SQL Vulnerability Assessment for Azure SQL Database

Back in September 2017 Microsoft announced a new security feature for Azure SQL Database called the SQL Vulnerability Assessment (VA). It is currently in preview mode where it has the ability to find, you can guess, security based vulnerabilities for your database such as misconfigurations, excessive permissions, and exposed sensitive data.

Let’s setup a scan. You can find this feature within the settings section of your database.

VAScan

You will then need to select your subscription and storage account to where you would like the results to be stored.

StorageAccount

Click save.

SavingScan

You will then be routed to the main menu where you have the ability to scan. This scan is read-only and doesn’t update anything, just in case you were wondering.

ClickScan

When you click scan, it will move into an executing state.

execScan

Successfully completes, I think….

DoneScan

Okay, so this is where the confusion begins. I successfully completed the scan (remember the success message) yet the scan history option is still grey out (yellow highlight) and the time stamp for the last scan time (yellow highlight) did not get updated. Even if there were no vulnerabilities I would still like to have seen this sort of information exposed to users, just so I know a scan did actually take place.

Doneit.

Update 26/3/18: Please see comment section, scan history is a work in progress.

4 thoughts on “SQL Vulnerability Assessment for Azure SQL Database

  1. Pingback: Dew Drop - March 23, 2018 (#2690) - Morning Dew

  2. Hi – Sorry to hear that you had a problem running a scan. Normally, when your scan completes, your results do come up and we let you know how many passing and failing results you had, with details of each. The Scan History button will be working soon – this is a newly added feature for this service that’s about to be completed!
    If you find this issue with running scans persists, please do open a support ticket and we will track down the problem.
    Thanks!

    Liked by 2 people

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s