Manvendra Singh
security testing for SQL Server environments

Understanding security testing for SQL Server environments

March 3, 2022 by

This article will explain various aspects of security testing for the SQL Server environment. Security is a very critical area for any database environment. We must properly plan, deploy, and audit database security measures to protect and prevent any unauthorized access of the data. We should also perform regular security testing to ensure we have the right set of rules and policies in place to secure our database environment. Database security measures also help any organization to protect its data to maintain its privacy and integrity.

Read more »
Frank Solomon
Query the sys.dm_xe_objects table, and look at the rpc_completed event row.

Using SQL Server Extended Events to debug applications

July 3, 2020 by


Often enough, multilayer software has bugs. SQL Server Extended Events system offers tools that can help find those bugs. A bug can happen in any layer – data, logic, or presentation. To fix those bugs, it helps to see the exact parameters and values that the presentation layer sends to the data layer. As a data layer product, SQL Server Extended Events can help with this.

Read more »
Timothy Smith
Before designing our security testing, we should know what types of attacks will do the most damage to our business

Security Testing Around Our Business Model and Risks

June 9, 2020 by

When we create an environment and consider our security testing from development to production and how changes are deployed throughout each environment, we want to consider what we’re protecting and how much resources we’ll devote to this protection. Every company has limited resources, so protecting against all possible threats will not be something we can achieve.

Read more »
Timothy Smith
We can see the option to enforce password policy when we manually create a login through the interface or selecting this option as ON when scripting logins for creation

Security Testing SQL Logins with the PWDCOMPARE function

June 3, 2020 by

In this article, we’ll look at using the built-in PWDCOMPARE function in SQL Server for security testing passwords. While this tool may seem like it exposes a weakness in Microsoft SQL Server because we can test for passwords, it should be of note that an attacker could do the same attack by attempting to login to our database server assuming the attacker was able to access a connection to it. Therefore, this function does not increase the risk of an attack on SQL Server but does help us identify possible weaknesses in our environment so that we can quickly mitigate these risks. In addition, we’ll also combine this with other related tools in SQL Server to help us with logins.

Read more »
Esat Erkec
SQL unit testing - tSQLt framework tsqlt.ExpectException result image

SQL Unit Testing: Working with exceptions

May 21, 2019 by

With this article, we will complete our journey with SQL Unit Testing. But first, let’s remember the main theme of the SQL Unit Testing again briefly. With the help of the SQL Unit Testing, we can detect and find out the flaws and bugs in database projects. This reduces the possible loss of time and money and reputation during the use of the product. However, it should be kept in mind that no matter how many tests are carried out, there will still be some bugs in the project, but SQL unit tests provide a greater degree of confidence. The fact that there are no bugs or flaws in the application at that time does not mean that the application is perfect. We cannot test all combinations and probabilities of the database objects. That is why in real life, considering certain parameters (risk, priority, etc.) we must ensure that a “reasonably sufficient” test is done.

Read more »
Esat Erkec
SQL Unit testing results with tSQLt

SQL Unit Testing Mocking Stored Procedures

May 8, 2019 by

In this SQL Unit testing article, we will continue our journey with SQL unit testing. In the previous articles of this series (see the TOC at the bottom), we mentioned about SQL unit testing essentials and designing approaches as well and then we reinforce these notions with various tSQLt framework practical examples. In this article, we will continue to learn how to mock stored procedures in the tSQLt framework and we will provide it with two examples.

Read more »
Esat Erkec
tSQLt framework unit test result

SQL unit testing best practices

April 8, 2019 by

SQL unit testing is a testing method which allows us to test the smallest, atomic programmable part of a database object. SQL unit testing plays a key role in the modern database development cycle because it allows us to test individual parts of the database objects work as expected. SQL unit testing adds a great worth to the database project because unit tests are more reliable then manual test methods.

Read more »
Esat Erkec
tSQLt Test Adapter for Visual Studio VSIX Installer

SQL Unit testing with the tSQLt framework and SQL Server Database Project integration

March 25, 2019 by

In the previous article SQL unit testing with the tSQLt framework for beginners in this series, we covered tSQLt framework essentials and installation. we also demonstrated basic SQL unit testing through the tSQLt framework. In this article, we will continue to explore SQL unit testing and we will also discuss the benefits of SQL unit testing. Additionally, we will learn how we can use the tSQLt framework in a SQL Server Database Project.

Read more »
Esat Erkec
SQL Unit testing - - tSQLt extended properties

SQL unit testing with the tSQLt framework for beginners

March 18, 2019 by

tSQLt is a powerful, open source framework for SQL Server unit testing. In this article, we will mainly focus on how to create and run SQL unit testing with help of the tSQLt framework. Before we begin to learn tSQLt framework details, let’s discuss essentials and importance of the database unit testing approach, in general. SQL unit testing is a vital and inseparable part of the modern database development approach and it makes possible to prevent errors before producing the release deployment process. Some database developers are still discussing the needs of the SQL unit testing concept; however, database unit testing is very significant to control and check the behavior of the individual parts of the database. For this reason, we cannot ignore the need to write unit test cases.

Read more »