Threat and Vulnerability Mitigation (Database Engine)

Although SQL Server includes a variety of security mechanisms, every system has features that could be exploited for malicious purposes. This page provides links to help you locate the information that you need about threats and vulnerabilities in the SQL Server Database Engine, and how you can eliminate them.

Related Sections

• Securing SQL Server
  Provides a general overview of the process for how to help secure the SQL Server platform, and how to work with users and securable objects.

In This Section

• Threat and Vulnerability Matrix (Database Engine)
  This topic explains the primary threats involving the SQL Server platform, databases, and code and how you can protect a system against them.

• SQL Injection
  SQL Injection attacks work by embedding a malicious query in a legitimate one. Read this topic to learn how injection attacks work and what you can do to help secure against them.

External Resources

• Microsoft TechNet: SQL Server TechCenter: SQL Server 2005 Security and Protection
  Provides up to date information about SQL Server Security.

See Also

Concepts

Security and Protection (Database Engine)

Identity and Access Control (Database Engine)

Secure Development (Database Engine)

Secure Deployment (Database Engine)

Secure Operation (Database Engine)