Andreas Wolter
Data Architect, Security, Sarpedon Quality Lab
Data Architect, Security, Sarpedon Quality Lab LLC
Phoenix, Arizona, United States
Actions
Andreas Wolter is a former Program Manager for Access Control in Azure SQL and SQL Server at Microsoft. In this role, he spearheaded the revamp of SQL Server's permission system and the design of the external authorization system used by Purview policies and Azure database and data warehouse in Fabric.
He has over 20 years of experience with SQL Server, is one of only 7 Microsoft Certified Solutions Master for Data Platform (MCSM) and has been a regular speaker at conferences worldwide for over a decade.
Andreas is the founder of Sarpedon Quality Lab LLC, a consulting company specializing in SQL Server performance, high availability, and security, which he manages in cooperation with Sarpedon Quality Lab Germany.
Andreas Wolter ist ehemaliger Program Manager für Access Control in Azure SQL und SQL Server bei Microsoft USA. In dieser Rolle leitete er den Entwurf eines Autorisierungssystems, das von Purview-Policies und Azure SQL database unter Fabric verwendet wird und ist außerdem verantwortlich für die rund 50 neue Permissions und neuen Server- und Datenbankrollen in SQL Server 2022.
Als einer von nur 7 Microsoft Certified Solutions Master für Data Platform (MCSM) weltweit ist er regelmäßiger Sprecher auf internationalen Konferenzen und war bis zu seinem Wechsel zu Microsoft Jahrelang aktiver MVP in der deutschen Data Platform Community.
Er ist der Gründer der auf SQL Server HA, Performance und Sicherheit spezialisierten Firma Sarpedon Quality Lab Deutschland und seit seinem Rücktritt bei Microsoft leitet er die US-amerikanische Partnerfirma Sarpedon Quality Lab LLC von seiner neuen Heimat in den USA aus.
Links
Awards
Area of Expertise
Topics
Quickstart into Performance Monitoring & Troubleshooting for SQL
A consistent performance-experience is crucial for a successful business. If you are developing and testing SQL databases you need to understand where to look and what to look for.
Depending on whether your SQL database is hosted on-prem, in Azure SQL or Fabric, there are some differences in what tools are available.
In this session, Andreas Wolter, former Program Manager at Microsoft with over 20 years of experience in the field as consultant will give you an overview over the available tools, explain where they overlap and where limitations require a different approach using built-in SQL functionalities.
Among the things you will be introduced to will be the database watcher, extended events, wait stats and DMVs.
So next time someone asks you to take a look at a badly performing database application, you know where to look.
Practical Insights on SQL Server Consolidation and Migration
Optimizing system resource usage has emerged as a top consulting priority—driven by factors like mergers, uncontrolled system growth, and cloud transitions that often overlook necessary architectural adjustments.
In this session, Andreas Wolter, a former program manager at Microsoft Azure Data, will guide participants through the process of assessing an existing SQL server landscape and steps to consolidate and migrate numerous SQL server databases to reduce licensing and hardware requirements. Based on real-world projects this includes avoiding pitfalls and seizing opportunities when migrating databases to new versions. Consideration of availability, performance, and security is crucial for success in the cloud and on-prem.
This session primarily focuses on SQL Server IaaS and on-premises implementations, but most concerns and steps will also apply to PaaS and cross-cloud projects.
SQL Server under attack: SQL Injection
One of the most frequently attacked targets is the data stored on database servers and SQL Injection remains one of the most prevalent attack methods.
In this demo-based session, Andreas Wolter, former Program Manager for SQL security at Microsoft will demonstrate several real-life attacks - ranging from simple data reading to service disruption through various manual SQL Injection techniques. He’ll cover privilege escalation to sysadmin level and even a DoS attack on SQL Server using SQL commands.
If you have a database server that can be accessed by processes beyond your direct control or through frontend applications, and you’re concerned about the potential security implications, this session is for you. You'll learn how specific configuration settings can pose risks to your environment, helping you engage more effectively with your developers or database application vendors to mitigate security risks in your SQL Server environment.
Practical Performance Monitoring & Troubleshooting SQL Server
You are in a DBA, developer or consultant role, supporting SQL Server databases and often someone asks you to take a look at a badly performing database application, certain queries or even “the whole server”. And over and over again you find yourself in the situation of “how to find the root cause in the least amount of time”.
This full-day precon with Andreas Wolter, a former Program Manager for SQL Server at Microsoft, will teach you techniques for general troubleshooting and performance analysis from start-up to advanced techniques.
Among them are:
• SQL Server architecture & internals – the fundament to understanding correlations
• Monitoring methodology, tools & techniques
o Windows Performance Monitor
o Dynamic Management Views (DMVs)
o Wait statistics
o Extended Events for workload & query-analysis
o Query Store
o Azure SQL database watcher (intro)
The above techniques will be used to:
• Identify the most impactful problematic queries
• Detect I/O latency problems
• Investigate Tempdb performance
• Analyze indexes & statistics
• Analyze locking & blocking and concurrency problems
• Identify query plan regression
While no one has evolved into a performance-tuning-master in one single day, you can be sure to learn valuable techniques and concepts to build upon for day-to-day work. And of course, we will also discuss possible solutions or even implement them live. So, at your next phone call “Help, the server is slow!” you know will where to start.
Expect lots of demos and a deep dive into core concepts of SQL Server.
Hands-on! – Attendees who want to directly try out some of the techniques shown can connect to the demo-server which is under a constant workload simulation live with SQL Server management studio themselves! (All that is required is to bring a laptop with SSMS installed and ability to connect to a SQL Server on the internet on a given port.)
Learnings from the latest breaches: Approaching security for SQL Server and Azure SQL strategically
SQL Server and Azure SQL provide many different functionalities and services which help you to protect your most valuable assets: your data. But features alone do not protect if not carefully thought through and working in siloed manners. Without a properly planned security strategy, it is too easy to miss gaps between security controls and finding oneself exposed when a serious attack occurs.
In today’s environment of “hacking as a service”, state-funded and orchestrated hacking groups, being properly prepared for all scenarios can become vital to a company’s survival.
In this session, Andreas Wolter, a former program manager for SQL security at Microsoft with over 2 decades of experience working with customers, will reflect on the current threat landscape and explain the most common breach-patterns as well as how to stop them from occurring.
Under an assume breach mindset we will look at various attack vectors, discuss what ransomware and data exfiltration attacks have in common and how that helps us to prevent or limit the blast radius.
We will look at how to strategically approach a security concept, which starts at the overall system’s architecture and does not end with encryption alone.
This session is aimed at security managers and architects who want to learn how to secure their SQL environments and data not just using the latest technologies and features but also how to approach it strategically.
Andreas Wolter
Data Architect, Security, Sarpedon Quality Lab
Phoenix, Arizona, United States
Links
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top