Oracle: Identity-Centric Security for the Modern Cloud Era · Build-create APIs on top of existing services to enable access to data formerly locked inside your legacy apps and data

Oracle: Identity-Centric Security for the Modern Cloud Era

Luca MartelliDirector Identity and Security SolutionsOracle EMEA

Oracle PublicCopyright © 2016, Oracle and/or its affiliates. All rights reserved. |

Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |

Safe Harbor Statement

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.

Oracle Public 2

Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |

Employees PartnersConsumers

Digital Disruption – Changing Changed World

Oracle Public 3

ON PREMISES PUBLIC CLOUD


Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |

Your Sensitive Data is Already in the Cloud

Oracle Public 4

2016 Cloud Security Research Report, Crowd Research Partner

79%Of enterprises are actively deploying cloud solutions in public, private, or hybrid cloud environments

% of Enterprises Deploying

Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Public 5

Workloads are Everywhere Cloud is not just SaaS. Workloads are moving

rapidly to PaaS and IaaS

71% of large enterprise will shift some workloads to cloud by 2018

Enterprises plan to use an average of 6 clouds to run their workloads

2016 McKinsey, 2016 Right Scale



Modern Security Attacks Are…

Oracle Confidential

Not carried out by humans

(they are automated)

Not confined to network(they begin outside)

Not static(they adapt)

IS YOUR SOC READY?


Traditional SOC Challenges

Oracle Confidential

Manual processes(too many alerts, no context)

Static protection(not adaptive)

Focused within perimeter(not external data/apps)

IS YOUR SOC INTELLIGENT?


Users are the new perimeter

Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |Oracle Public 10

Threatintelligence

Oracle Identity SOC

CASB UEBA

Identity Management

SIEM

Automated remediation


Security Cloud Services: Enabling Faster and More Secure Cloud Adoption

Identity Cloud Service

ComplianceCloud Service

Security Monitoring & AnalyticsCloud Service


API Platform Cloud Service

Hybrid Data Security Protection: Database Security

CASB Cloud Service (Palerra)




Modern App SecurityCentralized authentication, authorization, user management and self-service based on latest standards

Hybrid IdentityManage user identities for both cloud and on-premises applications with enterprise-grade hybrid deployments

Secure Defense In-depthGain layers of defense with identity hosted as an Oracle Public Cloud (OPC) service and integrated with cloud security fabric


Introducing Identity Cloud Service

Oracle Confidential – Internal 13


So wareasaService

InfrastructureasaService

Pla ormasaService

3rd Party Cloud Services

• Cloud-Native Multi-tenant platform on the Oracle Cloud

• Manage Users

– Sync identities, SSO, Federation

• Manage Applications

– Integrate using open standards

• Manage Policies

– Protect Applications using strong access control policies

On-Premises Applications

On-premises IAM

SAML

Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | 14

Hybrid Identity• Application security for cloud and

on-premises workloads

• Access Certification, Audit and Compliance for Cloud Apps using Oracle Identity Governance

• Move app policies to the cloud as apps and workloads begin moving to the cloud



CASBEMM

UEBA

Oracle Public 15

Identity as a Security Service


IDCS

Threat Networks

SIEM

Reputation Services


CASB Cloud Service“Cloud Access Security Broker”


DiscoverContinuous visibility into cloud risk covering sanctioned and unsanctioned SaaS, PaaS, and custom applications on IaaS

SecureAutomated controls covering users, data, content, applications, settings, and infrastructure with actionable intelligence

MonitorContinuous monitoring of user activity and security configurations identifying threats and compliance risks

RespondAutomate incident management and remediation through native features as well as integration with existing solutions


Securing Clouds: Iaas Paas Saas

My mission-critical apps need deep

monitoring and governance!

17

I need broad visibility into all apps in

use!

Visibility Compliance Data Security Threat Protection

CASB


Modern Cloud Security with Innovative CASB Solution

DISCOVER MONITORSECURE

• Shadow IT

•Risk Assessment

• Indicators of Compromise

•Data

•Compliance

• Security Controls Provisioning

•Actionable Threat Intelligence

•Activities

•Configuration

• Transactions

•Content

•Policies

RESPOND

•Automated Incident Response

• Integration with IT Service Management Systems

*

CLOUD WORKLOAD SECURITYCLOUD ACCESS SECURITY

7Oracle Public


Oracle’s Palerra: The only CASB to be deployed in <5 minutes

19

Visibility Compliance Data Security Threat Protection

CASBIaaS PaaS SaaS

Direct Cloud Service Access

MOBILE USERS AND DEVICES

ENTERPRISE

INSIDE PERIMETER

SIEMIDaaSNGFW

DLPMDM

Enterprise Security

Integration

API Access

19

Ad




Build - create APIs on top of existing services to enable access to data formerly locked inside your legacy apps and data stores.

