News

Microsoft Rolls Out Test Security Service for SQL Azure

Microsoft this month described a test service designed to help SQL Azure users monitor the security of their databases housed in Microsoft's cloud.

Code-named "SQL Azure Security Services," it's offered as a free trial app through the SQL Azure Labs portal here. Users need to have a SQL Azure account to test it, but Microsoft offers a no-cost trial of Windows Azure (including SQL Azure) for 90 days. It's not clear when the service became available publicly.

SQL Azure Security Services runs as a Web application and lets users check for vulnerabilities in their databases. The service can test one database or all in an account. A Microsoft blog post describes the service as "an early prototype for solving the problem of securing your data in the cloud: no matter where it is, whatever the capacity and scale."

SQL Azure Labs releases are not fully tested by Microsoft and are more at the "cutting edge" level, according to Microsoft's description.

Microsoft plans to expand this service if it gets enough feedback on its use, according to a TechNet wiki post by Ramkumar Krishnan, who says he works at Microsoft. Krishnan outlined steps on how to use the service.

The scan will detect malware, security vulnerabilities and other potential issues in SQL Azure databases right now, but other capabilities may be added later.

"Depending on your enthusiasm for such a service and your valuable feedback, more advanced features like sensitive data discovery, data masking, configuration drift, SQL injection detection, and other functionality layered on core SQL Azure platform will be added to the service," Krishnan stated. "So your feedback is absolutely important!"

The service uses a two-tab directory, with one side listing any "security issues," while the other side catalogs potential "attack surface" problems. When a database has been attacked, the type of attack is identified, such as "SQL injection." The service may also question potential design problems, such as overly restricted access rights.

The service may offer a "recommended mitigation" from Microsoft if a problem is detected. The mitigation appears in text form as advice.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • Microsoft Starting To Roll Out New Excel Connected Data Types

    Microsoft on Thursday announced some Excel and Power BI enhancements that add "connected data types" on top of the standard strings and numbers options.

  • Windows 10 Users Getting New Process for Finding Optional Driver Updates

    Accessing Windows 10 drivers classified as "optional updates" will be more of a manual seek-and-install type of experience, starting on Nov. 5, 2020, Microsoft explained in a Wednesday announcement.

  • Microsoft Changes Privacy Platform Name to SmartNoise

    Microsoft Research has changed the name of its "differential privacy" platform from "WhiteNoise" to "SmartNoise," according to a Wednesday announcement.

  • Why Restarting a Failed SCVMM Job Might Be a Bad Idea

    Occasionally, restarting a failed System Center Virtual Machine Manager job can leave your virtualization infrastructure in an unknown state. Here's how to avoid that.

comments powered by Disqus