Product articles
The risks of using EXECUTE (‘SQL Script’)
SQL Prompt’s code analysis rule, BP013, will alert you to use ofExecute(string) to execute a batch in a string, often assembled dynamically from user input. This technique is dangerous because the parameter values are injected before the statement is parsed by SQL Server, allowing an attacker to "tag on" extra statements. Use sp_ExecuteSql instead, and validate the string inputs. Read more
SQL Provision and Azure SQL Database: Creating Local Development and Test Databases
As more businesses start to use cloud-based platforms, such as Azure SQL Database, as their primary database solution, they find that they still need to support on-premise workflows for development and test databases. This is a perfect task for SQL Provision. Read moreHow to Apply Non-Standard SQL Formatting Using SQL Prompt
SQL Prompt not only will format your code exactly as you want, but will also help you switch quickly to an alternative style, or to apply exceptions to certain parts of a SQL script, where your preferred style isn't what's required. Read moreThe Database DevOps Challenges SQL Provision Solves
SQL Provision helps to accelerate the delivery of database changes, by enabling an organization to provide database copies, and the right data, to all parts of the deployment pipeline that need it, with a light footprint, and securely. Tony Davis explains how. Read moreThe Whys and Wherefores of Untrusted or Disabled Constraints
Having untrusted or disabledFOREIGN KEY or CHECK constraints in your databases will degrade data consistency and integrity and can cause query performance problems. Phil Factor explains how to detect these and other table-related issues, during development, before they cause trouble further down the line. Read more
On Quickly Investigating a SQL Monitor Custom Security Alert
Phil Factor offers a clever way to report on a SQL Server intrusion, with a query that shows a full narrative description of all the security-related changes that have been detected by a set of SQL Monitor custom metrics. Read morePicking over the Bones of a SQL Injection Attack
The best way to learn how to protect your databases from SQL Injection is to to see it in action and confront its consequences. This article tells the story of an attack on a vulnerable SQL Server REST interface, explaining how the attack unfolds, the mistakes that made it possible, and SQL Monitor's role as the 'canary in the mine'. Read more
SQL Source Control v7 Enhancements
Stephanie Herr summarizes what's new in SQL Source Control v7, including support for Git hooks, Git repositories hosted on Azure DevOps, and pre- and post-deployment scripts. Read more
Compliant Database DevOps for SQL Server using Redgate Tools
Stephanie Herr explains all the ways in which Redgate tools make it easier for you to include your database in your DevOps processes, so that the development, versioning, release, and on-going monitoring processes accommodate the special requirements of the database. Read moreRedgate Hub
-
Product Articles
Tips and how-to guides for Redgate products
-
University
Easy to follow video courses
-
Events
Join us online, or get sponsored
-
Forums
Ask, discuss, and solve questions about Redgate's tools
-
Community
Develop your skills and meet Redgate Advocates and Friends
-
Simple Talk
In-depth articles and opinion from Redgate's technical journal