Securing SQL Server, Third Edition

I would really have liked to give this book at least 4 stars for the content, but the editing, or lack thereof, makes it very hard to read. The errors seem to get more numerous toward the end of the book, as though whoever was doing the proofreading just burned out. There are run-on sentences sometimes 5 or 6 lines long that have an error toward the end that causes you to reread the sentence several times to get the point.Having said that, the breadth and depth of the information is impressive, without getting so geeky that it requires a PhD to comprehend.It’s a small thing - at least on the surface - but the security checklists in Appendix A look very good, and I plan on crosschecking our existing checklists against them, to make sure we have covered everything.

Glaring errors once the author leaves the realm of SQL. Anybody who configures a firewall like the author recommends will be wide open to attack. (permit any as first statement?) And users from external domains can go into local groups in trusting domains. Some sound ideas within the chapters specific to SQL Server. Not much beyond the recommendations of DISA's Security Technical Implementation Guidelines (STIGs to you DoD bubas) but a few good insights.

I cant believe some of main topics are missing

Code examples sometimes don't show what they purport to show. The text is full of run-on sentences and weird grammar that's hard to understand. It seems like there was no review of the content AT ALL before it left the publisher, which makes me doubt the authority of the whole thing.