded a spot in our President’s Club. This is where the top performing sales people get to meet with leaders in the company and then head off for a few days of relaxation and excitement.

I’m here today and tomorrow and then off to Rome. We’re heading to tour the city, see the Vatican, and visit some great restaurants. I’m excited for the trip and I’ll have a few photos and thoughts next week, but I’m off this week.

Hopefully it’s a quiet one for you.

Posted in Blog | Tagged , , | Leave a comment

Republish: Other IDEs

Posted on May 11, 2026 by way0utwest

I was very lucky, and honored, this year to be picked as a part of the Redgate President’s Club. This is our sales award club, which primarily goes to reps, but sales engineers and others are picked. I was one of the wild cards, as I helped on a lot of deals last year, so today I’m in Cambridge meeting with product people and execs.

While I’m over there, you get to re-read Other IDEs. Leave a comment and let me know if things have changed since I first wrote that. Are you using another IDE?

Posted in Editorial | Tagged | 4 Comments

The New Wave of Security Threats

Posted on May 9, 2026 by way0utwest

We’ve had quite a few GDR patches for SQL Server released this year. If I glance at the Build Lists I maintain, I see Sept 2025, Nov 2025, Jan 2026, and Mar 2026 GDR patches. That seems rather frequent as the history of builds for recent versions has often seen them without any GDR, out-of-band patches. Just CU after CU every other month.

That pattern of rare security updates might be changing for lots of software, not just SQL Server. There was an article recently that noted AI tools might start exposing lots of bugs, including security holes, in software that has been around for years. Someone recently used AI found bugs in both PostgreSQL and MariaDB that have been around for years. They are patched, so if you run those platforms, make sure you patch things. The information is out there and someone is looking to take advantage of it.

Anthropic built a new model, Mythos, which has not been released publicly. It’s been given to a few customers who have used it in testing, and it seems that it might be more capable than expected at finding bugs. Hopefully, we will find out how good it is soon and lots of companies can use it to examine software. It’s certainly a danger as hackers and criminals might use it, but I believe that (responsible) information disclosure is better for everyone.

This is also a good reminder that you need to patch your systems. I certainly get wary about updating on day 1, but I do try to patch without too much of a lag. There are no shortage of zero-day attacks, but I also weigh the risk of instability from patches of questionable quality. Many vendors do a great job of patches and upgrades most of the time, but “many” and “most” aren’t “all”, so I prefer to let others test early. Someone has to apply the patches on day 1, but I don’t want it to be me.

Security is getting harder, it’s getting more burdensome, and it’s becoming more important. At the same time, lots of people are building better security with new tools, including AI. Just make sure you apply those patches to take advantage of their work.

Steve Jones

Posted in Editorial | Tagged , | Leave a comment