News

Microsoft Rolls Out SQL Advanced Threat Protection

Microsoft this week announced SQL Advanced Threat Protection (ATP), which is described as "a new security package" for Azure SQL Database users.

SQL ATP is kind of like another brand in Microsoft's sprawling ATP product line, pinning together some existing security services. It's accessed through the Azure Portal or the Azure Security Center and has three main capabilities, namely "Data Discovery and Classification," "Threat Detection" and "Vulnerability Assessment." The latter two capabilities are production-ready today, with Vulnerability Assessment having reached "general availability" status this week. The Data Discovery and Classification segment of SQL ATP, though, is still at the preview stage.

Microsoft charges for using SQL ATP, although there's a 60-day free trial. Pricing for SQL ATP seemed to be unlisted at press time. However, this Microsoft overview article suggested that the costs are similar to Azure Security Center pricing.

"ATP pricing aligns with Azure Security Center standard tier at $15/node/month, where each protected SQL Database server is counted as one node," the article stated.

It also appears that some of the three SQL ATP capabilities, which are built into the Azure SQL Database service, can be used by organizations running SQL Server "on-premises" (that is, on their own infrastructure and not using Azure services). The capabilities are available through SQL Server Management Studio (SSMS). For instance, Microsoft's announcement explained that "VA [Vulnerability Assessment] is available for Azure SQL Database customers as well as for on-premises SQL Server customers via SSMS."

Microsoft is touting the Vulnerability Assessment segment of SQL ATP as being a useful means for meeting compliance standards, including the European Union's General Data Protection Regulation (GDPR) privacy stipulations, which will become enforceable law on May 25. Vulnerability Assessment is based on Microsoft best practices and will run a scan for "misconfigurations, excessive permissions and unprotected sensitive data," per Microsoft's documentation. Users get a report plus "actionable steps to resolve each issue," along with "customized remediation scripts where applicable."

Threat Detection performs continuous monitoring of databases. It provides users with alerts about "suspicious database activities, potential vulnerabilities, and SQL injection attacks, as well as anomalous database access patterns," according to Microsoft's documentation. It also provides recommended actions to take.

The Data Discovery and Classification segment provides a means for scanning and identifying sensitive data within databases. Microsoft also touts it as being useful for staying compliant with the GDPR. Users can add metadata labels to classify the data. Details show up in a dashboard view.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.

Featured

  • Microsoft Adding Google G Suite Migration in Exchange Admin Center

    Microsoft's Exchange Admin Center will be getting the ability to move Google G Suite calendar, contacts and e-mail data over to the Office 365 service "in the coming weeks."

  • Qualcomm Back in Datacenter Fray with AI Chip

    The chip maker joins a crowded field of vendors that are designing silicon for processing AI inference workloads in the datacenter.

  • Microsoft To Ship Surface Hub 2S Conference Device in June

    Microsoft on Wednesday announced a June U.S. ship date for one of its Surface Hub 2S conferencing room products, plus a couple of other product milestones.

  • Kaspersky Lab Nabs Another Windows Zero-Day

    Kaspersky Lab this week described more about a zero-day Windows vulnerability (CVE-2019-0859) that its researchers recently discovered, and how PowerShell was used by the exploit.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.