With our development pipelines we automate our SQL Server deployments and testing, but rarely do we automate checking our database security.

Are all object owned by the right principal? Are permissions only granted to roles or groups? Have any accounts moved between roles during testing? How can you check?

dbaSecurityScan is an Open Source Powershell module that lets you extract and source control your database's security, then test against it to ensure nothing has changed. It can even apply corrective measures to bring your database back in line with your policies.

In this session we'll look at why and what you'd want to be checking during your deployments or database's life. How dbaSecurityScan lets you create a security baseline to check against, how to update that baseline to meet new criteria, how to monitor when your database moves away from that baseline and how it can be used to bring it back into compliance.

Feedback link: https://sqlb.it/?6980

Presented by Stuart Moore at SQLBits 2022