SQL SERVER – SQL Vulnerability Assessment – Security Analysis

Microsoft has recently announced a very interesting feature for security of your SQL Server. I really loved this new feature – SQL Vulnerability Assessment. Unlike most of the other V1 features which MS releases, this time I really liked this particular feature. This feature not only provides the assessments, but also the solutions.

SQL SERVER - SQL Vulnerability Assessment - Security Analysis sqlvulnerability5-800x277

This feature works with SQL Server 2012 and later version of SQL Server. Additionally, this is only possible for SSMS version 17.4 and later version. This feature is absolutely FREE and available

This feature can help users to understand their any issues persisting in their SQL Server environment. I am SQL Server Performance Tuning expert, but quite often user asks me questions related to Security and I am very confident that tools like this one will help users to understand what exactly is wrong with their security and how they can improve them.

Let us see with the help of images, how we can run the SQL Vulnerability Assessment report.

Right click on your Database >> Go to Tasks >> Click on Vulnerability Assessment >> Click on Scan For Vulnerabilities…

SQL SERVER - SQL Vulnerability Assessment - Security Analysis sqlvulnerability1

It will bring up following image, where you can specify where exactly you want to save your Vulnerability Report. You can later on open the same report by going to select Open Existing Scan option in the Vulnerability Assessment menu.

SQL SERVER - SQL Vulnerability Assessment - Security Analysis sqlvulnerability2

The report will look very similar to report displayed in the image below. The part which I really love about this report is the Risk categorization. They have three different categories a) High Risk, b) Medium Risk and c) Low Risk.

SQL SERVER - SQL Vulnerability Assessment - Security Analysis sqlvulnerability3

Once you see the list of the Security Check failed, you can further click on them and it also lists the query which runs under the hood for check as well as the query to fix the security vulnerability.

SQL SERVER - SQL Vulnerability Assessment - Security Analysis sqlvulnerability4

I am extremely impressed with this tool. I want to congratulate the MS developer for this amazing feature in SSMS.

Though, I have said it on the top of the blog post, I would like to repeat it again that SQL Vulnerability Assessment feature only works for SQL Server 2012 and SSMS version 17.4. You can get the latest version of SQL Server by clicking on this link.

Reference : Pinal Dave (https://blog.sqlauthority.com)

, SQL Server, SQL Server Management Studio, SQL Server Security, SSMS
Previous Post
SQL SERVER – How to Restart SQL Azure Database?
Next Post
SQL SERVER – Slow Filestream Data Cleanup. What Should We Do?

Related Posts

3 Comments. Leave new

  • Hi Dave, it’s possible export this report? I see that from SSMS export only in json format…

  • Is there a detailed downloadable list for everything that can be detected?

  • Randy Moodispaugh
    August 31, 2020 2:54 am

    Is there a list of all VA findings that are possible that has definitions and how to fix them notes?


Leave a Reply