SQL Advanced Threat Protection | Securing Your SQL Database

SQL Advanced Threat Protection (ATP) now offers DBAs (Database Administrators) the opportunity to discover and classify sensitive data, understand database vulnerabilitiesand detect abnormal activities that could indicate a threat to the database. Thereby providing a central go-to location for enabling and managing these security capabilities.

SQL Advanced Threat Protection provides...

a set of advanced SQL security capabilities, including Data Discovery & Classification, Vulnerability Assessment & Threat Detection.

Data Discovery & Classification 

Provides capabilities built into Azure SQL Database for discovering, classifying, labeling & protecting the sensitive data in your databases. It can be used to provide visibility into your database classification state, and to track the access to sensitive data within the database and beyond its borders.

Vulnerability Assessment 

An easy to configure service that can discover, track, and help you remediate potential database vulnerabilities. It provides visibility into your security state, and includes actionable steps to resolve security issues, and enhance your database fortifications.

Threat Detection

Detects anomalous activities indicating unusual and potentially harmful attempts to access or exploit your database. It continuously monitors your database for suspicious activities and provides alerts on potential vulnerabilities, SQL injection attacks, and anomalous database access patterns. Threat Detection alerts provide details of the suspicious activity and recommend action on how to investigate and mitigate the threat.

With one click, SQL ATP can be activated across an entire database farm whether that is one server or many, thereby applying protection to the databases found on the server(s).

In addition to the security, SQL ATP provides as listed above, new capabilities such as:

• Automated scheduled scans – Configure to automatically run a scan for you once a week and send you an email with a result summary.
  
  
• Exportable report – One click to create and download an Excel report of the complete assessment results.
  
  
• Augmented rule set – A broader set of checks covering both database and server-level vulnerabilities, which impact the overall security of the database system.
  
  
• Scan history – View a complete history of all scans run on a database, with an ability to drill down into the details of each historic scan result.

SQL ATP pricing aligns with Azure Security Center standard tier at $15/node/month, where each protected SQL Database server is counted as one node. The first 60 days after enablement are considered a free trial period and are not charged. This gives a clear view of the who, what, when, and how of security incidents in an organization for SQL.

If an organization operates an on-premises data center(s) with SQL, SQL ATP is still available for database monitoring needs through SSMS (SQL Server Management Studio). There is no additional cost for SSMS starting with 2016 and newer for securing older servers to the new SQL ATP solution.

Contact us today to get in touch with our experts and find out how we could improve the security posture of your SQL database within your overall security plan.