Intelligent Cyber Defense

using Artificial Intelligence
in the Cloud Era

Chetan Vithlani
Product Manager
Oracle Management Cloud

Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |

Safe Harbor Statement
The following is intended to outline our general product direction. It is intended for
information purposes only, and may not be incorporated into any contract. It is not a
commitment to deliver any material, code, or functionality, and should not be relied upon
in making purchasing decisions. The development, release, and timing of any features or
functionality described for Oracle’s products remains at the sole discretion of Oracle.

Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | 2

Founding and Core team member • Over 2 decades of Global IT Industry experience across | 3 . Cloud and Information Security Solutions Architect • AIOUG Bangalore • YouTube: https://www. Telco. All rights Copyright © 2016.linkedin. Healthcare domains • Certifications – Oracle Database RAC 12c certified implementation specialist – Oracle Database 12c certified implementation specialist • 30+ Public events and 70+ customer facing sessions • Social: Twitter: CMVithlani. Oracle and/or its affiliates.Brief Introduction • Product Manager. LinkedIn: • Blogs: https://www. Oracle Management Cloud • Cyber.

Oracle and/or its affiliates. All rights reserved. | 4 .Agenda • Overview of Oracle Management Cloud (OMC) • OMC Security Services (detail and demo) • Q&A Copyright © 2016.

” Press release – Larry Ellison. And make no mistake: it's a war. CTO. Oracle and/or its affiliates. It's got to be our computers versus their computers. We're going to lose that war. “We have to reprioritize and re-think about how we defend our information. | . Oracle Keynote highlights Copyright © 2016. All rights reserved. It can't be our people versus their computers. We need new systems.

World’s First Cloud Native Management & Security System • Complete and Integrated System – Monitor and analyze ALL users and assets in a single system • Powered by Machine Learning (ML) – ML-based insights and anomaly detection Configuration Logs SIEM + UEBA Remediation • Automated Remediation Application & Infrastructure Monitoring Analytics – Automated operational workflows and real-time security remediation Copyright © 2016. All rights reserved. Oracle and/or its affiliates. | 6 .

Growing Impact of Cybersecurity 2015 2016 2017 eBay MySpace Yahoo 427M passwords 148M customer 360M emails ALL 3 Billion+ 111M usernames user accounts records Prioritize deals that are or can be driven by external threats. specifically data breaches Copyright © 2016. Oracle and/or its affiliates. All rights reserved. | Confidential – Oracle Internal/Restricted/Highly Restricted 7 .

& alerts to manage • Cloud assets uncovered • Low & slow. Oracle and/or its affiliates. All rights reserved. credentialed spread across point tools change rates and risk of attacks require identity erodes time to resolution vulnerable configurations awareness Copyright © 2016. security security efficacy anomaly detection tools. multi-stage • High false positives or by legacy security threats require sequence noise to signal ratio monitoring tools awareness • Manual remediation • DevOps multiplies • Targeted. | Confidential – Oracle Internal/Restricted/Highly Restricted 8 .Modern Security Challenges Visibility Detection Efficiency • BYOD reduces perimeter • Zero day attacks require • More assets.

Oracle and/or its affiliates.Current Approach: Fragmented. | Confidential – Oracle Internal/Restricted/Highly Restricted 9 . Anomaly detection SIEM (Security Information and Event Management) X Multiple UIs. Rules based detection X Separation of rules & ML based threats X Configuration management per stack X Silo’d and manual remediation Log Management X Scale and delivery model differences Raw logs. configuration auditing Copyright © 2016. Integration Intensive UEBA (User and Entity Behavior Analytics) User context. All rights reserved. IT ops analytics Configuration Management Secure state. data models for same data Security context. Forensic search.

Oracle and/or its affiliates. ease of expansion/scale. All rights reserved. | 10 . Configuration Management. Log Management. Orchestration Management  Heterogeneous coverage across cloud and on-premise assets Cloud  Extends operational intelligence to modern threat detection  Delivered as cloud native services for rapid time to value.Oracle Management Cloud for SIEM/UEBA Oracle  Integrated SIEM/UEBA. reduced management overhead Copyright © 2016.

