Microsoft has introduced a new feature to help you ensuring your Azure SQL services are secured. This feature is called SQL Vulnerability Assessment and is available on preview; the good news is you can also use it with your on-premises SQL servers.

It has been designed in a way that even non security/SQL expert can gain advantage of it.

The SQL VA uses a knowledge base of rules to identify any known issues, deviation from recommendations and best practices.

 

Enable SQL Vulnerability Assessment

From the Azure portal, reach you Azure SQL server to access the database (or use the direct SQL Databases access) and access the Settings of the database to open the Vulnerability Assessment

image

Select the storage account to use for saving the scan (or create a new one)

Once you have selected (or created) the storage account you can run a scan

imageimage

It may take some time to complete

Once completed you can view the result from the Azure portal or SQL Management Studio

image

If you click on one of the recommendation you will get more details to solve it or mark it as baseline – meaning acceptable result for your environment/use

image