News

Microsoft Launches SQL Azure Testing Service

Microsoft is offering a free trial app of a new test service designed to help SQL Azure users monitor the security of their databases housed in Microsoft's cloud.

The app, code-named "SQL Azure Security Services," is available through the SQL Azure Labs portal here. A SQL Azure account is required to test it, but Microsoft also offers a no-cost trial of Windows Azure (including SQL Azure) for 90 days. It's not clear when the service became available publicly.

SQL Azure Security Services runs as a Web application and lets users check for vulnerabilities in their databases. The service can test one database or all in an account. A Microsoft blog post describes the service as "an early prototype for solving the problem of securing your data in the cloud: no matter where it is, whatever the capacity and scale."

SQL Azure Labs releases are not fully tested by Microsoft and are more at the "cutting edge" level, according to Microsoft's description.

Microsoft plans to expand this service if it gets enough feedback on its use, according to a TechNet wiki post by Ramkumar Krishnan, who says he works at Microsoft. Krishnan outlined steps on how to use the service.

The scan will detect malware, security vulnerabilities and other potential issues in SQL Azure databases right now, but other capabilities may be added later.

"Depending on your enthusiasm for such a service and your valuable feedback, more advanced features like sensitive data discovery, data masking, configuration drift, SQL injection detection, and other functionality layered on core SQL Azure platform will be added to the service," Krishnan stated. "So your feedback is absolutely important!"

The service uses a two-tab directory, with one side listing any "security issues," while the other side catalogs potential "attack surface" problems. When a database has been attacked, the type of attack is identified, such as "SQL injection." The service may also question potential design problems, such as overly restricted access rights.

The service may offer a "recommended mitigation" from Microsoft if a problem is detected. The mitigation appears in text form as advice.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • Touting Azure for Operators, Microsoft Joins SDN Standards Group

    As part of its Azure for Operators program, Microsoft this week joined a nonprofit standards association that focuses on SDN technologies used by enterprises and service providers.

  • 2020 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss. (Now updated with COVID-19-related event changes.)

  • Pilot Begins of Microsoft Teams-Salesforce CRM Integration

    A new capability that lets Microsoft Teams users access information from the Salesforce.com customer relationship management (CRM) platform debuted this week.

  • The 2020 Microsoft Product Roadmap

    From the next major update to Windows 10 to the next generations of .NET and PowerShell, here's what's on tap from Microsoft this year.