partner webcast – security monitoring and compliance redefined on cloud

Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |Copyright © 2015 Oracle and/or its affiliates. All rights reserved. |

Thanos Terentes Printzios Technology Adoption Manager, EMEA A&CLuca Martelli Senior Director of Identity & Security EMEATania Le Voi Senior Director, OMC Product Management EMEAArtur Alves Principal Sales Consultant, EMEA

New Oracle Management Cloud Security Cloud Services:Security Monitoring & AnalyticsConfiguration & Compliance April 13th 2017

(Audio is Broadcasted via WebEx Audio Streaming)

EMEA Upcoming Security Webcasts & Events

•27-28 April, Budapest, annual Oracle Partner Security Forum (we still have 8 seats available)

Copyright © 2017 Oracle and/or its affiliates. All rights reserved. |

Safe Harbor Statement

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.

4

Safe Harbor

Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |

Agenda

• Identity SOC: next gen security for hybrid scenario

• New Oracle Management Cloud Security Cloud Services:- Security Monitoring & Analytics- Configuration & Compliance

• Demo

• Licensing Model, General Availability

• How can Oracle Cloud Security Services help with GDPR?

• Resources for Partners

• Q&A

Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Confidential – Oracle Internal/Restricted/Highly Restricted 6

Identity SOC: next gen security for the hybrid environment

CONTENT SECURITY USER SECURITY CONFIGURATION

Security PostureApplications, data and user activity analytics, threat intelligence, and compliance

One-Stop SOC Dashboard

Automated Response & Remediation (Orchestration Cloud Service)

Security Monitoring & Analytics Cloud Service

CASB Cloud Service

Identity Cloud Service

Configuration & Compliance

Cloud Service


Growing Impact of Cybersecurity

7

eBay

148M customer records

2015

MySpace

427M passwords360M emails

111M usernames

2016

Yahoo

1Billion+user accounts

2016


Why Aren’t Security Teams Able to Keep Up

8

Shrinking Visibility

• Cloud, BYOD reduce perimeter security efficacy

• DevOps multiplies change rates

• Shrinking window to catch vulnerable config

Growing Detection Gap

• Zero day attacks require anomaly detection

• Low & slow, multi-stage threats require sequence awareness

• Targeted attacks require identity awareness

Falling Efficiency

• More assets, more security tools, more alerts

• Staffing shortages

• Negative impact on SOC metrics


It's not my machines, it's your code!

It's not my code, it's your machines!

Where’s the data?

9

What does the data mean?

Human-Factor Dependence is Widespread and Inefficient

END USER EXPERIENCE

APPLICATION

MIDDLE TIER

DATA TIER

VIRTUALIZATION TIER

VM CONTAINER

INFRASTRUCTURE TIER

VM CONTAINER

Real UsersSynthetic Users

App metricsTransactions

Server metricsDiagnosticsLogs

Host metricsVM metricsContainer metrics

CMDBTicketsAlerts

END USER EXPERIENCE

APPLICATION

MIDDLE TIER

DATA TIER

VIRTUALIZATION TIER

VM CONTAINER

INFRASTRUCTURE TIER

VM CONTAINER





CMDBTicketsAlerts

END USER EXPERIENCE

APPLICATION

MIDDLE TIER

DATA TIER

VIRTUALIZATION TIER

VM CONTAINER

INFRASTRUCTURE TIER

VM CONTAINER





CMDBTicketsAlerts

END USER EXPERIENCE

APPLICATION

MIDDLE TIER

DATA TIER

VIRTUALIZATION TIER

VM CONTAINER

INFRASTRUCTURE TIER

VM CONTAINER





CMDBTicketsAlerts

END USER EXPERIENCE

APPLICATION

MIDDLE TIER

DATA TIER

VIRTUALIZATION TIER

VM CONTAINER

INFRASTRUCTURE TIER

VM CONTAINER





CMDBTicketsAlerts

END USER EXPERIENCE

APPLICATION

MIDDLE TIER

DATA TIER

VIRTUALIZATION TIER

VM CONTAINER

INFRASTRUCTURE TIER

VM CONTAINER





CMDBTicketsAlerts

END USER EXPERIENCE

APPLICATION

MIDDLE TIER

DATA TIER

VIRTUALIZATION TIER

VM CONTAINER

INFRASTRUCTURE TIER

VM CONTAINER





CMDBTicketsAlerts

END USER EXPERIENCE

APPLICATION

MIDDLE TIER

DATA TIER

VIRTUALIZATION TIER

VM CONTAINER

INFRASTRUCTURE TIER

VM CONTAINER





CMDBTicketsAlerts

It’s not my policies, it’s your code!

