|
The Southern
New England SQL Server User Group (SNESSUG) was created to provide a local
forum in the Southern New England area for
SQL Server professionals to educate, network, and share information with one
another.
We meet on
the second Wednesday of every month at the New England Institute of
Technology in Warwick, Rhode Island from 6:00PM to 9:00PM. If you
are planning on attending a meeting, please RSVP.
Click here to become a member.
Upcoming Meetings
and Announcements
The PASS Summit
is one of the best training opportunities available. You’ll get top
quality instruction from top flight SQL Server experts including Microsoft
MVP’s. The location of the summit in Seattle means a large cohort of Microsoft
expertise will also be available. The earlier you sign up, the less expensive
the cost, and you can book your hotel early too.
Be sure to use Southern New England SQL Server
Users Group in your registration. We are an official PASS chapter.
For the very best experience at the PASS Summit, volunteer
to help. You’ll get more networking opportunities by volunteering than
you’ll believe possible. If you need to sell the boss on the idea, you
might be interested in this Return
on Investment information. Watch for Tweets
using the #sqlpass tag for more interesting information both before and
during the summit.
July Meeting – 7/8/2009
Andrew Novick
- Defending SQL Server from SQL Injection Attacks
SQL Injection attacks have emerged as the application
security issue that creates the most data loss and web site defacement
incidents passing cross-site scripting.
Defending SQL Server from SQL injection continues to be a problem for
many applications. This
presentation will discuss the ways that SQL Server developers and DBA can
harden their applications and servers.
The methods demonstrated include:
- Protecting
Dynamic SQL statements when they can’t be eliminated.
- Security
configuration to minimize the vulnerable surface area
- Using
DML triggers to thwart many common attacks
- Managing
stored procedure privilege with the EXECUTE AS clause
- Using
DDL triggers to minimize vulnerabilities
- The
ineffectiveness of database and column encryption as defenses from SQL
injection.
The SQL Server is one of the most vulnerable components of
an application and one of the most frequently attacked. Come hear about the techniques you can
use to protect it from SQL injection attacks.
Training Opportunity
– 10/12/2009
Author, MVP, speaker and trainer, Kalen
Delaney will be presenting her world famous course on SQL Server Internals here
in New England. This is your chance at top
flight training that will help you do your job better. Registration is open.
Thanks to the work of Adam Machanic and the New
England SQL Server Users Group, a discount code, NESQL, will help the
cost just a bit. Sign up soon to ensure you have a seat.
Downloads
Download Kevin Maguire’s slides on Change Data Capture
and Non-SQL Server Sources with SSIS from the April 2009 meeting.
Download Rob Walter’s
slides on Using Reporting
Services
in SQL Server 2008 from the June 2008 meeting.
Download Steve Simon’s slides on Reporting
from SQL Server 2005 OLAP Cubes with WebFOCUS from the May 2008 meeting.
Download Grant Fritchey’s slides on
execution plans from the March 2008 meeting.
Download Andrew Kelly's Slides and Sample
Code on Automating Trace and Perfmon from the January 2008 meeting.
Download Steve Simon's Slides on Using
CLR Assemblies with Microsoft SQL Server Stored Procedures from the November
2007 Meeting.
E-mail
Us for Member Code Discount
**Interested in speaking at our user group meeting? Contact
us at contact@snessug.com!**
|
