For enterprise-grade organizations -- large, traditional businesses and the smaller companies that aspire to be like them -- security and multi-cloud support are paramount.
These organizations need to be able to run each of their applications where it makes the most sense to do so from a cost and performance perspective. Some applications may reside in one cloud, while some live in another. Some may remain on premises, while others require a hybrid model.
Supporting a range of platform and infrastructure services may be best for agility and functionality, but it increases complexity -- especially when it comes to security and maintaining consistency. Oracle Cloud Infrastructure features announced today at Oracle OpenWorld 2018 enhance security from the cloud to the edge of the network, protecting data and applications in an increasingly multi-cloud world.
Web application security
Web applications and sites are central to online business success, so it's not surprising that web attacks have emerged to target these systems and the sensitive data they contain. In fact, web application attacks are the top cause of data breaches, according to the Verizon 2018 Data Breach Investigations Report.
Oracle Cloud Infrastructure announced new native web application firewall (WAF) capabilities to protect against these threats. The Oracle Cloud Infrastructure WAF inspects traffic to any internet-facing endpoint and enables organizations to create and enforce rules to protect against a variety of attacks, including but not limited to botnets, cross-site scripting, SQL injection and distributed denial-of-service (DDoS) attacks.
Oracle Cloud Infrastructure also announced the addition of automated DDoS attack detection and mitigation to all of its data centers. These capabilities monitor and protect against common Layer 3 and 4 DDoS attacks, such as SYN floods, user datagram protocol (UDP) floods, internet control message protocol (ICMP) floods, and network time protocol (NTP) amplification attacks. This approach helps ensure that Oracle Cloud Infrastructure network resources remain available in the event of an attack.
Cloud access security
Two additional Oracle Cloud Infrastructure security announcements focus on configuring and protecting access to cloud resources.
The Oracle Cloud Access Security Broker (CASB), which provides continuous configuration monitoring, predictive threat detection, and automated incident response, now supports Oracle Cloud Infrastructure. And the new Oracle Cloud Infrastructure Key Management service integrates with other Oracle Cloud Infrastructure services to enable customers to more easily encrypt data and manage keys and key vaults.
For more information, read the Oracle Cloud Infrastructure security press release.