sql

Too Many Plans for the Same Query Hash

In today’s post, I’ll be providing a useful script to detect and troubleshoot when the query plan cache contains too many different plans for the same query hash, which could happen as a result of possible parameterization issues.

SQL Vulnerability Assessment Tool Reference List – Updated!

2020-11-11
Microsoft Azure, SQL Server Database Engine, Tools and Scripts
1 Comment

Way back at January 16, 2020, I published a blog post containing a reference list for the many rules checked by the SQL Vulnerability Assessment Tool. The next month, I created a separate, dedicated page for the reference list so that it’d be easier to find and maintain. Today I learned that a few months later, around the beginning of May, Microsoft themselves have also published such a reference list on the Microsoft Docs page.

How to Protect SQL Server from Hackers and Penetration Tests

2020-07-28
SQL Server Database Development

On June 3rd, the InfosecMatter blog published a post titled “Top #10 Vulnerabilities: Internal Infrastructure Pentest“. This blog post detailed the top most common vulnerabilities in Windows servers and networks found during more than 60 internal infrastructure penetration tests around the world. After reading this article, I was prompted to actively look for similar resources on SQL Server penetration testing, and I got some interesting findings. Check out my blog post at the Madeira Data Solutions website for the details.

T-SQL Tuesday #128 – Learn from Others

2020-07-14
SQL Server Performance

This month’s #tsql2sday is hosted by the @AirborneGeek (t|b), who asks us to take a lesson from something frequently done by pilots – learning from accidents and mistakes done by others. As a long-time SQL Server Consultant DBA, I have learned from quite a lot of mistakes done (mostly) by others, seeing as a significant part of my job description is to come over and fix such mistakes. So, today I’ll use this opportunity to talk about one such interesting incident.

Is Azure SQL Analytics all you need for SQL Server Monitoring?

How well can you monitor Azure SQL Databases and Azure Managed Instances without any 3rd party tools? Is Azure SQL Analytics really good enough for the job? Can it be a decent competitor to powerhouses such as SentryOne, Red-Gate, Apex, Solarwinds and others? Can you use it as a cheap alternative in the cloud? Will I ever stop asking questions and get to the point already? Yes, of course I will! Just keep reading.

SQL Vulnerability Assessment Tool – Rules Reference List

I never managed to find an online reference page for the rules run by the SQL Vulnerability Assessment tool. So I figured “why not do it myself?”. Cool script attached!