As organizations add controls to manage consumer rights to data privacy, a direct link between privacy and security becomes clear. This blog is the first in a series that we plan to write about privacy and security, particularly in the context of Software as a Service (SaaS). This series will seek to understand the relationship between privacy and security, and where we think their goals and outcomes meet.
In this blog, we will describe threat intelligence, its uses during the DevSecOps cycle, and how SaaS Cloud Security applies the threat intelligence lifecycle in its operations. Threat intelligence is information that a security team can use to take action against a threat. Good TI provides context so that a team can accurately protect against an identified threat.
When it comes to measuring the security of an information system, scanning is incredibly practical. A previous blog post discussed static code scanning capabilities of SAST tools. This post will provide additional context around the types of security scanning that we do in the Oracle SaaS Cloud Security (SCS) team.
The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) has been under development since 2014 and its aim is to improve cybersecurity for critical infrastructure. Read this blog to learn how Oracle SaaS Cloud Security uses this framework.
When migrating to the cloud, it’s critical to enable enterprise-level threat protection for your applications and their associated data. That’s why Oracle has partnered with Fortinet to provide best-of-breed security solutions that deploy natively within Oracle Cloud Infrastructure.
Many of us are familiar with Security, Incident, and Event Management (SIEM) systems, which detect and monitor security events and activities. In this blog post, we want to show you that SIEMs have evolved and can now do much more.