Intelligent Cyber Defense

using Artificial Intelligence
in the Cloud Era

Chetan Vithlani
Product Manager
Oracle Management Cloud

Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |

Safe Harbor Statement
The following is intended to outline our general product direction. It is intended for
information purposes only, and may not be incorporated into any contract. It is not a
commitment to deliver any material, code, or functionality, and should not be relied upon
in making purchasing decisions. The development, release, and timing of any features or
functionality described for Oracle’s products remains at the sole discretion of Oracle.

Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | 2

Healthcare domains • Certifications – Oracle Database RAC 12c certified implementation specialist – Oracle Database 12c certified implementation specialist • 30+ Public events and 70+ customer facing sessions • Social: Twitter: CMVithlani. Oracle and/or its affiliates. Oracle Management Cloud • Cyber. Founding and Core team member • Over 2 decades of Global IT Industry experience across • YouTube: https://www. All rights • Blogs: https://www.Brief Introduction • Product Manager.linkedin. Cloud and Information Security Solutions Architect • AIOUG Bangalore Copyright © 2016. LinkedIn: https://in. | 3 .

| 4 . Oracle and/or its affiliates. All rights reserved.Agenda • Overview of Oracle Management Cloud (OMC) • OMC Security Services (detail and demo) • Q&A Copyright © 2016.

Oracle Keynote highlights Copyright © 2016.” Press release – Larry Ellison. Oracle and/or its affiliates. It's got to be our computers versus their computers. CTO. We're going to lose that war. All rights reserved. We need new systems. “We have to reprioritize and re-think about how we defend our information. And make no mistake: it's a war. | . It can't be our people versus their computers.

Oracle and/or its affiliates. All rights reserved. | 6 .World’s First Cloud Native Management & Security System • Complete and Integrated System – Monitor and analyze ALL users and assets in a single system • Powered by Machine Learning (ML) – ML-based insights and anomaly detection Configuration Logs SIEM + UEBA Remediation • Automated Remediation Application & Infrastructure Monitoring Analytics – Automated operational workflows and real-time security remediation Copyright © 2016.

specifically data breaches Copyright © 2016. | Confidential – Oracle Internal/Restricted/Highly Restricted 7 .Growing Impact of Cybersecurity 2015 2016 2017 eBay MySpace Yahoo 427M passwords 148M customer 360M emails ALL 3 Billion+ 111M usernames user accounts records Prioritize deals that are or can be driven by external threats. Oracle and/or its affiliates. All rights reserved.

Oracle and/or its affiliates. credentialed spread across point tools change rates and risk of attacks require identity erodes time to resolution vulnerable configurations awareness Copyright © 2016. All rights reserved. & alerts to manage • Cloud assets uncovered • Low & slow. multi-stage • High false positives or by legacy security threats require sequence noise to signal ratio monitoring tools awareness • Manual remediation • DevOps multiplies • Targeted. | Confidential – Oracle Internal/Restricted/Highly Restricted 8 . security security efficacy anomaly detection tools.Modern Security Challenges Visibility Detection Efficiency • BYOD reduces perimeter • Zero day attacks require • More assets.

All rights reserved. Integration Intensive UEBA (User and Entity Behavior Analytics) User context.Current Approach: Fragmented. Anomaly detection SIEM (Security Information and Event Management) X Multiple UIs. | Confidential – Oracle Internal/Restricted/Highly Restricted 9 . IT ops analytics Configuration Management Secure state. data models for same data Security context. Rules based detection X Separation of rules & ML based threats X Configuration management per stack X Silo’d and manual remediation Log Management X Scale and delivery model differences Raw logs. Oracle and/or its affiliates. Forensic search. configuration auditing Copyright © 2016.

Oracle and/or its affiliates. reduced management overhead Copyright © 2016. | 10 . Log Management.Oracle Management Cloud for SIEM/UEBA Oracle  Integrated SIEM/UEBA. All rights reserved. Orchestration Management  Heterogeneous coverage across cloud and on-premise assets Cloud  Extends operational intelligence to modern threat detection  Delivered as cloud native services for rapid time to value. Configuration Management. ease of expansion/scale.

