SQL Vulnerability Assessment Identifies Risks

• SQL Vulnerability Assessment analyzes SQL Server databases to identify common database security issues.
• The tool provides recommendations and code to help remediate issues.

SQL Vulnerability Assessment is a set of analysis features that scan SQL Server databases to identify common database security issues. The illustration shows a report from a vulnerability assessment of a database. Database vulnerability assessment and remediation can help organizations strengthen database security, meet data privacy and regulatory compliance requirements, and assist with auditing efforts.

The SQL Vulnerability Assessment tool identifies potential issues, such as misconfigurations, excessive permissions, and exposed sensitive data, and provides recommendations and SQL code to help administrators resolve the issues. It uses a knowledge base of rules and deviations derived from best practices and industry standards and maintained by Microsoft.

The assessment report shown here displays a list of failed security checks that includes the security issue, type of issue, and risk level (low to high). A detailed section (bottom) shows the potential impact of the security issue and includes remediation steps, in the form of SQL code. For most remediation steps, administrators can open a query window directly from the tool and apply the recommended fix. However, applying security changes should be conducted on test data, prior to applying the changes to production data.