The New Wave of Security Threats
New AI tools are discovering older vulnerabilities in software, as well as new ones. Get ready for a bunch of patches to come out.
2026-05-09
32 reads
Security
Securing Your Databases in 2026: Best Practices for the Evolving Threat Landscape
In 2026, your approach to both applications and databases must be focused on practical and technical real-world operations and use cases rather than just hype.
2026-02-16
Exploiting SQL Server Date Correlation Optimization: How Tampered Backups Enable Cross-Database Data Leaks
This article reveals a critical SQL Server flaw: attackers can weaponize Date Correlation Optimization (DCO) views in restored backups
2026-02-13
No Defaults Passwords Ever
Steve doesn't see a reason why we should have default passwords on systems ever.
2026-01-17
68 reads
Minimally Viable Security
Today Steve talks about the need for a basic level of security in our software.
2026-01-05
76 reads
SQL Server DBaaS Vulnerability: Decrypting System Code & Exfiltrating User Data
Security in cloud environments is both challenging and fascinating, particularly for Database-as-a-Service (DBaaS) offerings like Amazon RDS, GCP CloudSQL and Alibaba ApsaraDB RDS. The cloud vendor acts as the system administrator, managing the operating system, patching, and backups, while the user manages their data and databases.
2025-12-03
2025-10-15
110 reads
The Security of Old Tech
Older technology can introduce security issues, along with performance ones. Keeping your systems somewhat up to date is important for security.
2025-09-12
75 reads
Password Guidance
Passwords are essential and also a problem in many organizations. Guidance has changed over the years and Steve has a few thoughts on what's recommended today.
2025-09-10
137 reads
Zero-Trust Architecture for Cloud-Based AI Systems
Zero-Trust Architecture (ZTA) emerges as a strong security paradigm for cloud-based AI systems, fundamentally operating on the principle of “never trust, always verify.” Unlike conventional security models, ZTA assumes potential compromise exists within the network and requires continuous verification of every access request regardless of origin.
2025-07-09
Blogs
PlanTrace Now Supports PostgreSQL
PlanTrace Now Supports PostgreSQL The same plan analysis you know from...
A New Word: the Kinder Surprise
By Steve Jones
the kinder surprise – . the point in your early adolescence when you realize...
Crash-Consistent Snapshot Cloning - Hyper-V Edition
If you’ve been following my T-SQL Snapshot Backup series, most of what I’ve covered...
Forums
BCA KCP Kemang Pratama CSTelpon : 0853-73737551
Komplek, Ruko Kemang Pratama, Jl. Kemang Pratama Raya No.1A Blok AN, RT.004/RW.001, Bojong Rawalumbu,...
BCA KCP Kedoya Baru TLP/WA 08218573837
Ruko Tomang Tol, Blk. A1 No.21-22 Raya Blok, Kedoya Sel., Kec. Kb. Jeruk, Kota...
BCA KCP Ruko Jababeka CSTelpon : 0853-73737551
CSTelpon : 0853-73737551 Ruko Permata Junction, Jl. Jababeka Raya Blok A2-3, Cikarang, Cikarang Sel.,...
Question of the Day
The Distance Metric
In the new VECTOR_DISTANCE() function in SQL Server 2025, the first parameter is the distance_metric. What is this?
See possible answers