At Oracle Cloud Infrastructure, customer security is of paramount importance. We understand that enterprises of all industries and sizes require comprehensive visibility, security and compliance monitoring over their cloud resources. Oracle Cloud Infrastructure provides maximum visibility to customers regarding the actions taken on their cloud resources through the availability of various logs, including the Oracle Cloud Infrastructure Audit service which tracks all actions taken on Oracle Cloud Infrastructure tenancy resources.
Oracle Cloud Access Security Broker (CASB) Cloud Service helps take security a step further by providing automated capabilities for customers to monitor the security of their cloud infrastructure resources. Additionally, Oracle CASB supports monitoring of Oracle Cloud Applications (SaaS), Oracle Cloud Platform (PaaS), and other public clouds, including AWS, Azure, Office 365, and Salesforce. The solution helps customers with heterogeneous multiple-cloud deployments achieve better security postures for their cloud resources.
Oracle CASB monitors the security of Oracle Cloud Infrastructure deployments through a combination of predefined Oracle Cloud Infrastructure-specific security controls and policies, customer-configurable security controls and policies, and advanced security analytics that use machine learning for detecting anomalies. Following are the different types of security monitoring that Oracle CASB performs:
This section provides an overview of how to register your Oracle Cloud Infrastructure tenancy with Oracle CASB and how to view security alerts.
To enable CASB monitoring, you create an Oracle Cloud Infrastructure application instance with Oracle CASB and provision it by using the API key credentials of a least-privilege IAM user that is authorized to get configuration information and audit logs from your Oracle Cloud Infrastructure tenancy.
The following screenshot (Figure 1) shows the registration page where you provide the tenancy OCID, IAM user OCID, public key fingerprint of the IAM user API key, and private key of the IAM user API key to register an Oracle Cloud Infrastructure application instance.
Figure 1. Oracle Cloud Infrastructure Application Instance Registration
Oracle CASB has preconfigured security controls and prebuilt policy controls for Oracle Cloud Infrastructure security monitoring. Examples include checking for public buckets, open (0.0.0.0/0) VCN security lists, monitoring privileges granted using IAM policies, and more. The following screenshot (Figure 2) shows predefined Oracle Cloud Infrastructure security controls that you can enable.
Figure 2. Oracle Cloud Infrastructure Security Controls
At this point, Oracle CASB is ready to get Oracle Cloud Infrastructure audit logs and configuration information from your tenancy to conduct security monitoring based on security and policy controls. The following screenshot shows the dashboard with Oracle Cloud Infrastructure security alerts generated by Oracle CASB.
Figure 3. Oracle Cloud Infrastructure Security Alerts
As a recap, Oracle CASB provides comprehensive security monitoring for customer Oracle Cloud Infrastructure tenancies and generates security alerts with actionable remediation steps to triage the issues. What's more, Oracle CASB enables you to get going quickly because it doesn't require installation of any software agent and uses customer-provided privileges to get security configuration information and logs required for analytics. For more information about how to configure Oracle CASB for use with Oracle Cloud Infrastructure, see the Using Oracle CASB Cloud Service documentation.
Oracle CASB is currently used by Oracle Cloud Infrastructure customers, including large enterprises, whose feedback is integrated into the product, enabling us to continue to improve security and user experience. As new Oracle Cloud Infrastructure services and features are released, Oracle CASB will transparently offer corresponding security checks to Oracle Cloud Infrastructure customers. Oracle CASB provides maximum Oracle Cloud Infrastructure security monitoring for customers, with a relatively low total cost of ownership (TCO). And our Universal Credits Model (UCM) covers Oracle CASB and can be used to pay by consumption for CASB security monitoring.
For more information about Oracle CASB and Oracle Cloud Infrastructure-specific security checks, see the following documentation:
This post was written by guest blogger Nachiketh Potlapally, a consulting member of the technical staff on the Oracle Cloud Infrastructure team.