 | | The Complete Weekly Roundup of SQL Server News by SQLServerCentral.com | | Hand-picked content to sharpen your professional edge |
|
Would You Want to be on the Red Team? In the world of cybersecurity, a red team is a team of hackers that try to infiltrate a company, but at the request of the company. The idea is they look for vulnerabilities and issues and find them before criminal hackers do. They are the opposite of the blue team, who is trying to stop the red team and create defensive measures that prevent the red team from accessing data. Many large companies use red teams. Microsoft maintains a red team (and a blue team) that are constantly competing to break into their systems and defend them (depending on which side you are thinking about). I'm sure Amazon, Google, and other large companies do the same thing. It's an interesting idea, though I bet this is a lot of repetitive work where you constantly repeat similar attacks with slight variations. There certainly is some creativity and research as well, and some acting if you social engineer situations, but it's not the type of work I would want to do. I doubt it's as exciting as Hollywood movies portray hacking. An organization could assemble a red team from external resources and use them to evaluate the security of your software, your infrastructure, or even your people. There's an article this week on getting started with a red team. Since companies are seeing more and more attacks against their systems, I would expect more to be proactive and either assemble or hire someone to test them. In fact, I bet there will be lots of cybersecurity people setting up their own companies to help here. Many of us might feel we are careful with security, and that we check for issues. I'm sure we do some of that, and many of us know how to secure things well. However, it's easy to make a change and make a mistake. It's easy to forget to include a group, or include the wrong group, in a security ACL. It's easy to forget to check a setting or leave access open while we test and forget to go back and secure it properly. Attackers think differently. We can learn to do this, but it might be helpful to have someone else doing the attacking and then giving us a report on what to fix. Steve Jones - SSC Editor Join the debate, and respond to the editorial on the forums |
| The Weekly News | | All the headlines and interesting SQL Server information that we've collected over the past week, and sometimes even a few repeats if we think they fit. |
| Vendors/3rd Party Products |
SQL Data Catalog 2.0 provides a simple, policy-driven approach to data protection, through data masking. It can now automatically generate the static masking sets that Data Masker will use to protect your entire database, directly from the data classification metadata held within the catalog. |
How to use Flyway and PowerShell to automatically generate a database build script every time Flyway successfully created a new version. You can then investigate schema changes between versions simply by using a Diff tool to compare build scripts. |
Explaining some of the 'gotchas' that can trip up the unwary Flyway user, and how to avoid them. One or two of these you'll encounter quickly, such as the case-sensitivity of parameters and arguments. Others, such as potential problems with undo scripts or running scripted callbacks, only when you are tackling more complex development processes. |
Pinal Dave from SQL Authority has used – and been a fan of – SQL Monitor since it launched in 2008 (fun fact: it was named SQL Response back then!) There are, however, a few newer features that Pinal isn’t too familiar with, and we were delighted to introduce those to him in this short video. |
| Administration of SQL Server |
In the past, I have talked about CMS (Central Management Servers), but now I don’t have CMS configured and still want to query multiple instances at once. Local Server Groups are my friend. |
(This post written by Jon Biggs (t), one of our Senior DBAs) We are currently performing migrations with upgrade of multiple-instance SQL Servers to new servers. The migrations are... |
For years we have been able to use Transparent Dat... |
Do you know which account is the owner for your SQL Server Agent jobs? Some jobs might be owned by user accounts which can become a problem. What happens... |
Easy Peas I know what you’re gonna say: You’re gonna say, Erik, you can do this by setting the Maximum Memory Percent for each and every resource pool other than... |
| Azure Databricks, Spark and Snowflake |
In this post we are going to describe how to pivot and unpivot a DataFrame in Spark. We have an employee DataFrame with 3 columns, name, […] The post How... |
The article Configure IP firewall rules for Azure ... |
| Azure Synapse (SQL Data Warehouse and Data Lake) |
Reading Time: 3 minutes During the Azure DevOps based training day I co-presented at SQLBits I got an interesting question about the CI/CD method that I showed for... |
| Career, Employment, and Certifications |
This Monday, I took and passed the Azure Administrator exam (Az-104) exam. It was a little bit unusual for me to take this exam, as I’m already an Azure... |
You are organizing an event and find out an attendee has a history of stalking and harassment. What do you do? You need a Code of Conduct and plan... |
| Computing in the Cloud (Azure, Google, AWS) |
The end of support for SQL Server 2012 is rapidly ... |
Time ago, we discussed about ir MARS works in Azure SQL Managed Instance or Azure SQL Database in this URL Today I would like to include the change that we... |
Issue description: While connect to a Azure SQL database via AAD Integrated/Password authentication, fail with below error: Client: Azure VM (SSMS). SQL authentication works normally. Analysis: Azure SQL database side shows error... |
How to enable selective Auditing in Azure SQL? Auditing can help you track database related event, and we can write them to blob storage. Auditing can be enabled using portal... |
Let’s go through a Redis build process. It will be fun. Within Azure find Redis / search for it. Fill in the basics (location should be where your app... The... |
| Conferences, Classes, Events, and Webinars |
There are a lot of free Power BI training options out there for business analysts and there is now training beyond that for your organization. Adam explores the latest... |
Get Together This post is obviously biased, becau... |
I’m presenting remotely at the upcoming SQLDay P... |
The PASS Summit is November 15-18 in Seattle this year. This time around, it’s a hybrid conference, with both speakers and attendees in a mix between in-person and remote.... |
Join SQLServerCentral Editor, Steve Jones, as he talks through the capabilities, use cases, benefits, and potential problems of both static and dynamic data masking in your organization. |
Implementing DevOps isn’t just a matter of being great at writing code. The key to successful DevOps implementation is gaining buy in across your organization. Join Grant Fritchey live for his tips on how to achieve this. |