Oracle and/or its affiliates. All rights reserved. 11 . Identity UNIFIED PLATFORM APPLICATION Real users Synthetic users POWERED BY MACHINE App metrics MIDDLE TIER Transactions LEARNING Server metrics DATA TIER Diagnostics logs INFORMED BY A COMPLETE Host metrics DATA SET VIRTUALIZATION VM metrics TIER Container metrics Configuration HETEROGENEOUS Compliance Unified Platform AND OPEN INFRASTRUCTURE Tickets & Alerts TIER Security & Network events Copyright © 2017.Oracle Management Cloud END USER Global threat feeds EXPERIENCE / ACTIVITY Cloud access INTELLIGENT.

runbook Behavior Transaction Aware log • Pre-built Visibility exploration dashboards • Simple & • Incident complex Response • Real.OMC Key Capabilities Unified Log Analytics Remediation Security Monitoring Management • Application & • Monitor. • Security Infrastructure aggregate. All rights reserved. box ML Monitoring Monitoring and analyze • Automated • IT Analytics actions and • User • Complete • Topology. Oracle and/or its affiliates. | 12 . • Out-of-the. Mobile • Deep • Data workflows & Synthetic support for Explorer • Config. & Users Oracle Compliance Copyright © 2016.

Oracle and/or its affiliates.Services Designed To Work Together Application Performance Monitoring Monitor real and synthetic users Orchestration Security Monitoring and and application performance Analytics Infrastructure Execute automated remediation Detect. and explore the entire enterprise log estate Systems Management Services (for “the NOC”) Security Services (for “the SOC”) Copyright © 2016. investigate. All rights reserved. index. | 13 . and remediate Monitoring and other tasks at cloud scale full range of security threats Monitor database and cross-tier IT Configuration & infrastructure performance Analytics Compliance Log Analyze business and IT data using Manage configuration and change Analytics pre-built apps and explorers against industry and own standards Aggregate.

Not Data Terabytes of telemetry Unified metric and log We know the kinds of generated every day data can be understood questions we want to ask overwhelm humans by purpose-built ML Is what I’m seeing What caused the normal or problem? abnormal? What do I need to What problem is pay attention to coming up in the right now? near future? Copyright © 2016. | 14 . Oracle and/or its affiliates. All rights reserved.ML Is Ideally-Suited for Security & Management • Massive Data Volume • Data Is Highly-Patterned • Need Insights.

All rights reserved.Oracle Identity SOC Functional Overview Single Pane of Glass OMC Security Monitoring & Analytics CS Content Security User Security Configuration Forensics CASB Identity OMC Configuration OMC CS CS & Compliance CS Log Analytics CS Automated Response & Remediation (OMC Orchestration CS) ADAPTIVE INTELLIGENCE Unified Data Platform (includes OMC APM CS & Infrastructure Monitoring CS) and Purpose-Built Machine Learning Copyright © 2016. Oracle and/or its affiliates. | 15 .

Oracle and/or its affiliates. | 17 . hybrid environments • One-stop Security Operations Center (SOC) analytics. investigation and response Copyright © 2016.Security Monitoring & Analytics CS • Security Information and Event Management (SIEM) + User Entity Behavior Analytics (UEBA) • Security Monitoring spanning operational and security data across heterogeneous. All rights reserved.

| 18 . etc. GDPR. All rights reserved.Configuration & Compliance Cloud Service Continuous Compliance Across Hybrid Cloud Estate • Maintain industry and regulatory compliance (STIG. Oracle and/or its affiliates.) • Enforce company-specific compliance across hybrid clouds • ML driven configuration drift management Copyright © 2016.

Demonstration Security Monitoring & Analytics CS Configuration & Compliance CS Copyright © 2016. | 19 . All rights reserved. Oracle and/or its affiliates.

com/vulnerabilities---threats/the-soc-is-deadlong-live-the-soc/a/d-id/1329284? POVs on ML-Enabled Management & Security https://developer.forbes. Oracle and/or its https://www. | 20 .com/sites/oracle/2017/07/10/cant-stop-cyberattacks-teach-your-computer-to-do-it/ Copyright © 2016. All rights reserved.

oracle. | 21 .com/management Cloud.For More Information @OracleMgmtCloud Copyright © 2016. Oracle and/or its #MgmtCloud community. All rights reserved.

Copyright © 2016. | 22 . All rights reserved. Oracle and/or its affiliates.