2008 SQL Server Security Training

I am looking to send one of my dba's for training specifically in sql server security. I know many of the classes include some training in areas like creating users, database roles, etc. but what I am looking for is something more thorough than that. Basically I am looking for classes that are specifically geared to every facet of sql security, best practices, data intrusion prevention, data and database encryption, network data segmentation, defining security policies, security auditing, anything and everything. Does anyone have any suggestions for any classes we could look into?
more ▼

asked Aug 31, 2011 at 01:45 PM in Default

dlineberry gravatar image

11 1 1 2

where in the world are you?
Aug 31, 2011 at 02:03 PM Kev Riley ♦♦
(comments are locked)
10|1200 characters needed characters left

5 answers: sort voted first

I know you said training, but this book from @mrdenny is a excellent read.

Available from [amazon][1]

[1]: http://www.amazon.com/Securing-SQL-Server-Protecting-Attackers/dp/1597496251/ref=ntt_at_ep_dpt_2
more ▼

answered Aug 31, 2011 at 07:22 PM

sp_lock gravatar image

9.3k 25 28 31

(comments are locked)
10|1200 characters needed characters left
See if you can get in touch with Bob Beauchemin at SQLSkills.com. He covers all those areas in his courses.
more ▼

answered Aug 31, 2011 at 02:18 PM

DBArgenis gravatar image


The IE course Bob teaches that includes security is only 5 modules out of the total amount. ( http://www.sqlskills.com/T_ImmersionSecurityDevSupport.asp) Majority of his course is on development. They don't have an agenda up anymore but I believe of the 5 day course, this was all covered in 1 day.
Aug 31, 2011 at 09:24 PM Shawn_Melton
(comments are locked)
10|1200 characters needed characters left
You might want to check into training courses dealing with Comptia Security+ or CISSP courses. Those would get very detailed into general security best practices, outside of SQL Server context. Some of those topics are generalized to IT security so most SQL Server courses are not going to cover them that I am aware of.
more ▼

answered Aug 31, 2011 at 09:37 PM

Shawn_Melton gravatar image

5.4k 20 21 29

(comments are locked)
10|1200 characters needed characters left

The short answer is you're not going to find any security specific training for SQL Server. Denny Cherry, Don Kiely, and I do sessions at SQL Saturdays, SQL Connections, and the PASS Summit, but so far as I am aware, only one of us proposed a security pre-con for SQL Rally, but it wasn't picked by the community. Therefore, the best resources are books. There's Denny's book, mine (How to Cheat at Securing SQL Server 2005 from Syngress), Kevvie Fowler's SQL Server Forensics, and then the general stuff as Shawn mentioned.

Given what you're asking, I would not waste my time on CISSP books or courses because those are considered management certs and too high level and conceptual for what you're looking for. Security+ is better, but probably the SANS GIAC curriculum is your best bet.
more ▼

answered Sep 01, 2011 at 12:33 PM

K. Brian Kelley gravatar image

K. Brian Kelley
933 2

(comments are locked)
10|1200 characters needed characters left
Thanks for all the responses. It sounds like everyone had the same responses I expected. As a matter of fact I am sending one of my other dba's to a sqlskills training in October. However, we did come across this course, http://www.verhoef-training.com/courses/SSSEC.html, I know it current says 2005 but we have spoken to them and they just have not updated their site and they do the same training only for 2008. Has anyone had any experience with this training company?
more ▼

answered Sep 02, 2011 at 09:27 AM

dlineberry gravatar image

11 1 1 2

I don't recognize the company name and can't access that link from work, but would be curious their excuse for not updating their website. I mean if you are going to be giving training and your website is the source of that information, it should be kept current (SQL 2008 has been out for how long now?). :)
Sep 02, 2011 at 09:52 AM Shawn_Melton
(comments are locked)
10|1200 characters needed characters left
Your answer
toggle preview:

Up to 2 attachments (including images) can be used with a maximum of 524.3 kB each and 1.0 MB total.

New code box

There's a new way to format code on the site - the red speech bubble logo will automatically format T-SQL for you. The original code box is still there for XML, etc. More details here.

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

SQL Server Central

Need long-form SQL discussion? SQLserverCentral.com is the place.



asked: Aug 31, 2011 at 01:45 PM

Seen: 2091 times

Last Updated: Aug 31, 2011 at 02:00 PM