Skip to content
Home » Security

Security

SQL Vulnerability Assessment Tool Reference List – Updated!

Way back at January 16, 2020, I published a blog post containing a reference list for the many rules checked by the SQL Vulnerability Assessment Tool. The next month, I created a separate, dedicated page for the reference list so that it’d be easier to find and maintain. Today I learned that a few months later, around the beginning of May, Microsoft themselves have also published such a reference list on the Microsoft Docs page.

Read More »SQL Vulnerability Assessment Tool Reference List – Updated!

Overriding the Authentication in SSRS for External Access

In this post, I hope to summarize the various methods that we have, in order to get rid of that annoying authentication prompt. Each method has its own advantages and disadvantages in terms of complexity of implementation, versatility, and the level of security that it provides. More specifically: the more secure and versatile a method is – the more complicated it is to implement.

Read More »Overriding the Authentication in SSRS for External Access

How to Protect SQL Server from Hackers and Penetration Tests

On June 3rd, the InfosecMatter blog published a post titled “Top #10 Vulnerabilities: Internal Infrastructure Pentest“. This blog post detailed the top most common vulnerabilities in Windows servers and networks found during more than 60 internal infrastructure penetration tests around the world. After reading this article, I was prompted to actively look for similar resources on SQL Server penetration testing, and I got some interesting findings. Check out my blog post at the Madeira Data Solutions website for the details.

Read More »How to Protect SQL Server from Hackers and Penetration Tests

Webinar: Advanced Dynamic Search Queries and How to Protect Them

First of all, I must apologize for the long hiatus since my last published content.
I’ve been busy working on a lot of very different stuff, and unfortunately this delayed me from actually completing any one particular thing.

One thing that I did complete, though, was preparing and submitting a webinar for the PASS Global Hebrew Virtual Group.

The webinar is called “Advanced Dynamic Search Queries and How to Protect Them”, and I will be presenting it on Tuesday, April 30th 2019, 13:00 UTC (15:00 Israel Time).