It’s not my code, it’s your policies!


Have All The Data You Need

10

Know What The Data Means

What if You Could…?

Copyright © 2017 Oracle and/or its affiliates. All rights reserved. | 11

Our Vision

Complete, integrated suite of management solutions

Designed for heterogeneous applications and infrastructure

Rapid time to valueOn Premise

Application PerformanceMonitoring

LogAnalytics IT

Analytics

Infrastructure Monitoring

ComplianceOrchestration

Security Monitoring & Analytics


Current Solution: Fragmented and Integration Intensive

12

SIEM(Security Information and Event Management)

Security context, Rules based detection

UEBA(User and Entity Behavior Analytics)

User context, Anomaly detection

X Integration overhead in perpetuity

X Multiple UIs, support lines, M&A risk

X Redundancy within in each segment

X Lacking operational awareness

X Scale, delivery model discrepancies

Log ManagementRaw logs, Forensic search, IT ops analytics

Configuration ManagementSecure state, configuration auditing

Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | 13

Oracle Management

Cloud

Integrated SIEM/UEBA, log, configuration management

SMB to F100 trusted vendor globally Heterogeneous coverage across cloud and

on-premise assets Adds unique operational intelligence critical

to modern threat detection Delivered as cloud service suite for rapid

time to value, ease of expansion/scale

Security Monitoring and Compliance Redefined

Security Monitoring and Analytics

Configuration and Compliance


01100100 01100001 01110100 01100001 0110010001100001 01110100 0100 0110000101100100 01100001 01110100 01100001 0110010001100001 01011 01110100110000101100100 01100001 01110100 110000101100100 01100001 01110100 011000010110010001100001 01110100 110000101100100 0100111 01100001 01110100110000101100100 01100001 01110100 01100001 011010 0110010001100001 0111010001100001 0110010001100001 01110100 01001 01100001 0110010001100001 0111010001100001 0110010001100001 01001 01110100 01100001 0110010001100001 0111010001100001 0100101001 001 0110010001100001 01110100 01100001 011001000110000101110100 010011 01100001 0110010001100001 01110100 01100001 01100100 0110000101001 01110100 01100001 0110010001100001 01110100 01100001 01100100 0100 0110000101110100 01100001 0110010001100001 01110100 01000100 0100 11000010110010001100001 01110100 110000101100100 01100001 01110100 01100001 011001000110000101110100 110000101100100 01100001 010001 01110100 110000101100100 0110000101110100 01100001 01000100 010011 0110010001100001 01110100 011000010110010001100001 01110100 01000 01110100 110000101100100 01100001 0111010001100001 01000100 010011 0110010001100001 01110100 01100001 011001000110000101110100 010011

