SQL Server Security blog
All about CLR Apps
   9 min read    Rob Kraft

You have the ability to write applications in a .Net language such as C# and then call those applications from with SQL Server. This ability can be very useful for some purposes, but it comes with three risks.
more

I need, You need, We all need Security
   2 min read    Rob Kraft

Microsoft’s SQL Server product, like so many software products, can be vulnerable to unwanted actions that cause harm to organizations. The responsibility for making a SQL Server secure does not rest with a security team, nor a DBA, nor a network administrator. It requires people in all of these roles to take the appropriate steps. It also requires software developers to write applications that mitigate the risk of SQL Injection. Finally, it requires ongoing surveillance to ensure security remains strong.
more