Secure – Assign standard security & threat protection to APIs with no coding, including OAuth 2.0, IP filtering, and rate limiting.

Deploy - Choose Cloud or on-premises gateway deployment with the ease of a single-click.

Publish - Browse a comprehensive list of proven APIs from Oracle, the community, and your own organization.

Consume - Register third-party apps easily to allow them the same seamless API utilization as pre-loaded Oracle SaaS APIs.

Monitor - View operational API metrics on a single dashboard to take action quickly.


In a Digital World, APIs are Doors of the Digital World

Social

Financial

HealthProductivity

Transportation

How do you control who enters your system?

Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential – Internal/Restricted/Highly Restricted

Architecture of API Platform Cloud Service

{APIs, Policies}

Periodic outbound Request

Oracle Cloud

DeveloperPortal

API Managers/Implementers/Gateway Administrators



{Analytics}

Oracle Cloud

Amazon, Azure, other

clouds

On Premises

{request}

{response}

{request}

{response}

Firewalls/Load-balancers

Services

GatewaysApplications

Gateways can run anywhere….

Apiary.io

API Designers

API Consumers

ManagerPortal

Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | 23

Oracle is currently reviewing the existing Apiary product roadmap and will be providing guidance to customers in accordance withOracle’s standard product communication policies. Any resulting features and timing of release of such features as determined byOracle’s review of Apiary’s product roadmap are at the sole discretion of Oracle. All product roadmap information, whether communicated by Apiary or by Oracle, does not represent a commitment to deliver any material, code, or functionality, and shouldnot be relied upon in making purchasing decisions. It is intended for information purposes only, and may not be incorporated into any contract.

Cautionary Statement Regarding Forward-Looking StatementsThis document contains certain forward-looking statements about Oracle and Apiary, including statements that involve risks and uncertainties concerning Oracle’s proposed acquisition of Apiary, anticipated customer benefits and general business outlook. When used in this document, the words “anticipates”, “can”, “will”, “look forward to”, “expected” and similar expressions and any other statements that are not historical facts are intended to identify those assertions as forward-looking statements. Any such statement may be influenced by a variety of factors, many of which are beyond the control of Oracle or Apiary, that could cause actual outcomes and results to be materially different from those projected, described, expressed or implied in this document due to a number of risks and uncertainties. Potential risks and uncertainties include, among others, the possibility that the transaction will not close or that the closing may be delayed, the anticipated synergies of the combined companies may not be achieved after closing, the combined operations may not be successfully integrated in a timely manner, if at all, general economic conditions in regions in which either company does business may deteriorate and/or Oracle or Apiary may be adversely affected by other economic, business, and/or competitive factors. Accordingly, no assurances can be given that any of the events anticipated by the forward-looking statements will transpire or occur, or if any of them do so, what impact they will have on the results of operations or financial condition of Oracle or Apiary. You are cautioned to not place undue reliance on forward-looking statements, which speak only as of the date of this document. Neither Oracle nor Apiary is under any duty to update any of the information in this document.

Oracle Buys Apiary

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 24

Oracle + Apiary will Help Companies Leverage APIs to Provide Innovative Services that Interconnect the Digital Economy

* Pending

Combination will deliver a comprehensive cloud platform to create and manage APIs

• Design APIs for innovation and create new business outcomes

• Ensure security for digital assets with policy driven APIs

• Gain visibility and insight to understand how to use existing IP for business goals

• Improve agility to meet customer demand rapidly via new innovative services

Analyze

MonetizeConsume

Secure

Govern

Design

Oracle

Apiary

API Integration Cloud

*

Copyright © 2017, Oracle and/or its affiliates. All rights reserved.Oracle Public 25

Security Cloud Services: Enabling Faster and More Secure Cloud Adoption


ComplianceCloud Service

Security Monitoring & AnalyticsCloud Service



Hybrid Data Security Protection: Database Security

CASB Cloud Service (Palerra)

Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Public 26

For More Information

Blogs.oracle.com/OracleIDM

@OracleSecurity /Oraclesecurity

• Learn about Security Cloud Services @ cloud.oracle.com/paas

• Learn about Identity Cloud Service @ oracle.com/IdentityCloud

• Watch for new service announcements @ oracle.com/security

Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Public 27

Documents

Oracle: Identity-Centric Security for the Modern Cloud Era · Build-create APIs on top of existing services to enable access to data formerly locked inside your legacy apps and data