SentryOne Team Blog (

Category : Security

Glenn Berry : Security Features in SQL Server 2017

Glenn Berry : Security Features in SQL Server 2017

Glenn Berry talks about a few of the security features in SQL Server 2017 and reminds us to always test and validate the performance impact.

SQL Server support for TLS 1.2 – Read This First!

SQL Server support for TLS 1.2 – Read This First!

UPDATE November 17th, 2018 – Microsoft has pulled several patches for older versions of SQL Server. If you need TLS 1.2 support and can't move to a formally supported version, your recourse is to contact Microsoft support.

Dynamic Data Masking : My Thoughts

Recently I have been exploring Dynamic Data Masking, looking at ways that it can be used and I thought I would share my thoughts with you.

Paul White : The Internals of WITH ENCRYPTION

Paul White (@SQL_Kiwi) discusses the internals of SQL Server's WITH ENCRYPTION clause, and explains why it is not as safe as you might think.

Slide Decks & Demos from SQLintersection

Aaron Bertrand (@AaronBertrand) shares his slides and demos from his two SQL Server 2016 sessions at SQLintersection in Orlando this week.

Security Nuggets : Encrypting SQL Server Connections

John Martin starts his security nuggets series, explaining why you should use encrypted connections for SQL Server if you take system security seriously.

Dynamic Data Masking and Row-Level Security Features in SQL Server

In addition to StretchDB and AlwaysEncrypted, there are two more exciting features in the works for SQL Server 2016: dynamic data masking and row-level security. In the case of these two features, they'll be released first to the cloud platform (Azure SQL Database) and, later, to the on-premises version of SQL Server. READ MORE… Originally […]

Stronger Security Via Always Encrypted in SQL Server 2016

Prior to SQL Server 2016, your main method for encrypting a SQL Server application was to use a feature called Transparent Data Encryption. TDE provides strong encryption, but with some shortcomings. First, you have to encrypt an entire database. No granularity is offered at a lower level, such as encrypting specific tables or certain data […]

T-SQL Tuesday #69 : Always Encrypted Limitations

For this month's T-SQL Tuesday, Aaron Bertrand (@AaronBertrand) talks about a few of the limitations of a new SQL Server 2016 feature, Always Encrypted.

New Vulnerability Affecting SQL Server 2008, 2008 R2, 2012, and 2014

There is a fix to address a remote code execution vulnerability for all supported SQL Server versions. @AaronBertrand shows which build you should install.

Please help me fix a big security loophole

Aaron Bertrand (@AaronBertrand) tries to raise awareness of a significant security issue when creating or altering logins using a password hash. Please vote!

Bad habits : Giving out the sa password

Contributing to T-SQL Tuesday #58, Aaron Bertrand (@AaronBertrand) discusses a few of the reasons people give out the sa password, and what you should do in those cases instead.