11 . Oracle and/or its affiliates.Oracle Management Cloud END USER Global threat feeds EXPERIENCE / ACTIVITY Cloud access INTELLIGENT. Identity UNIFIED PLATFORM APPLICATION Real users Synthetic users POWERED BY MACHINE App metrics MIDDLE TIER Transactions LEARNING Server metrics DATA TIER Diagnostics logs INFORMED BY A COMPLETE Host metrics DATA SET VIRTUALIZATION VM metrics TIER Container metrics Configuration HETEROGENEOUS Compliance Unified Platform AND OPEN INFRASTRUCTURE Tickets & Alerts TIER Security & Network events Copyright © 2017. All rights reserved.

Oracle and/or its affiliates. • Security Infrastructure aggregate. box ML Monitoring Monitoring and analyze • Automated • IT Analytics actions and • User • Complete • Topology. • Out-of-the. Mobile • Deep • Data workflows & Synthetic support for Explorer • Config. runbook Behavior Transaction Aware log • Pre-built Visibility exploration dashboards • Simple & • Incident complex Response • Real. | 12 . All rights reserved.OMC Key Capabilities Unified Log Analytics Remediation Security Monitoring Management • Application & • Monitor. & Users Oracle Compliance Copyright © 2016.

| 13 . Oracle and/or its affiliates. and remediate Monitoring and other tasks at cloud scale full range of security threats Monitor database and cross-tier IT Configuration & infrastructure performance Analytics Compliance Log Analyze business and IT data using Manage configuration and change Analytics pre-built apps and explorers against industry and own standards Aggregate.Services Designed To Work Together Application Performance Monitoring Monitor real and synthetic users Orchestration Security Monitoring and and application performance Analytics Infrastructure Execute automated remediation Detect. index. investigate. All rights reserved. and explore the entire enterprise log estate Systems Management Services (for “the NOC”) Security Services (for “the SOC”) Copyright © 2016.

ML Is Ideally-Suited for Security & Management • Massive Data Volume • Data Is Highly-Patterned • Need Insights. All rights reserved. Not Data Terabytes of telemetry Unified metric and log We know the kinds of generated every day data can be understood questions we want to ask overwhelm humans by purpose-built ML Is what I’m seeing What caused the normal or problem? abnormal? What do I need to What problem is pay attention to coming up in the right now? near future? Copyright © 2016. | 14 . Oracle and/or its affiliates.

Oracle Identity SOC Functional Overview Single Pane of Glass OMC Security Monitoring & Analytics CS Content Security User Security Configuration Forensics CASB Identity OMC Configuration OMC CS CS & Compliance CS Log Analytics CS Automated Response & Remediation (OMC Orchestration CS) ADAPTIVE INTELLIGENCE Unified Data Platform (includes OMC APM CS & Infrastructure Monitoring CS) and Purpose-Built Machine Learning Copyright © 2016. All rights reserved. Oracle and/or its affiliates. | 15 .

All rights reserved.Security Monitoring & Analytics CS • Security Information and Event Management (SIEM) + User Entity Behavior Analytics (UEBA) • Security Monitoring spanning operational and security data across heterogeneous. hybrid environments • One-stop Security Operations Center (SOC) analytics. Oracle and/or its affiliates. | 17 . investigation and response Copyright © 2016.

All rights reserved.) • Enforce company-specific compliance across hybrid clouds • ML driven configuration drift management Copyright © 2016. Oracle and/or its affiliates.Configuration & Compliance Cloud Service Continuous Compliance Across Hybrid Cloud Estate • Maintain industry and regulatory compliance (STIG. | 18 . etc. GDPR.

| 19 . All rights reserved.Demonstration Security Monitoring & Analytics CS Configuration & Compliance CS Copyright © 2016. Oracle and/or its affiliates.

com/code https://www. Oracle and/or its Copyright © All rights https://developer. | 20 https://www.Oracle POVs on ML-Enabled Management & Security https://www.

com/mgmtcloud @OracleMgmtCloud Copyright © 2016. | 21 . Oracle and/or its More Information #MgmtCloud Cloud. All rights

| 22 . All rights reserved. Oracle and/or its affiliates.Copyright © 2016.