Vulnerability Assessment using SQL Server Management Studio

As part of SQL Server Management Studio v 17.4 release, Microsoft has released the Vulnerability Assessment tool, This is a very easy to use tool and helpful in identify the vulnerabilities at database level and tool also provides scripts and suggestions to re-mediate the vulnerabilities as well

In this article, we will see step by step how to run a vulnerability assessment, review the results and apply the remediation

Step 1: Please download and install SQL Server Management Studio v 17.4 or higher, Please refer to this link for details on download

Step 2: After installing, Please run Management Studio and connect to target SQL Server on which you would like to run the assessment and select the database and right click on database name and click on Tasks and click on Vulnerability Assessment –> Scan for Vulnerabilities…


Step 3: Please select the location where you would like to store the reports and click “Ok” to start the assessment


Step 4: After assessment is completed, the report will be open as a new tab, The report will provide us the following details

a. How many security checks were completed ?

b. Number of Failed Checks and details

c. Number of Passed Checks and details


Step 5: To review details of each failed check, Please select the failed check and see details on the bottom




Depending on the check, the tool provides query to run the Rule and also script to remediate the issues as well


After running the remediation scripts, we can re-run the assessment and verify the results, in below screenshot you can see that the High Risk vulnerability is resolved and also one of the Low risk vulnerability is resolved


Step 6: If some of the checks are not applicable, Please use “Approve as Baseline” option


If you want to revert the change, you can re-run the scan and go to Passed tab and select the check and “Clear Baseline

Step 7: To review previously run assessment results, Please select the database and right click and click on Tasks –> Vulnerability Assessment –> Open Existing Scan and select the folder and file where the scan was saved


I hope you find this article useful !!!


Author: Arunraj

I am a Microsoft Certified Technology Specialist (Database Developer). I work on SQL Server programming since SQL Server 7.0 specializes in SQL Server Programming and Performance Tuning and has 14 years of hands-on experience. I hold a Master Degree in Computer Applications. I am also part of NJSQL User Group and Northern New Jersey .Net User Group.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: