News

Microsoft Rolls Out Test Security Service for SQL Azure

Microsoft this month described a test service designed to help SQL Azure users monitor the security of their databases housed in Microsoft's cloud.

Code-named "SQL Azure Security Services," it's offered as a free trial app through the SQL Azure Labs portal here. Users need to have a SQL Azure account to test it, but Microsoft offers a no-cost trial of Windows Azure (including SQL Azure) for 90 days. It's not clear when the service became available publicly.

SQL Azure Security Services runs as a Web application and lets users check for vulnerabilities in their databases. The service can test one database or all in an account. A Microsoft blog post describes the service as "an early prototype for solving the problem of securing your data in the cloud: no matter where it is, whatever the capacity and scale."

SQL Azure Labs releases are not fully tested by Microsoft and are more at the "cutting edge" level, according to Microsoft's description.

Microsoft plans to expand this service if it gets enough feedback on its use, according to a TechNet wiki post by Ramkumar Krishnan, who says he works at Microsoft. Krishnan outlined steps on how to use the service.

The scan will detect malware, security vulnerabilities and other potential issues in SQL Azure databases right now, but other capabilities may be added later.

"Depending on your enthusiasm for such a service and your valuable feedback, more advanced features like sensitive data discovery, data masking, configuration drift, SQL injection detection, and other functionality layered on core SQL Azure platform will be added to the service," Krishnan stated. "So your feedback is absolutely important!"

The service uses a two-tab directory, with one side listing any "security issues," while the other side catalogs potential "attack surface" problems. When a database has been attacked, the type of attack is identified, such as "SQL injection." The service may also question potential design problems, such as overly restricted access rights.

The service may offer a "recommended mitigation" from Microsoft if a problem is detected. The mitigation appears in text form as advice.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.

Featured

  • Office 365 Attack Simulator Now Supports Attachments

    The Attack Simulator in Office 365 tool has been updated and now has the ability to include message attachments in targeted campaigns, according to a Friday Microsoft announcement.

  • How To Disable Touch Input in Windows 10

    When the touchscreen on your Windows 10 laptop goes bad, there's no reason to throw that baby out with the bath water.

  • Microsoft Previews Windows VM Authentications via Azure Active Directory

    Microsoft on Thursday announced a preview of remote authentications into Windows-based Azure virtual machines (VMs) using Azure AD credentials.

  • Windows Server 20H1 Getting Smaller Containers and Faster PowerShell

    Microsoft is promising to deliver a smaller container size and improved PowerShell performance with its next release of Windows Server.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.