Vulnerability Assessment removed?

  • In Brent Ozar's list of links today, I learned that Microsoft has removed the Vulnerability Assessment tool from SSMS as of v19.1.

    I recently started using it in my SQL Server environment and found it a great tool -- I was able to demonstrate to management why some of their security shortcuts were a bad idea. There doesn't seem to be any advance notice that this was going to happen -- the Microsoft Learning page is dated Feb 2023, so clearly this was a recent decision. My Google-fu finds nothing except for the SSMS release notes and Brent's announcement of same.

    Does anyone know why this decision was made? Is there any similar tool out there?

  • I would not consider it a big issue for now - you can still install prior versions of SSMS and keep using it.

  • Erin discusses that the "SQL Server Vulnerability Assessment in SSMS does not consume findings from Defender for Cloud" here.

    You can also scan for vulnerabilities with PowerShell.

  • sql2sec wrote:

    Erin discusses that the "SQL Server Vulnerability Assessment in SSMS does not consume findings from Defender for Cloud" here.

    You can also scan for vulnerabilities with PowerShell.

    Thanks for these links, very helpful!

    The Powershell option looks to be the best for our particular scenario - I'll admit I didn't even think to look there.

  • Unfortunately the Powershell module is longer available in recent versions... The name of the module is 'Invoke-SqlVulnerabilityAssessmentScan', and I have done some tests with it a while ago. Now I'd like to continue that project, and it's not available anymore... See BOL: https://learn.microsoft.com/en-us/powershell/module/sqlserver/invoke-sqlvulnerabilityassessmentscan?view=sqlserver-ps

    Module requirements: version 21+ on PowerShell 5.1; version 22+ on PowerShell 7.x.

    This cmdlet was removed in v22.3+ of the module.

    Does anyone have an update, or a work-around other than using older versions? Thanks in advance!

Viewing 5 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic. Login to reply