Next-Generation Unified Data

14

END USER EXPERIENCE/ACTIVITY

APPLICATION

MIDDLE TIER

DATA TIER

VIRTUALIZATION TIER

VM CONTAINER

INFRASTRUCTURE TIER

VM CONTAINER


Unified Platform




CMDB/ComplianceTicketsAlerts

INTELLIGENT, UNIFIED PLATFORM

POWERED BY MACHINE LEARNING

INFORMED BY A COMPLETE DATA SET

HETEROGENEOUS AND OPEN

✔

✔

✔

✔

Security Events

Global Threat FeedsCASBIdentity


01100100 01100001 01110100 01100001 0110010001100001 01110100 0100 0110000101100100 01100001 01110100 01100001 0110010001100001 01011 01110100110000101100100 01100001 01110100 110000101100100 01100001 01110100 011000010110010001100001 01110100 110000101100100 0100111 01100001 01110100110000101100100 01100001 01110100 01100001 011010 0110010001100001 0111010001100001 0110010001100001 01110100 01001 01100001 0110010001100001 0111010001100001 0110010001100001 01001 01110100 01100001 0110010001100001 0111010001100001 0100101001 001 0110010001100001 01110100 01100001 011001000110000101110100 010011 01100001 0110010001100001 01110100 01100001 01100100 0110000101001 01110100 01100001 0110010001100001 01110100 01100001 01100100 0100 0110000101110100 01100001 0110010001100001 01110100 01000100 0100 11000010110010001100001 01110100 110000101100100 01100001 01110100 01100001 011001000110000101110100 110000101100100 01100001 010001 01110100 110000101100100 0110000101110100 01100001 01000100 010011 0110010001100001 01110100 011000010110010001100001 01110100 01000 01110100 110000101100100 01100001 0111010001100001 01000100 010011 0110010001100001 01110100 01100001 011001000110000101110100 010011

END USER EXPERIENCE/ACTIVITY

APPLICATION

MIDDLE TIER

DATA TIER

VIRTUALIZATION TIER

VM CONTAINER

INFRASTRUCTURE TIER

VM CONTAINER


Unified Platform




CMDB/ComplianceTicketsAlerts

Security Events

Global Threat FeedsCASBIdentity

Powered By Machine Learning

ANOMALY DETECTION

CLUSTERING

PREDICTION

CORRELATION


Why The Security Problem is Perfect for Machine Learning

Massive volume

Highly patterned

Predictable format

Possible to unify data

Exhibits long-term trends

Sources constantly change

Copyright © 2017 Oracle and/or its affiliates. All rights reserved. | 17

Purpose-Built Machine Learning Answers Top Questions

What caused the breach?

What is the biggest threat?

Should I be concerned about what this user is

doing?

Is what I’m seeing normal or abnormal?

What do I need to pay attention to

right now?

WHAT WILL HAPPEN

TOMORROW?

How do I prevent the problem in the

future?

What areas can I harden, and how?

Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Confidential – Oracle Internal/Restricted/Highly Restricted 18

Single Pane of Glass for IdentitySOC

CONTENT SECURITY USER SECURITY CONFIGURATION

Security PostureApplications, data and user activity analytics, threat intelligence, and compliance

One-Stop SOC Dashboard

Automated Response & Remediation (Orchestration Cloud Service)

Security Monitoring & Analytics Cloud Service

CASB Cloud Service

Identity Cloud Service

Configuration & Compliance

Cloud Service


Security Monitoring and Analytics Cloud Service

• Comprehensive Detection– Any log, any intelligence feed, any metric, any

location (on-premises or cloud)

• Rapid Investigation– Intuitive visualization of threats and early

warning signs

• Intelligent Remediation– Powerful auto-remediation framework for any IT

stack

• Faster Time to Value– Next-gen cloud service with SOC ready content

Oracle Public 19Oracle PublicCopyright © 2016, Oracle and/or its affiliates. All rights reserved. |


Configuration and Compliance Cloud Service

• Standards Based– Execute industry standard compliance benchmarks

at cloud scale

• Application & Cloud Aware– Assess compliance against infrastructure and

applications stacks, on-premises or in the cloud

• Efficient & Actionable– Quickly determine your enterprise compliance

posture and remediate violations

• Extensible– Execute custom scripts and enforce your

organization’s standards

Oracle Public 20Oracle PublicCopyright © 2016, Oracle and/or its affiliates. All rights reserved. |


• Application topology awareness

– Lateral movement within application

– Multi-tier attack within application

• Orchestration/Remediation

– Execute configuration assessment

– Change user privileges

• Full visibility across stack and clouds

– End-user activity

– Application and Infrastructure Logs

– Configuration assessment results

– Operational metrics (CPU, memory etc.)

