Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Oracle Adds New Security Services to Cloud Platform

Oracle adds new security services to Cloud Infrastructure

Oracle adds new security services to Cloud Infrastructure

Oracle announced on Tuesday that it has added several new security-related services to its Cloud platform, including a web application firewall (WAF), distributed denial-of-service (DDoS) protection, key management, and a cloud access security broker (CASB).

Oracle says the goal of adding new capabilities to Oracle Cloud Infrastructure, which is the company’s enterprise Infrastructure-as-a-Service (IaaS) platform, is to provide end-to-end security for customers through multiple layers of defense.

The new WAF is designed to protect apps on the Cloud Infrastructure against various types of threats, including botnets, DDoS, and application-specific attacks. Threats are automatically blocked and security teams are notified so that they can investigate further.

In order to help ensure the availability of network resources, even when faced with a high-volume DDoS attack, all Oracle data centers will automatically benefit from DDoS detection and mitigation capabilities.

The new CASB is designed to monitor cloud environments to ensure that security practices are being followed. It also uses behavioral analytics based on machine learning to predict potential threats. Users are provided preconfigured controls and policies to help them deploy applications faster without security or operational risks, Oracle said.

Finally, the key management service provides centralized key management and monitoring capabilities, and allows organizations to encrypt data with keys they control.

“The solution delivers partitions in highly available and certified Hardware Security Modules that are isolated per customer. It is ideal for organizations that need to verify for regulatory compliance and security governance purposes that their data is encrypted where it is stored,” Oracle explained.

The software giant told SecurityWeek that the key management, DDoS and CASB capabilities are already available, while the WAF should become available in November.

Advertisement. Scroll to continue reading.

The DDoS protection is provided to customers at no additional charge. Information on pricing for the key management and CASB services can be found on Oracle’s website. The company noted that the universal credits for Oracle Cloud Infrastructure can be used for these new services as well.

“Organizations are facing constant security threats from sophisticated actors who want to attack their applications and access their sensitive data,” said Don Johnson, senior vice president of product development at Oracle Cloud Infrastructure. “The new solutions build on Oracle’s existing, strong security heritage and give customers always-on capabilities that make it easier than ever to achieve end-to-end security. These new security layers include highly automated detective, preventive, responsive, and predictive security controls that help mitigate data breaches, address regulatory compliance, and reduce overall risk.”

Related: Oracle Improves Cloud Security Offering

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.