First published on MSDN on Sep 25, 2018
SQL Vulnerability Assessment is now available for Azure SQL Data Warehouse and for Azure SQL Database Managed Instance. The assessment functionality and experience are similar to that of
SQL Vulnerability Assessment for Azure SQL Database
, while exposing vulnerabilities and security best practices covering the surface area of each particular service.
SQL Vulnerability Assessment
is an easy-to-use service that you can use to continually monitor your database or data warehouse, ensuring they maintain a high level of security at all times and that your organizational policies are met. It provides a comprehensive security report along with actionable remediation steps for each issue found, making it easy to proactively manage your database security stature even if you are not a security expert.
Azure SQL Database Managed Instance
supports a very rich functionality set, similar to on-premises SQL Server, including the availability of many features that are not supported by Azure SQL Database. To address this, Vulnerability Assessment has a significantly larger and more extensive set of security checks to help you maintain a high level of security for your Managed Instance deployments.
Azure SQL Data Warehouse
is a fast, flexible and secure cloud data warehouse tuned for running complex queries fast and across petabytes of data. Vulnerability Assessment support enhances Azure SQL Data Warehouse security even further, and the assessment has been tuned to focus on elements important to Data Warehouse security.
SQL Vulnerability Assessment is part of
SQL Advanced Threat Protection (ATP)
. SQL ATP is a security package, providing a single go-to location for discovering, classifying and protecting sensitive data, managing your database vulnerabilities, and detecting anomalous activities that could indicate a threat to the database. The SQL ATP package is available already for SQL Managed Instance, and will soon be available as a package for SQL Data Warehouse as well.
To get started with Vulnerability Assessment on Azure SQL Database Managed Instance or Azure SQL Data Warehouse, all you need to do is a run a scan, which will scan your database system for vulnerabilities. The scan report will be automatically displayed in the Azure Portal, and the results include an overview of your security state, and details about each security issue found. For each issue, you can view details on the impact of the finding, and you will find actionable remediation information to directly resolve the issue.