Oracle Cloud Platform Identity and Security Management 1z0–1070-Notes

Oracle Identity SOC Security Solution

  1. The Oracle Identity SOC is an identity and context-aware intelligence and automation solution.
  2. The integrated technologies include Security Incident and Event Management (SIEM), User & Entity Behavior Analytics (UEBA), Identity Management (IDM), and Cloud Access Security Broker (CASB).
  3. Oracle’s modern identity based SOC incorporates threat intelligence from open source and commercial feeds, IP white/blacklists, device reputation, known vulnerability databases, geo-location, and more.
Image from Oracle WebSite
http://www.aioug.org/ODevCYatra/2018/Chetan_ODevCYatra2018-OMC-SecurityServices-July2018.pdf

Oracle Identity Cloud Service

  1. Oracle Identity Cloud Service provides identity management, single sign-on (SSO), and identity governance for applications on-premises, in the cloud, or for mobile devices.
  2. Oracle Identity Cloud Service supports open identity standards such as SAML and OpenID Connect for single-sign-on capabilities (SSO) and provides SSO for crossplatform applications.
  3. By integrating Oracle Identity Cloud Service with Oracle CASB (Cloud Access Security Broker) Cloud Service, powerful supervised and unsupervised machine learning techniques can be used for advanced threat detection.
https://docs.oracle.com/en/cloud/paas/identity-cloud/uaids/understand-administrator-roles.html

Oracle Management Cloud

Image from Oracle Website

Oracle CASB: Cloud Access Security Broker

https://www.oracle.com/uk/cloud/security/cloud-services/casb-cloud.html
Taken From: https://www.youtube.com/watch?v=dbLpAPsjWcM
  1. Oracle CASB Cloud Service includes support for IaaS including Amazon Web Services (AWS) and Rackspace, as well as support for SaaS applications including Box, GitHub, Google Apps, Microsoft Office 365, ServiceNow, and Salesforce.
  2. Oracle CASB Cloud Service classifies the risks that it detects into one of these categories: Weak or noncompliant Security control, Policy alert, Anomalous behavior, Suspicious behavior
  3. ServiceNow is the only incident management provider supported by Oracle CASB Cloud Service currently. It is not set up by default.
  4. Splunk is the only SIEM provider supported by Oracle CASB Cloud Service currently.
  5. The Threat Intelligence Providers page subscribes your Oracle CASB Cloud Service tenant to three of the most up-to-date threat intelligence services
  • Tor gives Oracle CASB Cloud Service insight into anonymous proxy usage.
  • Digital Element allows Oracle CASB Cloud Service to better resolve IP addresses to physical locations, as well as providing information about the relationship between an IP address and the underlying domain name.
  • abuse.ch provides Oracle CASB Cloud Service with detailed information about URL classification, domain classification, and IP reputation.
https://docs.oracle.com/en/cloud/paas/casb-cloud/palug/cloud-security-monitoring.html#GUID-D0DD747D-EF44-4417-9E4C-2C35EBE5E8A9

Oracle Security Monitoring and Analytics

  • Correlation Rule-tunning
  • Customizable Watchlists
  • Storage management
  • Integration with IDCS and CASB services

Oracle Configuration and Compliance

  1. Oracle Configuration and Compliance is a cloud-first solution that helps you assess the compliance of your on-premises, cloud, or hybrid cloud environments based on your business objectives. Oracle Configuration and Compliance automatically assesses, scores, and reports on the compliance posture of your enterprise.
  2. Oracle Configuration and Compliance enables you to use Open Vulnerability and Assessment Language (OVAL) industry standards when you run compliance assessments.

Delegated Authentication

  1. OpenID Connect for browser-based user authentication
  2. OAuth2 for securing REST API calls
  3. HTTP cookies for tracking user’s active sessions
  4. JWT-based tokens for applications to map authenticated Cloud identities to local application identities
  5. SAML for providing Single Sign on for Cross Domain applications using Federation
  6. SCIM for simplified user management in the Cloud by defining a schema for representing users and groups
  7. RESTful APIs for all identity functions for customization and headless operations
  1. Identity domain administrator
  2. Security administrator
  3. Application administrator
  4. User administrator
  5. User manager
  6. Audit administrator
  7. User
  • Successful Login Attempts: View users who have logged in to Oracle Identity Cloud Service successfully.
  • Unsuccessful Login Attempts: View users who have not logged in to Oracle Identity Cloud Service successfully.
  • Application Access: View how many times users logged in to both Oracle Identity Cloud Service, and Oracle and custom applications in your identity domain.
  • Application Role Privileges: View application role grants and revokes for users and groups for applications that are configured in Oracle Identity Cloud Service.
  • Diagnostic Data: View logging data captured in Oracle Identity Cloud Service.

REST APIs

  1. Support for OpenID Connect with Oracle Identity Cloud Service as an Identity Provider
  2. Support for OAuth2 service with range of token grant types that enable you to securely connect clients to services.
  3. REST API supports SCIM 2.0 compliant endpoints with standard SCIM 2.0 core schemas

Oracle Security Monitoring and Analytics Cloud Service

  1. Security solution provided by Oracle
  2. Anomaly detection and investigations, and remediation of the broadest range of security threats across on-premises and cloud
  3. Integrated security information and event management (SIEM) capabilities
  4. User and entity behavior analytics (UEBA) capabilities
  5. built on machine learning, user session awareness, and up-to-date threat intelligence context.
Taken From: http://www.oracle.com/us/solutions/cloud/oracle-cloud-machine-ds-2949541.pdf

Oracle Orchestration Cloud Service

--

--

--

In quest of understanding How Systems Work !

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

❤️‍🔥WE ARE RESPECTLY NOTICE OF THE EVENT IN THE NEXT TIME❤️‍🔥

VIRVIAMALL Is Comming Soon!!

Threshold Signature Scheme-Part 1

Time To Market or Time For Better Security? Which Side Will Win?

Clearing Footprints

Grin: Initial information about the Grin v3.0.0

I asked people in Cybersecurity how to protect a wifi connection

4 Powerful Tools To Check For Vulnerable Log4j Hosts

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Arun Kumar Singh

Arun Kumar Singh

In quest of understanding How Systems Work !

More from Medium

Apache Log4j CVE-2021–44228 vulnerability

Why Did I Contribute to the LitmusChaos Project for Hacktoberfest 2021

How to Reduce Kubernetes Costs

Security Guidance for the Apache Log4j vulnerability (CVE-2021–44228)