Cloud Security Perspectives and Insights

  • News
    November 19, 2019

Oracle SaaS Cloud Security Goes Way Way Beyond the Bare Minimum

David B. Cross
SVP SaaS Security

Many people ask, “what should the detection baseline be in a cloud-based security analytics system?"

The industry standard is to use the MITRE ATT&CK enterprise matrix. The MITRE ATT&CK matrix is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. It is a highly accepted and always evolving matrix that enables all enterprises and cloud providers to constantly evaluate their threat models, tools, and processes against the prevailing attacker techniques and methods. We believe this is an excellent starting point and the bare minimum framework that must be used in a next-generation cloud provider.

Security infrastructure in the DevSecOps model
Now, a true DevSecOps security infrastructure deployment must continuously validate that the rules are in place and have not been modified. It also must detect and correlate system and user actions in all production systems. These are critical functions in the “detection” phase of the DevSecOps model.

In Oracle SaaS Cloud security, we take detection to the next level
Not only do we ensure that we have a detection rule for every entry in the framework, we also ensure we have a test case and synthetic transactions for every rule. We collect, store, examine, and analyze all the syslogs and application logs for SaaS properties. We also heavily leverage the value of AuditD to monitor all syscalls to analyze binary behaviors.

In the Automated SaaS Cloud Security Services (ASCSS) infrastructure at Oracle, the SaaS Cloud Security (SCS) team constantly evaluates real-time threat intelligence. It also oversees activity from shared indicators of compromise (IoCs) with partner teams/companies and applies Oracle Labs research to build more complex rules and analytics to proactively stay ahead of all malicious attackers.  By using a combination of machine learning, graph analytics, and object behavior modeling, stealthy actions and opaque techniques can be automatically detected and remediated.

We will continue to share our SaaS Cloud Security advancements and integration with various cloud products, functionality, and partner solutions in this blog. Stay tuned for the next update!


Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.