Andreas Wolter's Avatar

Andreas Wolter

@andreaswolter.bsky.social

Microsoft Certified Solutions Master Data Platform (MCM+MCSM), ex Microsoft PM SQL Security. He/him. Former or current resident of πŸ‡©πŸ‡ͺ πŸ‡¬πŸ‡§ πŸ‡¦πŸ‡ͺ πŸ‡ΉπŸ‡­ πŸ‡»πŸ‡³ πŸ‡ΊπŸ‡Έ

59 Followers  |  122 Following  |  13 Posts  |  Joined: 14.11.2024  |  1.6744

Latest posts by andreaswolter.bsky.social on Bluesky

Preview
Evading Data Access Auditing in Microsoft SQL Server – and how to close the gaps - Andreas Wolter

Evading Data Access Auditing in Microsoft #SQLServer πŸ•΅οΈ
this article demonstrates data access that is not captured by common Audit definitions and how to ensure also indirect access to data is audited andreas-wolter.com/en/202508_ev...

07.08.2025 18:32 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Nice technical insights. - Happy to see my old article being of some use still :) - Thanks for mentioning.

29.07.2025 19:12 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Recommendation for Security Auditing for databases - with example for Microsoft SQL Server - Andreas Wolter 20

Article: recommended minimum security audit definition for database systems, using Microsoft #SQLServer as example:
Audit every change to the system’s security configuration. andreas-wolter.com/en/202507_re...

29.07.2025 15:28 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Managing Database Sprawl: Finding Control in a Growing Environment | LinkedIn As database environments scale, so do complexity and cost. From forgotten dev instances to sprawling clusters of mission-critical workloads, database sprawl creates risks that are easy to ignoreβ€”and t...

Tomorrow: live Roundtable on a growing issue: database sprawl. It wreaks havoc on performance, security, and cost. We’ll talk openly about how to assess what’s running and take back control. If this has become a challenge in your organization, I hope you’ll join us. www.linkedin.com/events/manag...

17.06.2025 21:11 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
10 hours of SQL Server under attack – takeaways - Andreas Wolter

What happens if you leave #SQLServer exposed to the internet? As you may have seen, that is exactly what I did for my PreCon at the #SQLSaturday New York City conference. Here I am sharing what happened:
10 hours of SQL Server under attack – takeaways
andreas-wolter.com/en/2505_sqls...

13.05.2025 21:47 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Hacking attempts on SQL Server from Iran

Hacking attempts on SQL Server from Iran

And the winner of the first hacking attempt on the #SQLSaturday NYC Performance Monitoring lab environment is: #Iran πŸ‘ applause applause.. πŸ˜€
I am taking bets for the main event Friday!

07.05.2025 21:30 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Next Thursday, 4/17, at the NTSSUG user group meeting: how to approach #DataSecurity for #SQLServer and #AzureSQL from a strategic perspective, live at the Microsoft office in Irving, TX. Sign up for the free event here: www.meetup.com/north-texas-...

10.04.2025 16:40 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Post image

31 days left: #SQLServer Performance Monitoring at #SQLSaturday in New York City on May 9th!
Your chance to test your knowledge and analyze my server's workload live during the session! - using Extended Events or DMV queries from your own machine: www.eventbrite.com/e/practical-...

08.04.2025 19:43 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Performance Monitor

Performance Monitor

Are you interested in learning how to troubleshoot performance issues on your own, rather than relying on costly consultants like me? πŸ˜‰
Join me and others for my PreCon on #SQLServer Performance Monitoring at #SQLSaturday in New York City on May 9th!
Sign-up here: www.eventbrite.com/e/practical-...

03.04.2025 18:15 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
SQL Audit bug

SQL Audit bug

#SQLServer #security admins, attention: #Auditing is missing attempts to change permissions, leading to #repudiation and miss elevation attempts
Please upvote for bug-fix
andreas-wolter.com/en/2502-sql-...

10.02.2025 19:57 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
The challenges for least privilege: When sysadmin is still required in Microsoft SQL Server - Andreas Wolter

The challenges for least privilege: When sysadmin is still required in Microsoft #SQLServer
a fresh update on the sysadmin requirements for SQL Server 2022 - and why CONTROL SERVER can be dangerously misleading. andreas-wolter.com/en/least-pri... #DataSecurity

06.02.2025 18:25 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
Protecting database data at rest: Transparent Data Encryption, Backup Encryption or Always Encrypted - Andreas Wolter

New article out> Protecting database data at rest:
Comparing the different encryption methods SQL Server offers, regarding how well they protect data at rest, and why I don't push for #TDE everywhere.
andreas-wolter.com/en/protectin... #DataEncryption #DatSecurity

16.01.2025 17:11 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 0    πŸ“Œ 1
Preview
Use TLS 1.2 and trusted certificates to encrypt data in transit for all SQL Servers, including development environments - Andreas Wolter

New article: #TLS 1.2 and trusted certificates to encrypt data in transit for all SQL Servers, including development environments andreas-wolter.com/en/tls-trust... #SQLServer #Encryption

26.11.2024 02:28 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

@andreaswolter is following 20 prominent accounts