How to perform vulnerability scan on Microsoft SQL Server

Posted on Christian By Christian No Comments on How to perform vulnerability scan on Microsoft SQL Server
performing vulnerability scan

In this article, we shall discuss “How to perform vulnerability scan on Microsoft SQL Server”. SQL Vulnerability Assessment is a new feature embedded in some of the most recent versions of SQL Server Management Studio. See the following guide on MySQL, how to reset Mysql Root password. How to access MySQL Server from command Prompt, how to create and delete MySQL database, and how to migrate Veeam MsSQL Database to a new MsSQL Server.

This feature is relatively very easy to use and it will show you all the security vulnerabilities and anomalies in your SQL database. Following best practice, it is recommended to apply strict security practices thereby ensuring that client’s data are not compromised.

If you currently do not have SQL Server Management Studio (SSMS) installed on your PC or Server.

Perform vulnerability scan on Microsoft SQL Server

In this example, I will perform a Vulnerability Assessment of one of my databases named “SolarWindOrion” as shown below.

Note: Orion is a performance management and fault management application that allows you to view the real-time statistics of your network directly from your web browser.

This Db is actually used for this task in my laboratory and I wish to remediate and protect the Database.

Right-click on the database “SolarWindOrion” in SSMS and navigate to “Tasks”. Then to “Vulnerability Assessment” and click on “Scan for Vulnerabilities” as shown below

Microsoft SQL Server

Select the right location where the report will be saved as shown below.

SQL Server security

Now Click on Okay and This will execute and prompte any found vulnerability below. See associated errors from my scans below.

vulnerability scanning techniques

Furthermore, you will be able to view the scan reports in SSMS. The details of the performed security checks, such as failed checks and other information, are available in a readable format.

performing vulnerability scan
Vulnerability Scan Exported to Excel

However, Click on one of the errors displayed. Let’s click on the first error as shown above. See the new image of the detailed checks below.

Since these details are self-explanatory. I will proceed and attach a new image showing the fix (remediation) as suggested by Microsoft to fix this issue.

Note: The Suggested remediation can be opened in the Querry Editor on a new SQL Querry Window and executed as shown below.

In this way, we can have our database protected as suggested by Microsoft (Baseline)

Note: It is recommended to review the scan report, perform the necessary actions and run the scan again to ensure that all security risks are mitigated.

I hope you found this blog post on how to perform vulnerability scan on Microsoft SQL Server helpful? If you have any questions, please let me know in the comment session.

Rate this post
Security | Vulnerability Scans and Assessment Tags:, , ,

Related Posts

More Related Articles

ePO installation on Windows Server Trellix ePolicy Orchestrator Installation on Windows Server Security | Vulnerability Scans and Assessment
credentialguard Enable or disable Windows Defender Credential Guard Security | Vulnerability Scans and Assessment
updates Out-of-Band Security Update for PrintNightmare: Patch released for Windows Print Spooler Remote Code Execution Vulnerability Security | Vulnerability Scans and Assessment
rrd How to uninstall the DriveLock Agent from your device Security | Vulnerability Scans and Assessment
VMware Aria VMSA-2022-0026: An arbitrary file read vulnerability in VMware Aria Operations Security | Vulnerability Scans and Assessment
How to Disable TLS 1.0, TLS 1.1 and TLS 1 banner How to Disable TLS 1.0, TLS 1.1 and TLS 1.2 in Windows Using GPO Security | Vulnerability Scans and Assessment

Leave a Reply