Minimally Viable Security
Today Steve talks about the need for a basic level of security in our software.
2026-01-05
67 reads
Security
SQL Server DBaaS Vulnerability: Decrypting System Code & Exfiltrating User Data
Security in cloud environments is both challenging and fascinating, particularly for Database-as-a-Service (DBaaS) offerings like Amazon RDS, GCP CloudSQL and Alibaba ApsaraDB RDS. The cloud vendor acts as the system administrator, managing the operating system, patching, and backups, while the user manages their data and databases.
2025-12-03
2025-10-15
107 reads
The Security of Old Tech
Older technology can introduce security issues, along with performance ones. Keeping your systems somewhat up to date is important for security.
2025-09-12
69 reads
Password Guidance
Passwords are essential and also a problem in many organizations. Guidance has changed over the years and Steve has a few thoughts on what's recommended today.
2025-09-10
133 reads
Zero-Trust Architecture for Cloud-Based AI Systems
Zero-Trust Architecture (ZTA) emerges as a strong security paradigm for cloud-based AI systems, fundamentally operating on the principle of “never trust, always verify.” Unlike conventional security models, ZTA assumes potential compromise exists within the network and requires continuous verification of every access request regardless of origin.
2025-07-09
Cloning Master Admin User Permissions in Amazon RDS for SQL Server with Fine-Grained Control
This article explores how to securely clone the master user permissions in Amazon RDS for SQL Server using a custom stored procedure, usp_rds_clone_login. It outlines a step-by-step process to generate, review, and apply a script that replicates server- and database-level access from the master user to a new login without directly exposing elevated credentials. The guide emphasizes the principle of least privilege, supports named account management, and enables transparent, auditable permission handling for DBAs and applications. Designed for secure and scalable environments, this solution enhances operational security while maintaining administrative flexibility in Amazon RDS.
2025-07-09
639 reads
Are Data Breaches Inevitable?
Steve examines the idea that we might all have a data breach at some point.
2025-05-16
87 reads
More Supply Chain Attacks
Code is vulnerable to supply chain attacks, which aren't something many of us think about.
2025-03-21
106 reads
Lower Your Attack Surface Area
We all know security is important, but we sometimes make the job harder when we don't handle data appropriately.
2025-03-19
165 reads
Blogs
Runing tSQLt Tests with Claude
By Ed Elliott
Running tSQLt unit tests is great from Visual Studio but my development workflow...
Getting Your Data GenAI-Ready: The Next Stage of Data Maturity
By James Serra
I remember a meeting where a client’s CEO leaned in and asked me, “So,...
Learn Better: Pause to Review More
By Brian Kelley
If you want to learn better, pause more in your learning to intentionally review.
Forums
The Top Food Testing Facility in India | Fare Labs Pvt. Ltd.
The world's top food testing services are offered by Fare Labs, an Indian lab...
The Long Name
Comments posted to this topic are about the item The Long Name
Eight Minutes
Comments posted to this topic are about the item Eight Minutes
Question of the Day
The Long Name
I run this code to create a table:
When I check the length, I get these results:
A table name is limited to 128 characters. How does this work?