CEO & Founder, Sarpedon Quality Lab, Germany
Andreas Wolter (@AndreasWolter) is both a Microsoft Certified Master (MCM) on SQL Server 2008 and a Microsoft Certified Solutions Master Data Platform (MCSM) SQL Server 2012 – making him one of only 2 experts worldwide being master-certified on SQL Server 2008 + 2012, having taken the lab for the MCSM exam just the day before Microsoft ended the program. Besides that he has also been awarded with the MVP for SQL Server for the second year now.
Andreas is the founder of Sarpedon Quality Lab, a Germany-based company that specializes in Development and Optimization of SQL Server Database- and Datawarehouse-architectures with focus on performance and scalability as well as a special passion for security.
With over a decade of experience with SQL Server, Andreas can be met at various international conferences and delivering training for the SQL Server Master-Class seminar-series held in Europe. He blogs at www.insidesql.org/blogs/andreaswolter
|Session Title & Code||Abstract||Level||Track|
|Tracing With Extended Events – Top Features – (DBA-03A)||Extended Events (aka XEvents), which entered the product in SQL Server 2008, are replacing the old SQL Trace & Profiler – and there are many good reasons for that. In this session MCM + MCSM Andreas Wolter will demonstrate a selection of the most fascinating possibilities using this Tracing Framework. If you want to find out how to trace in a flexible and lightweight way, how to do advanced analysis directly inside the GUI, how to audit Database and Table-access with Standard edition, analyze deadlocks without old-fashioned TraceFlags based on the built-in system_health session, this session is just for you. Having started my lectures on Tracing with Extended Events in 2012 under the slogan “Hasta la vista, Profiler”, I hope to convince the last one, to kick Profiler out of the door.||Advanced||DBA|
|SQL Server Under Attack via SQL Injection – (DEV-01I)||One of the most often successfully attacked targets is the data that resides in a database server. SQL Server is considered “secure by default”, but this is only relevant until the first databases and configurations have been changed. Which is why most of the exploited weaknesses are due to misconfiguration or weak coding practices as opposed to security bugs in SQL Server itself, of which we had the first one since 7 years in 2014. In this purely demo-based session, I will show several real-life attacks, from mere reading up to disrupting service availability via various types of manual SQL Injection, including a broadly unknown elevation of privileges attack for a non-sa account. If you have a database-server which is accessible by processes beyond your direct control or that even can be reached by some kind of frontend applications and you are unsure regarding the possible security implications to watch out for, this session is meant for you.||Intermediate||DEV/DBA|
Don’t miss SQLServerGeeks Annual Summit at NIMHANS Convention Centre in Bangalore, August 27 – 29, 2015!