Posts

Where is that Preemptive Wait coming from?

In this article I will bring together several techniques for troubleshooting a performance- and security-related “phenomenon” I recently noticed when doing some tests with Natively Compiled Stored Procedures.

Sarpedon Quality Lab presenting SQL Server 2016 In-Memory and Security Features in Arabia at SQL Gulf 3

مرحبا (“MARR-hah-bah”, Arabic: Hello) This year takes me to yet another part of the world: I have been invited to speak at THE SQL Server Conference in the Middle East: at SQL Gulf 3 taking place in Riyadh, Saudi Arabia on April 23rd.

Sessions submitted for major conferences 2016. Topics: Security – Performance – In-Memory

After the great success of the German SQLKonferenz in February, where I had the honor of presenting the new security features of SQL Server 2016 together with Joachim Hammer, the Program Manager of the security teams of the relational SQL Engines at Microsoft in Redmond (more info), I finally found time to go about the […]

SQLKonferenz in Darmstadt: Presenting the Security Features of SQL Server 2016 with the program manager of the security-teams from Redmond

This year, from 23 to 25 February, the 3rd ”SQLKonferenz” takes place in Darmstadt. And this year represents a particular peak for me in two regards: For one, my company, Sarpedon Quality Lab®, is for the first time Silver Sponsor of the conference. In this way, I am supporting PASS Deutschland e.V., the German SQL […]

Security-Fixes for SQL Server and why Security Best Practices Matter

With 14 July 2015, quite precisely one year after the first security bugs in 5 years had to be fixed, we have been given a new reason to test one’s security patching policy. – Provided that you have such a policy for SQL Server.

SQL Server 2016 – the Security & Performance Release

The news broke in early May: That’s when Satya Nadella presented SQL Server 2016 at the Microsoft Ignite-Conference in Chicago. I can already say that SQL Server 2016 will be one of the most exciting releases in recent years. And that’s because this time it’s clearly focused on security. Next to performance features, security features […]

Performance/ Management Data Warehouse Data Collector & AlwaysOn Availability Groups

This time, we are dealing with the „MDW“, short for Management Data Warehouse,( http://msdn.microsoft.com/en-us/library/bb677306.aspx), which I like to recommend as a minimal performance logging-approach. From time to time, and most recently in the context of my PASS Essential „SQL Server Analysis tools & Techniques for Performance und general Monitoring“, the question arises as to whether […]

SQL Server Database Ownership: survey results & recommendations

You may remember the survey on database ownership which I launched several months ago. In the following, I am now presenting the results and giving my official recommendation for a best practice for security in terms of database ownership. First, if you still need the script:

New Permissions in SQL Server 2014: IMPERSONATE ANY LOGIN, SELECT ALL USER SECURABLES, CONNECT ANY DATABASE and the old CONTROL SERVER

SQL Server 2014 brings altogether 5 new permissions. Two of those are on database level and only available in the Windows Azure SQL Database Edition – not in the box-version.

DISABLE and DENY LOGIN, DENY USER & Effect on Impersonation and Permissions

A short article on the effects – or missing effects – regarding the disabling & denying connect of Logins & Users on impersonation and permission. Every once in a while one can observe that Logins or Users have been denied the Connect permission or a Login has been disabled. Therefore a correct expectation and understanding […]