21

Application PerformanceMonitoring

Log Analytics

IT Analytics

Infrastructure Monitoring

Compliance

Orchestration

Security Monitoring & Analytics

Unified Data, Comprehensive Suite

Copyright © 2017 Oracle and/or its affiliates. All rights reserved. |Copyright © 2015 Oracle and/or its affiliates. All rights reserved. |

Artur Alves Principal Sales Consultant, EMEA

New Oracle Management Cloud Security Cloud Services:Security Monitoring & AnalyticsConfiguration & Compliance

April 13th 2017


• Key aspects of GDPR

– New statutory requirements will require companies to re-think how they handle and protect their personal data

– Includes a new liability and sanction regime

– Entry into force on 25 May 2018

• Potential serious consequences

– Fines of up to 4% of global annual revenue or €20M

– 72 hours for data breach notification

• Aspects of GDPR that Oracle Offerings may Help Address

– “Data Protection by design and default”

– “Security of Processing“

– “Data Breach Notifications to Individuals” not required if security controls prevent breach from occurring

– If a data breach occurs “administrative fines shall” take into account “technical and organisational measures implemented”

23

• Relevant Oracle Offerings

– Database Security Advanced Security Option, Database Vault, Audit Vault Database Firewall, Key Vault, Data Masking/Subsetting. DB Cloud can make use of DB security features/options

– High availability and resilience: Data Guard, RAC, Backup solutions, ZDLRA

– Software Security CASB Cloud Service, SMA Cloud Service, CC Cloud Service, API-Platform Cloud Service

– Identity Management Identity Governance, Identity Cloud Service, Access Management, Centralised Directory

– Applicable to “existing/legacy systems and new digital systems”

Summary: GDPR & Oracle Offerings

http://www.oracle.com/technetwork/database/security/wp-security-dbsec-gdpr-3073228.pdf

http://www.oracle.com/technetwork/database/security/wp-security-dbsec-gdpr-3073228.pdf


Awarness and Enablement Plan for PartnersDemoWorkshopsPartner Community Forum (April)


Access a cloud instance of IDCS: demo.oracle.com (GSE)

• Partners have access to demo.oracle.com (GSE) directly provided they sign the DSS Addendum

• Demo ServiceSAddendum can be signed on line via http://www.oracle.com/partnerstore(Demo Services -> Apply for Addendum)

http://www.oracle.com/partnerstore


• 2 days annual meeting with focused EMEA Identity&Security partners

• Benefits:

– Sharing about customer business priorities

– Getting the latest roadmaps and insights from HQ head of security development (HQ PMs Team + EMEA Team)

– Networking

• Expectations:

– Bidirectional conversations

• Link : https://blogs.oracle.com/emeapartnermiddleware/entry/oracle_partners_identity_cloud_security

Security Partner Community ForumBudapest – 27, 28 April 2017

26

https://blogs.oracle.com/emeapartnermiddleware/entry/oracle_partners_identity_cloud_security


• A&C Team

– [email protected]

– Thanos Terentes Printzios

– Your Oracle Partner Manager

• EMEA Security

– Franck Hourdin

– Luca Martelli

– Patrick McLaughlin

– Prashant Barot

• OMC EMEA Product Management

– Tania Le Voi

Regional Security Goto Persons:

– Alessandro Vallega, France, Italy

– Mauricio Gumiel, Iberia

– Karen Weebers, Benelux

– Dragan Petkovic, MEA

– Dimitris Theodoropoulos, EECIS

– Ernst Lorenz, North

– Paul Kennedy and Graeme Kerr, UKIE

– Natalia Diskin, Israel

Follow-up Contact Details in the Security Team([email protected])

27

mailto:[email protected]

mailto:[email protected]


Questions


Stay In TouchOracle IMC blog:http://blogs.oracle.com/imc

Oracle ECEMEA Partner Hub Homepage:http://oracle.com/goto/hub-ecemea

Oracle IMC Mail:[email protected]

Twitter: http://twitter.com/oracleimc

Facebook: http://facebook.com/oracleimc

LinkedIn: http://linkedin.com/groups/OracleIMC-4535240

Google+: http://plus.google.com/+OracleIMC