How easy is it to hack a SQL Server? In this session, we'll see examples on how to exploit SQL Server, modify data and take control, while at the same time not leaving a trace.
We'll start by gaining access to a SQL Server (using some "creative" ways of making man-in-the-middle attacks), escalating privileges and tampering with data at the TDS protocol level (e.g. changing your income level and reverting without a trace after payment), hacking DDM, and more.
Most importantly, we'll also cover recommendations on how to avoid these attacks, and take a look at the pros and cons of new security features in SQL Server 2016.
This is a demo-driven session, suited for DBAs, developers and security consultants.
You know about the cloud but you’re not there yet. Is it hard? Is it easy? How do you get started? Come to this session and see for yourself. We’ll start with nothing and end up with a deployed Azure SQL Database. We’ll even run a quick PowerBI report and enable Geo-Redundant Disaster Recovery with a couple clicks.
The goal is to take the mystery out, to show the capabilities and get you thinking about what going to the cloud could look like and what it can do for you and your company. I believe the future belongs to those who have this knowledge and know where to apply it.
This will be nearly PowerPoint free and we’ll log into my Azure Portal and build out an environment from scratch and learn as we go. We’ll migrate data from an “on-premises” database into our SQL DB and we’ll query it. You’ll leave with an understanding of the capabilities, some resource links outlining what we did and hopefully some curiosity to see what else is up there in the cloud as you start exploring with your own trial. Platform as a Service isn’t the answer to every problem, but after you see how simple it is to get started, maybe you’ll get some ideas of where it is.
DevOps is a hot topic in today’s software development world, however, most of the knowledge and experience with DevOps is based around application software and ignores the database. We will examine how the concepts and principles of DevOps can be applied to database development by explaining the core concepts of managing scripts, automated building, testing, and deployment of database changes. Once you understand the principles of a DevOps database development process, you can generate scripts used for direct deployment on your instances or sent to customers for them to execute.
In this session, we will cover tracking the changes made to your database and capturing them in version control. We will show automated building and testing of your code on a separate environment and the generation of an upgrade script that a DBA and developer can review and deploy to QA, test, staging, production, or any other environment.
This session will use Redgate Software tools to accomplish specific actions, with explanations on how the same actions can be alternatively built by anyone.
When storage doesn't perform and scale it causes issues for SQL Server and can make DBA life extremely challenging. In many cases, SQL Server storage is provisioned on a SAN. However, very few DBAs even get to see a SAN or understand how it works. Even though the SAN is someone else's responsibility, as a DBA you feel the pain and you're typically a first responder when there is a problem. Understanding the "magic" behind it will make you a better DBA and help you have productive conversations with your storage administrator. After all, pointing fingers has a negative impact on your superhero status!
In this session, you will learn what a SAN is, how it works, and why it's typically used vs. direct attached storage. These 'black boxes" have a lot of capabilities, so you will also learn about some of the common features today that they offer and how they can help you. You will also learn about what can go wrong, some basic troubleshooting when you're not getting what you expected, and how to communicate with your SAN administrator if you're not getting what you need.