Tag Archives: security

Security Outside the Database

Posted on April 26, 2012 by way0utwest

It’s 2012. We’ve known about SQL Injection for years, we’ve known about the issues with high privilege admin accounts for decades, and poor configuration has been an issue ever since we first started networking two computing devices together. Yet these … Continue reading

Posted in Editorial | Tagged | Comments Off on Security Outside the Database

Creating a Symmetric Key in SQL Server

Posted on April 25, 2012 by way0utwest

Symmetric keys in SQL Server are recommended for encrypting data in columns. They are a good balance of security and resource usage, much better than asymmetric keys. Creating a symmetric key is fairly simple, using DDL that’s easy to understand. … Continue reading

Posted in Blog | Tagged , , , | 1 Comment

SQL Injection Tools

Posted on April 18, 2012 by way0utwest

I wouldn’t recommend you use any of the tools in this article for attacking anyone, but they could help you to understand the vulnerabilities in your own application. The tools cover a variety of possible ways that injection attacks can … Continue reading

Posted in Blog | Tagged , , | 1 Comment

Creating a User without a Login – Contained Databases

Posted on April 16, 2012 by way0utwest

In SQL Server 2012, we have a new feature: partially contained databases. In a previous post, I showed how to enable this, and this post will look at one of the advantages of contained databases: users without logins. Contained Users … Continue reading

Posted in Blog | Tagged , , , | 1 Comment