New Article: Understanding SQL Server Ownership Chaining

Back in January I gave a presentation to a small group of folks on foundational SQL Server security items. The last thing I covered was the concept of ownership chaining. I was surprised that most in the room weren’t familiar with it and how it worked. That led me to write the following article at

Understanding SQL Server Ownership Chaining

I’m working on the follow-on article now, which gives practical uses for ownership chaining scenarios. That will hopefully be completed and posted soon.


Upcoming Webinar: Learning from Data Breaches

Recently I partnered up with Kevin Kline (SentryOne blog | twitter) and SentryOne to record a webinar on learning from data breaches. We start by talking about Mitre’s ATT&CK framework. Then we move in to a selected set of data breaches applying the ATT&CK framework to understand the basic tactics and techniques which were successful in each breach and what mitigation steps could have been taken to prevent the unintended access, or at least, make it more difficult. This is the first of a two part series, so this is an overview of what were the issues, what were done, and how generally accepted security best practices could have made a huge difference.

For the US, the initial presentation will be April 15 at 11:30 AM Eastern. For EMEA, it’ll be April 16 at 11:00 AM Central European Summer Time.

Registration Links: