Skip to content
Log In

Microsoft Azure SQL Database Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-APP-000233-DB-000124

    Group
    Show

  • The Azure SQL Database must isolate security functions from nonsecurity functions.

    An isolation boundary provides access control and protects the integrity of the hardware, software, and firmware that perform security functions. Security functions are the hardware, software, an...
    Rule Medium Severity
    Show

  • SRG-APP-000243-DB-000128

    Group
    Show

  • SRG-APP-000251-DB-000160

    Group
    Show

  • SRG-APP-000251-DB-000391

    Group
    Show

  • The Azure SQL Database and associated applications must reserve the use of dynamic code execution for situations that require it.

    With respect to database management systems, one class of threat is known as SQL Injection, or more generally, code injection. It takes advantage of the dynamic execution capabilities of various pr...
    Rule Medium Severity
    Show

  • SRG-APP-000251-DB-000392

    Group
    Show

  • The Azure SQL Database and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack.

    With respect to database management systems, one class of threat is known as SQL Injection, or more generally, code injection. It takes advantage of the dynamic execution capabilities of various pr...
    Rule Medium Severity
    Show

  • SRG-APP-000311-DB-000308

    Group
    Show

  • SRG-APP-000313-DB-000309

    Group
    Show

  • Azure SQL Database must implement cryptographic mechanisms preventing the unauthorized disclosure of organization-defined information at rest on organization-defined information system components.

    Azure SQL Databases handling data requiring "data at rest" protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest. Select...
    Rule High Severity
    Show

  • SRG-APP-000447-DB-000393

    Group
    Show

  • SRG-APP-000314-DB-000310

    Group
    Show

  • Azure SQL Database must associate organization-defined types of security labels having organization-defined security label values with information in transmission.

    Without the association of security labels to information, there is no basis for Azure SQL Database to make security-related access-control decisions. Security labels are abstractions representing...
    Rule Medium Severity
    Show

  • SRG-APP-000328-DB-000301

    Group
    Show

  • Azure SQL Database must enforce discretionary access control policies, as defined by the data owner, over defined subjects and objects.

    Discretionary Access Control (DAC) is based on the notion that individual users are "owners" of objects and therefore have discretion over who should be authorized to access the object and in which...
    Rule Medium Severity
    Show

  • SRG-APP-000342-DB-000302

    Group
    Show

  • Azure SQL Database must restrict execution of stored procedures and functions that utilize [execute as] to necessary cases only.

    In certain situations, to provide required functionality, a DBMS needs to execute internal logic (stored procedures, functions, triggers, etc.) and/or external code modules with elevated privileges...
    Rule Medium Severity
    Show

  • SRG-APP-000378-DB-000365

    Group
    Show

  • SRG-APP-000092-DB-000208

    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules