Customers include Levi Strauss & Company, cyber risk and consulting company Edgile, video firm Ooyala, and software providers Nomis Solutions and Pragmatyxs.
The announcement comes at a time when breaches like last week’s WannaCry ransomware attack are increasing demand for security services. It also positions Oracle as a player in the core security vendor market, said Andy Smith, senior director of product development for Oracle’s security portfolio.
“Oracle has been in the security space for a long time, but in what I would call niche segments of the space,” Smith said. “We’re the 800-pound gorilla in the identity management space. We’re also clearly the leader in the database security space. But we really haven’t had a basket of security services you would sell to the chief security officer. Oracle’s in this space now. This is new for us.”
Oracle cloud security services — the company calls the portfolio its Identity-based Security Operations Center (SOC) — combines four products: Cloud Access Security Broker (CASB) Service, Identity Cloud Service, Configuration and Compliance Cloud Service, and Security and Monitoring Analytics Cloud Service. The first two are generally available, and the second two are both currently being evaluated by select customers.
Oracle says the four cloud services provide an integrated approach to security monitoring, threat detection, analytics, and remediation. The portfolio is built on Oracle’s public cloud platform. It also works across other public, private, and hybrid clouds, as well as on-site data centers.
“The strong adoption Oracle is experiencing with their Security Operations Center (SOC) services portfolio makes perfect sense,” said ESG analyst Doug Cahill in an email. “Organizations look to such services to close the cybersecurity skill services gap via services and also require a reference architecture to unify disparate security controls. SOCs which employ a security operations and analytics platform architecture such as Oracle’s realize both greater threat detection efficacy and operational efficiency.”
IDC analyst Robert Westervelt said the new SOC services look to be a good move for Oracle. He said enterprise clients are looking for security products with these components for a variety of reasons. Monitoring user access, extending data governance policies to data located in Software-as-a-service (SaaS) environments, and automating hybrid IT environments top the list.
“Oracle has always had a strong identity management offering, and the latest offering appears to be pushing it into adjacent security areas, which is a good move and should appeal to the existing customer base,” Westervelt said in an email.
“This is a push that appears to strike at CA, which has been investing in building out its strong SaaS identity and secure cloud offerings,” he added.“Oracle is also striking at a time when RSA – which acquired Aveksa for SaaS identity a while back, is now under the Dell umbrella, and a lot of attention is on how Dell manages the acquisition of all of the RSA security product offerings and services. Many customers are dealing with cloud adoption and data flowing in SaaS repositories with investments in security products that may not be easily extended to support policy enforcement and visibility into these distributed environments.”
But, Westervelt warned, Oracle is entering a crowded environment.
“Enterprise IT security buyers have a variety of options to evaluate, and they are going to want to identify products that can integrate seamlessly with the existing security investments they have already made,” he said. “They are also looking to technology providers like Oracle that have a strong technology partner ecosystem – an especially important area to buyers as they move more parts of their IT architecture to the cloud.”
SOC Security Framework
Oracle calls its cloud security portfolio “the world’s first identity SOC security framework.”
“What makes us different is that we’re bringing each of these solutions together into a holistic, integrated portfolio, with all of these pieces working together, under the concept of an identity Security Operations Center,” Smith said. Customers can purchase each of the four services separately. They also work with competitors’ security software.
“We’re not saying, ‘hey, you have to buy all four of these at once.’ Our identity cloud service will work with Splunk. Our CASB will work with Okta. Each is designed to work with each of the other competitors in the space and compete individually.”
Oracle decided to integrate and offer these cloud security services because it saw the market shifting toward hybrid cloud environments. It also comes at a time when Oracle is aggressively buying up cloud-service startups and beefing up its cloud offerings.
“All of our customers are making this shift from purely on-premises to SaaS, IaaS, basically shifting to the cloud, which is causing disruption in the security community,” Smith said. “At the same time, Oracle’s focusing on our own cloud strategy and our own public cloud — we need many of these same security tools for our own cloud and our own customers.”
The security services use machine learning to provide an “identity-centric, context aware intelligence service” that can be used across industries including manufacturing, banking and finance, utilities, technology, retail, government, and healthcare.
Context-aware detection is important because it helps reduce false positives and more rapidly identify abnormal activity. “Also, you can create policies around this,” Smith said. “I might allow access normally from this device and if they are in this location, but if they are in a unique location or coming from a mobile I might restrict access. The context around it really helps.”
*A single customer can have multiple individuals/users registered for the platform, so 1 million users is a more accurate counting of the portfolio’s current user base.