Vlad1d ago
Recently updated blog post:
In which I demonstrate why using heaps in SQL Server for anything other than staging tables comes with real, measurable costs.
If you didn't get a chance to attend my session at Data Saturday Croatia 2026, then this is the next best thing.
https://vladdba.com/2025/12/30/the-hidden-costs-of-heaps-in-sql-server/
#sqlserver #sqldba #microsoftsqlserver #mssqlserver #mssql #mssqldba
The hidden costs of heaps in SQL Server

In this post I cover some unpleasant side-effects of using heaps in SQL Server for anything else than staging tables.

VladDBA
Vlad4d ago
New blog post:
On my experience as a first time speaker at a Data Saturday conference at Data Saturday Croatia 2026.
https://vladdba.com/2026/06/23/attendee-speaker-data-saturday/
#sqlserver #sqldba #microsoftsqlserver #mssqlserver #mssql #mssqldba #sql #mvpbuzz
From Attendee to Speaker: My first Data Saturday session

In this post I cover my experience as a first time speaker at a Data Saturday conference at Data Saturday Croatia 2026.

VladDBA
VladMay 28

PSBlitz 6.1.0 is live
New checks for Backups (RPO/RPO est.) & Instance Security (beta).
ImportExcel support
Up to 70% faster Excel exports
Retry logic for transient errors

Read the full breakdown: https://vladdba.com/2026/05/28/psblitz-6-1-0-backup-security-checks-excel-performance/
Repo: https://github.com/VladDBA/PSBlitz

#sqlserver #sqldba #powershell #microsoftsqlserver #mssqlserver #mssql #mssqldba #dba #PSBlitz #MVPBuzz

PSBlitz 6.1.0: new backup and security checks, Excel improvements

PSBlitz 6.1.0 is out; it brings new backup and security checks, improved Excel performance, support for ImportExcel PowerShell module.

VladDBA
HabrMay 12

Включаем EPA в FreeTDS и go-mssqldb: приключение на 5 минут

Представьте: вы теряете контроль над SCCM — одним из самых критичных инструментов управления инфраструктурой. А точкой входа становится обычное подключение к MSSQL, где он хранит свои данные. Злоумышленник перехватывает NTLM-аутентификацию и перенаправляет её на нужный сервер — так работает NTLM relay. Мы в команде Security Engineering решили не ждать эксплуатации этой уязвимости. Меня зовут Булат Гафуров, я инженер по информационной безопасности в Яндексе. В этой статье я расскажу, почему стандартного решения оказалось недостаточно и как мы добавили поддержку механизма EPA в популярные библиотеки, чтобы переключить защиту на стороне MSSQL в режим Require, не лишив Linux- и Windows-сервисы доступа к данным.

https://habr.com/ru/companies/yandex/articles/1031368/

#windows #security #ntlm_relay #ntlm #ntlmrelay #epa #mssql #mssqlserver #microsoft #freetds

Включаем EPA в FreeTDS и go-mssqldb: приключение на 5 минут

Представьте: вы теряете контроль над SCCM — одним из самых критичных инструментов управления инфраструктурой. А точкой входа становится обычное подключение к MSSQL, где он хранит свои данные....

Хабр
VladMay 6
Blog post from the past:
In which I go over potential reasons for why some special characters end up corrupted and displayed as question marks, squares or something completely different in SQL Server.
https://vladdba.com/2024/10/04/characters-question-marks-squares-sql-server/
#sqlserver #sqldba #microsoftsqlserver #mssqlserver #mssql #mssqldba
Characters displayed as question marks or squares in SQL Server

In this post I'm going over potential reasons why some characters end up displayed as question marks or squares in SQL Server.

VladDBA
VladApr 28
New blog post:
My guideline on how to handle and test SQL Server backups to ensure their viability and avoid a "Schrödinger's backup" scenario.
https://vladdba.com/2026/04/23/test-sql-server-backups-schrodingers-backups/
#sqlserver #sqldba #microsoftsqlserver #mssqlserver #mssql #mssqldba #sql #azure
Test SQL Server backups to avoid Schrödinger's backups

This post is my guideline on how to handle and test SQL Server backups to ensure their viability and avoid a "Schrödinger's backup" scenario.

VladDBA
VladApr 27
Recently updated post:
In which I discuss the risks of improperly configured SQL Server linked server connections and provide recommendations for securing them.
Now with a query to identify improperly configured linked server connections.
https://vladdba.com/2023/07/10/securing-sql-server-linked-servers/
#sqlserver #sqldba #microsoftsqlserver #mssqlserver #mssql #mssqldba #security
Securing SQL Server linked servers

In this post I address improper security configurations and their impact, as well as recommendations for securing SQL Server linked servers.

VladDBA
VladApr 15
New blog post:
In which I go over three points that are vital in preventing SQL injection when working with dynamic T-SQL.
https://vladdba.com/2026/04/15/dynamic-t-sql-sql-injection-quotename-executesql/
#sqlserver #sqldba #microsoftsqlserver #mssqlserver #mssql #mssqldba #sql
Using dynamic T-SQL? Parametrization alone can't prevent SQL injection

In this post I'll go over three points that are vital in preventing SQL injection when working with dynamic T-SQL.

VladDBA
VladApr 14
New blog post:
My second contribution to T-SQL Tuesday, about a session that got me interested into the security side of things.
https://vladdba.com/2026/04/14/t-sql-tuesday-197-impactful-session-dba-career/
#sqlserver #sqldba #microsoftsqlserver #mssqlserver #mssql #mssqldba #sql #tsql2sday
T-SQL Tuesday #197 - An impactful session changed my DBA career

My second time participating in T-SQL Tuesday, Steve Hughes‘s invitation about an impactful session from a conference brought back memories.

VladDBA
VladApr 13
New blog post:
In which I provide some examples as to why FLOAT isn’t the best option for storing exact financial data in SQL Server.
https://vladdba.com/2026/04/11/stop-using-float-for-financial-data-sql-server/
#sqlserver #sqldba #microsoftsqlserver #mssqlserver #mssql #mssqldba #sql
PSA: Stop using FLOAT to store financial data in SQL Server

In this post I provide some examples as to why FLOAT isn't the best option for storing exact financial data in SQL Server.

VladDBA