Press "Enter" to skip to content

Category: Security

Tokenization in SQL Server

Published 2025-09-29 by Kevin Feasel

Sebastiao Pereira demonstrates a combination of encryption and redirection to store sensitive data:

As privacy regulations tighten like General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standards (PCI DSS) organizations and more, there is an increased focus to protect sensitive information within databases. Tokenization is an option to adhere to those regulations. Let’s see how to implement SQL tokenization in SQL Server.

This is a reasonably clever solution, though if you need to search on any of the tokenized (i.e., encrypted and moved to a separate table) values, performance would be miserable. Even displaying the results for a moderately sized result set would run into serious performance issues. I suppose that if you, for some regulatory reason, need to keep these tokens stored elsewhere from the data, then you manage expectations the best you can.

Leave a Comment

Viewing Security Settings in OneLake Catalog

Published 2025-09-26 by Kevin Feasel

Aaron Merrill announces a new preview feature:

Introducing the Secure tab in the OneLake catalog—your central place to understand and manage access across Fabric items. From a single view, you can workspace roles with the View users experience and inspect or modify role OneLake security roles with View security roles. The Secure tab brings a streamlined view for governance teams and workspace owners to quickly validate permissions and tighten least‑privilege access.

Click through to see how it looks.

Leave a Comment

SQL Firewall in Oracle

Published 2025-09-19 by Kevin Feasel

Brendan Tierney tries out the SQL Firewall feature in Oracle:

SQL Firewall allows you to implement a firewall within the database to control what commands are allowed to be run on the data. With SQL Firewall you can:

  • Monitor the SQL (and PL/SQL) activity to learn what the normal or typical SQL commands are being run on the data
  • Captures all commands and logs them
  • Manage a list of allowed commands, etc, using Policies
  • Block and log all commands that are not allowed. Some commands might be allowed to run

Read on to see how it works. It’s an interesting approach that can supplement traditional firewall and web application firewall systems.

Leave a Comment

Maintaining PostgreSQL without Superuser

Published 2025-09-15 by Kevin Feasel

Radim Marek doesn’t need special access:

How many people/services have superuser access to your PostgreSQL cluster(s)? Did you ever ask why your software engineers might need it? Or your BI team? Why those use cases require same privileges as someone who can drop your databases?

The answer isn’t because these operations are inherently dangerous – it’s because PostgreSQL historically offered limited options for operational access or simply because not enough people are aware of the options. So the common practice is to either got basic permissions or handover the keys to the kingdom.

Read on to see how pre-defined roles can help. These have recently come into the product, so read on to see how different versions of PostgreSQL have extended this functionality.

Leave a Comment

SQL Server Auditing Bug Allows Data Exfiltration without Logging

Published 2025-09-10 by Kevin Feasel

Andreas Wolter describes a bug in SQL Server’s auditing capabilities:

Last week, I was contacted by an IT Leader from Saudi-Arabia who previously found several CVE’s in Oracle and Microsoft SQL Server. He wanted my opinion on a newly discovered security issue in SQL Server Auditing.

Interestingly, his findings directly overlap with a topic I wrote about just last month: Using Data Classification to Audit Data Access.

Emad Al-Mousa identified two vulnerabilities in the SENSITIVE_BATCH_COMPLETED Audit Action Group. Microsoft Security Response Center (MSRC) acknowledged the issue but classified it as low priority – meaning it may not be addressed until a major release, if at all.

Read on to see what the issue is and how you can trigger it today. Andreas also includes a workaround that will work in the meantime.

Comments closed

Regaining Access to sa on SQL Server

Published 2025-09-03 by Kevin Feasel

Garry Bargsley has a method:

Have you ever inherited a SQL Server instance or been called in to troubleshoot, only to discover that no one has SysAdmin access? It happens more often than you’d think. Clients reach out, needing urgent work done, but the SA password is long forgotten, and no other account has elevated permissions.

Unfortunately, SQL Server doesn’t offer a “reset on next login” option for SQL-authenticated accounts. So what can you do?

Read on for one technique. I also covered a similar method from Tim Radney, so you can see the ‘raw’ way (Tim) or the dbatools way (Garry).

Comments closed

SQL Injection Vulnerabilities Fixed in SQL Server

Published 2025-08-29 by Kevin Feasel

Vlad Drumea tests out a pair of fixes:

In this post I demo two PoCs for SQL injection vulnerabilities fixed in SQL Server 2025 CU20 GDR KB5063814.

This August’s Patch Tuesday came with a security patch for SQL Server 2022, 2019, 2017, and 2016.

The number of SQL injection vulnerabilities caught my attention and I decided to see what system stored procedures have changed to see if I can find anything useful.

Vlad looks at a pair of spatial stored procedures and puts together a method to exploit the old versions.

Comments closed

Resetting the sa Password on a Locked-Out SQL Server Instance

Published 2025-08-28 by Kevin Feasel

Tim Radney jimmies the lock:

Getting locked out of a SQL Server instance can happen due to a number of situations. The most common scenario I’ve encountered is when a SQL Server is moved from one domain to another without the domain being trusted or having a local SQL admin account. I recently encountered another incident where a DBA was attempting to fail over a log-shipped instance to another instance. Part of their run book included a script to disable a set of users to block production access to the instance. The problem was, the production instance was on a cluster, unlike the development and QA systems where the script had been tested. Disabling the users in production took down the instance preventing the tail log backups from occurring. We had to get the instance back up in order to take those final backups.

What can you do if you find that you’re locked out of a SQL Server instance?

Read on for that answer.

1 Comment

Secrets Management in Kubernetes

Published 2025-08-25 by Kevin Feasel

Anshika Varshney takes us through some secrets management:

Secret management is a critical part of working with Kubernetes. When working with Kubernetes, you’ll often need to store and use sensitive information — like database passwords, API keys, and certificates. That’s where Kubernetes Secrets come in. But here’s the thing: while Kubernetes provides a way to store secrets, using them incorrectly can still expose your sensitive data.

This blog will walk you through:

  • What Kubernetes Secrets are
  • How they work
  • Common mistakes (the wrong way)
  • Best practices (the right way)
  • Real-life examples and configurations

Read on for the full article. I do want to iterate what I consider the most important of Anshika’s points: these things should never go into source control. The problem is, source control history is a lot more permanent than people customarily think about, so if you accidentally checked in a password in a config file somewhere, then got rid of the line with the password in it, a bad person with access to your source control can still look at history and find that password. The mechanism to rewrite Git history to remove a line’s existence is purposefully difficult, so a lot of developers don’t even know that it’s possible. But even then, if you’re hosting on someplace like GitHub and forks are enabled, rewriting history in your fork doesn’t rewrite it in somebody else’s fork, so again, a bad person with a fork from the right time frame could still see your exposed password.

The only fix is to cycle credentials if you ever do accidentally expose a password or key in source control files.

Comments closed

Microsoft Fabric Service Principal API Settings

Published 2025-08-25 by Kevin Feasel

Nicky van Vroenhoven has a public service announcement:

Microsoft Fabric is changing how service principal access to public APIs is controlled. The existing all-or-nothing tenant setting was split into two separate settings — giving us admins more granular control, but also introducing a change you might need to act on after August 1, 2025.

Click through to see how you might have been able to learn this, as well as the consequences of this change.

Comments closed