In this article learn how to use if then logic in ... |
Introduction Since September of 2020 I have been blogging heavily on PowerShell. In a few posts I’m going to start a new series on a different subject, but first I... |
I was recently working on a client server and need... |
Let be a real-valued (non-degenerate) random varia... |
Statistical programmers need to access numerical c... |
Are you interested in guest posting? Publish at DataScience+ via your RStudio editor. Category Visualizing Data Tags Data Visualisation Maps R Programming Tips & Tricks Choropleths are a nice tool for the visualization of geographic data... |
While data lakes and data warehouses are both im... |
| DocumentDB/Key-Value/Graph/other NoSQL Databases |
I was putting together some queries today, pulling... |
| ETL/SSIS/Azure Data Factory/Biml |
Introduction: In today Blog article, we are going ... |
In this article we look at how to bulk load data into SQL Server and Oracle using the native tools for that platform Bulk Copy Program (BCP) and SQL*Loader... |
Power BI has recently done a dedicated blog on Inforiver to highlight a new set of capabilities. So the owner of Lumel Visuals Gopal is going to discuss and... |
STDEV.P: Calculates standard deviation based on th... |
There are several common challenges when creating paginated reports from Power BI datasets. In this article, Adam Aspin explains how to work around several of these issues.… The post Tips... |
| Oracle/PostgreSQL/MySQL/other RDBMS |
In this article, we are going to learn how we can drop the temp table in PostgreSQL. The temp table is used to store data temporarily. Suppose you want... |
| Performance Tuning SQL Server |
Property Management I’m a really big fan of usi... |
This is the first part of a series about simple parameterization and trivial plans. These two compilation features are closely connected and have similar goals. Both target performance and efficiency for workloads frequently submitting simple statements. |
Nope. The sad news for you here is that nothing aside from selecting a CTE into a real or temporary table will materialize the result of the query within in... |
Paul White embarks on a new series covering less well-known details about simple parameterization and trivial plans. Learn more in part 1. The post Simple Parameterization and Trivial Plans —... |
| PowerPivot/PowerQuery/PowerBI |
Gone are the days when creating a sophisticated app required extensive coding knowledge! Microsoft’s Power Apps empower citizen-developers of any skill level to build custom apps. Users can build solutions to satisfy both simple and complex business requirements. The sleek Power App interface requires little to no code; however, the platform is flexible enough to handle business logic and coding as well. |
Recently we worked on a case where the Power BI refreshes were failing intermittently. 90% of time, things would work just fine, but sporadically our customer would see similar... |
Have you ever needed to set a property or field to the last day of the month? This is a common business problem that can The post Power Automate –... |
The March 2022 release of Power BI Desktop include... |
I needed to pull some user data for an app that uses Intercom. While I will probably import the data using Data Factory or a function in the long... The... |
In this new video series, Devin focuses on working with Power Automate Date Expressions. This first video is a primer to cover the basics of The post Power Automate –... |
Can Patrick handle the challenge that Alex Powers presented to him? Can he actually complete the challenges of the Power Query 30-day Query Folding challenge? Let's find out... These... |
| Product Upgrades and Releases |
Machine Learning user-defined function in Stream Analytics allows you to perform high throughput, low latency, real-time predictions, allowing you to act on insights which have a very short shelf-life. |
Serverless applications are event-driven, using ephemeral compute functions ranging from web APIs, mobile backends, and streaming analytics to data processing stages in machine learning (ML) and high-performance applications. While... |
Migrate to Azure Synapse Analytics. |
We’re retiring Azure Time Series Insights on 31 March 2025 – transition to Azure Data Explorer |
I am thrilled to announce that Microsoft Press (Pearson) has agreed to let us do another Inside Out book this year. This news is so fresh I haven’t even... |
In this article we look at how to use looping logic in Python with various examples of how this can be done. |
Do you indent your code with one tab, two spaces, or eight spaces? Do you feel strongly about the location of the curly brace closing a function definition? Do you have naming preferences? You probably have picked up some habits along the way. In any case, having some sort of consistency in coding style will help those who read the code to understand, fix or enhance it. In this post, we shall share some resources about coding style, useful tools, and some remarks on etiquette. |
After an interesting conversation on using data. f... |
Researchers examined how quickly ransomware encryp... |
Ransomware attacks lead the headlines and strike fear in the hearts of executives who face crippling operational shutdowns and public relations nightmares. Yet too many executives are prepared to... |
Microsoft is rolling out a new update that lets IT... |
HP has acknowledged that its several printer models are vulnerable... |
The Office of Inspector General has audited NASA’s insider threat program: While NASA has a fully operational insider threat program for its classified systems, the vast majority of the Agency’s... |
These groups of authorized hackers work to infiltrate their customer's data, development environment, or any other business area to locate and identify vulnerabilities. |
To guarantee the order of a result set, you must u... |
A lot of the time you’re going to be asked to group items. Sometimes, you have to look at the exact same data in multiple ways. It can be... |
In kernel version 5.17, both /dev/random and /dev/... |
The secret to hiring developers is training people... |
| Virtualization and Containers/Kubernetes |
kubectl is the defacto command line tool for administering Kubernetes clusters. Connecting to a cluster via kubectl requires a Kubernetes config file, this in turn contains one or more... |
  | This email has been sent to {email}. To be removed from this list, please click here. If you have any problems leaving the list, please contact the webmaster@sqlservercentral.com. This newsletter was sent to you because you signed up at SQLServerCentral.com. Note: This is not the SQLServerCentral.com daily newsletter list, and unsubscribing to this newsletter will not stop you receiving the SQL Server Central daily newsletters. If you want to be removed from that list, you can follow the instructions on the daily newsletter. |
|
|
