We are delighted to announce the general availability of SQL Vulnerability Assessment for Azure SQL Database! SQL Vulnerability Assessment (VA) provides you a one-stop-shop to discover, track and remediate potential database vulnerabilities. It helps give you visibility into your security state, and includes actionable steps to investigate, manage and resolve security issues, and enhance your database fortifications. VA is available for Azure SQL Database customers as well as for on-premises SQL Server customers via SSMS.
If you have data privacy requirements or need to comply with data protection regulations like the European Union General Data Protection Regulation (EU GDPR), then VA is your built-in solution to simplify these processes and monitor your database protection status. For dynamic database environments where changes are frequent and hard to track, VA is invaluable in detecting the settings that can leave your database vulnerable to attack.
New SQL Advanced Threat Protection (ATP)
VA is being released to general availability (GA) as part of a new security package for your Azure SQL Database, called SQL Advanced Threat Protection (ATP). ATP provides a single go-to location for discovering, classifying and protecting sensitive data, managing your database vulnerabilities, and detecting anomalous activities that could indicate a threat to the database.
With one click, you can enable ATP on your entire database server, applying to all databases on the server. ATP includes SQL Threat Detection (already generally available), SQL Vulnerability Assessment, and SQL Information Protection (currently in preview). You can try it for free with a 60-day free trial period. For more information, please see our pricing page.
Existing Threat Detection customers will continue to receive the Threat Detection service for the same price as before, with the additional benefits of the entire ATP package. All other customers will be required to opt-in to the new ATP service.
What’s new in VA?
SQL Vulnerability Assessment is an easy-to-use service that you can use to monitor that your database maintains a high level of security at all times, and that your organizational policies are met. It provides a comprehensive security report along with actionable remediation steps for each issue found, making it easy to proactively manage your database security stature even if you are not a security expert.
With the GA announcement, SQL VA supports some new and valuable capabilities.
- Automated scheduled scans – Configure VA to automatically run a scan for you once a week and send you an email with a result summary.
- Exportable report – One click to create and download an Excel report of the complete assessment results.
- Augmented rule set – A broader set of checks covering both database and server-level vulnerabilities, which impact the overall security of the database system.
- Scan history – View a complete history of all scans run on a database, with an ability to drill down into the details of each historic scan result.
These new capabilities join the existing VA feature set, including the baseline capability that enables you to customize the assessment to your environment. Once you define a security baseline based on your assessment results, then only deviations from your customized baseline are reported, making this a fully tailored experience for your environment.
Get started today – turn on ATP!
We encourage you to enable SQL Advanced Threat Protection and try out Vulnerability Assessment today, to start proactively improving your database security stature. Track and monitor your database security settings, so that you never again lose visibility and control of potential risks to the safety of your data.
Check out the SQL Advanced Threat Protection documentation to get started, and Getting Started with Vulnerability Assessment for more details on managing your vulnerability assessment.
Try it out, and let us know what you think!