Vulnerability Assessment using SQL Server Management Studio


As part of SQL Server Management Studio v 17.4 release, Microsoft has released the Vulnerability Assessment tool, This is a very easy to use tool and helpful in identify the vulnerabilities at database level and tool also provides scripts and suggestions to re-mediate the vulnerabilities as well

In this article, we will see step by step how to run a vulnerability assessment, review the results and apply the remediation

Step 1: Please download and install SQL Server Management Studio v 17.4 or higher, Please refer to this link for details on download https://sqlxpertise.com/2017/12/11/sql-server-management-studio-v-17-4-is-released/

Step 2: After installing, Please run Management Studio and connect to target SQL Server on which you would like to run the assessment and select the database and right click on database name and click on Tasks and click on Vulnerability Assessment –> Scan for Vulnerabilities…

capture20180409120215159

Step 3: Please select the location where you would like to store the reports and click “Ok” to start the assessment

capture20180409120305266

Step 4: After assessment is completed, the report will be open as a new tab, The report will provide us the following details

a. How many security checks were completed ?

b. Number of Failed Checks and details

c. Number of Passed Checks and details

capture20180409120607579

Step 5: To review details of each failed check, Please select the failed check and see details on the bottom

capture20180409120633813

capture20180409120703593

capture20180409120716207

Depending on the check, the tool provides query to run the Rule and also script to remediate the issues as well

capture20180409120941664

After running the remediation scripts, we can re-run the assessment and verify the results, in below screenshot you can see that the High Risk vulnerability is resolved and also one of the Low risk vulnerability is resolved

capture20180409123120495

Step 6: If some of the checks are not applicable, Please use “Approve as Baseline” option

capture20180409123759719

If you want to revert the change, you can re-run the scan and go to Passed tab and select the check and “Clear Baseline

Step 7: To review previously run assessment results, Please select the database and right click and click on Tasks –> Vulnerability Assessment –> Open Existing Scan and select the folder and file where the scan was saved

capture20180409120815476

I hope you find this article useful !!!

Advertisement

Author: Arunraj

I am a Microsoft Certified Technology Specialist (Database Developer). I work on SQL Server programming since SQL Server 7.0 specializes in SQL Server Programming and Performance Tuning and has 14 years of hands-on experience. I hold a Master Degree in Computer Applications. I am also part of NJSQL User Group and Northern New Jersey .Net User Group.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: