EMEA A&C CCOE Partner Technology Cloud Engineering

Partner Webcast - Improve your security posture in Oracle Cloud with Vulnerability Scanning Service

Thanos Terentes Printzios
EMEA A&C Technology Adoption Manager

Oracle Cloud Infrastructure puts the security of critical workloads at the center of our cloud infrastructure. This modern public cloud is built with the security required to protect your most valuable data.

We believe that security should be easier to implement and maintain; this is at the core of Oracle’s approach to cloud security. Our customers and partners want a proactive approach that allows them to more quickly achieve a stronger security posture for their applications and infrastructure.

This is exactly what the Oracle Cloud Infrastructure (OCI) Vulnerability Scanning Service (VSS) provides - a simple, on by default, prescriptive, and free scanning suite that is tightly integrated with the OCI platform.

Cloud security posture management (CSPM) is the answer to the increasing requirements for organizations to address cloud security risks and misconfigured public cloud services. The service is used for risk assessment, visualization, incident responses, compliance, monitoring, and DevOps integration. Customers typically adopt CSPM services to detect misconfigured resources, identify risky and insecure activity across cloud applications and services, and provide visibility to help security administrators triage and resolve cloud security issues.

Oracle Vulnerability Scanning Service helps improve your security posture in Oracle Cloud by routinely checking hosts for potential vulnerabilities. The service generates reports with metrics and details about these vulnerabilities.

Join us on this webcast and learn how you can identity weaknesses and prevent attacks with Oracle Cloud Infrastructure Vulnerability Scanning Service.


  • Demystifying the Cloud Security Shared Responsibility
  • Introducing OCI Vulnerability Scanning Service
  • Vulnerability Scanning Service Concepts
  • Integration with Cloud Guard
  • Demo – How to Scan hosts
  • Summary and Q&A


Mihai Dragomir

Partner Technology Cloud Engineer

Date: Thursday, May 13th, 10am CEST (9am BST/11am EEST)

Duration: 1 hour


Download Here



Subscribe to our Channel

For any questions please contact us at partner.imc@beehiveonline.oracle.com

Join the discussion

Comments ( 2 )
  • Anil Kumar Wednesday, May 19, 2021
    what's the difference between running a VSS free service and running a cloud guard service?
  • Mihai Dragomir Thursday, May 20, 2021
    VSS is an OCI-native service that allows customers to know if their hosts (compute instances or containers) deployed on OCI are free of patchable vulnerabilties. The service offers OCI host scanning that reports on package vulnerabilities, open ports and CIS benchmarks.

    The Scanning service can identify several types of security issues in your compute instances :
    • Ports that are unintentionally left open might be a potential attack vector to your cloud resources, or enable hackers to exploit other vulnerabilities.
    • OS packages that require updates and patches to address vulnerabilities
    • OS configurations that hackers might exploit
    • Industry-standard benchmarks published by the Center for Internet Security (CIS) for the target OS

    On the other hand, Cloud Guard is a service that detects misconfigured resources and insecure activities within your OCI tenancy.
    The service examines your Oracle Cloud Infrastructure resources for security weakness related to configuration (e.g. instance has public ip, bucket is public etc.(, and your operators and users for risky activities (e.g. user has deleted DB etc). Upon detection, Cloud Guard can suggest, assist, or take corrective actions, based on your configuration.

    You can use Cloud Guard to detect and respond to security vulnerabilities identified by Oracle Vulnerability Scanning Service.
    This can be viewed as a way of practicing Vulnerability Management (identify, classify, prioritize, remediate, and mitigate vulnerabilities).

    VSS collects information from your hosts, like OS packages installed. It compares that CVE data with NVD. It collects this info to find out if the package that you have installed has got high, low, critical, medium vulnerabilities. It can take this info and send it out to Cloud Guard. You will know that the host has open ports or vulnerabilities, the risk level that assigned to it, when it was detected. From this view, you can select the actual problem and drill down.
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.