Specifically, it added new adaptive access capabilities into Oracle Identity Cloud Service (SOC), risk monitoring that uses machine learning engines, and expanded its Cloud Access Security Broker (CASB) service to support its software-as-a-service (SaaS) products with automated threat detection.
The company’s adaptive access technology applies dynamic risk context to determine needed access controls for a given level of risk. “Adaptive Access will interface with the rest of the Oracle Identity SOC, but also with other third-party CASB and risk engines,” said Andy Smith, senior director of product development for Oracle Identity Cloud Services, in an email.
This new feature comes in response to the increased frequency and breadth of incidents targeting both privileged and end-user credentials, Oracle said.
CASB Cloud Service
Additionally, CASB Cloud Service now uses machine-learning for threat detection. Its built-in user behavior analytics (UBA) engine automatically establishes unique historical baselines for each user and cloud service, such as Microsoft Office 365, Box, and others. It continuously compares activity against these baselines to better detect anomalous and risky behavior.
If it detects any deviations, the software orchestrates incident response through a number of options including integration with third-party ticketing and incident management systems, and as native automated remediation.
The company says its CASB Cloud Service is the only CASB product on the market to provide security monitoring and threat detection for Oracle’s SaaS applications.
The CASB Cloud Service also added the Slack messaging platform to its list of supported, sanctioned applications. These also includes Salesforce.com, Microsoft Office365, Box, Google G-Suite, ServiceNow, AWS, GitHub, and Rackspace.
“For cloud visibility today we support Check Point, Fortinet, Palo Alto Networks, and Sophos, in addition we have added support for Symantec/BlueCoat secure web gateway,” Smith said.
In November 2016, Oracle launched its cloud security services portfolio, called the Identity SOC.
Six months after announcing the new cloud security services portfolio, the company said more than 1 million users are using the products and services. Customers include Levi Strauss & Company; cyber risk and consulting company Edgile; video firm Ooyala; and software providers Nomis Solutions, and Pragmatyxs.