Andreas Wolter works as Program Manager on the SQL security team at Microsoft. In this role he is working on Security features of SQL Server, Azure SQL Database and Managed Instance. He has 20 years of experience with SQL Server and has been a regular speaker at conferences worldwide for over a decade. Prior to Microsoft he was the lead-architect of a Germany-based company specialized on SQL Server HA, Performance and Security and recognized as MVP for multiple years in row. He is a Microsoft Certified Solutions Master for the Data Platform (MCSM).


In this purely demo-based session, I will show several real-life attacks, from mere reading up to disrupting service availability via various types of manual and automated SQL Injection, including a broadly unknown elevation of privileges attack.
Extended Events are replacing the old SQL Trace & Profiler, and there are many good reasons for that. In this session I want to demonstrate to you some of the best features and possibilities of this Tracing Framework.
Security is one of the top topics for the new release of SQL Server. A total of 3 completely new features are coming to us: Always Encrypted, Dynamic Data Masking and Row Level Security.
This session will focus on the new features and capabilities that help you meet compliance and security needs with SQL Server on-premises as well as in Azure SQL Database. This includes the new Static Data Masking, new authentication capabilities, new functionalities in Vulnerability Assessment and Threat Detection as well as Always Encrypted. If you want to know about the latest developments in SQL Security, this session is for you.
In this session you will learn about the latest big investments in Security for Azure Data Services. Among them the ability to authorize access using Policies in Purview, different managed identity options and the latest on Ledger and Network controls