SSMS now has a vulnerability report

Security is an important and often overlooked function of technology. Don’t believe me? Go to a SQL conference and look how many people are listening to the perf tuning session vs the 3 people attending the security session.

Hopefully, this new feature will help those that are interested and those that are not so interested in security.

To run the report simply right click a database; choose Tasks; choose Vulnerability Assessment; and finally click Scan for Vulnerabilities…

Once clicked the scan dialog will open and there’s not really much to do except click “OK”.


From here the Assessment Results will be shown. There’s not hundreds of data points but it’s a great start with 52 checks.



The really amazing thing about this is that it even provides a script that you can run to “fix” your issues. Though it should be noted that you may actually “need” the code it’s fixing. Before running these scripts you’d want to discuss with your team and remediate any potential concerns before you break something.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s