Intelligent Cyber Defense

using Artificial Intelligence
in the Cloud Era

Chetan Vithlani
Product Manager
Oracle Management Cloud

Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |

Safe Harbor Statement
The following is intended to outline our general product direction. It is intended for
information purposes only, and may not be incorporated into any contract. It is not a
commitment to deliver any material, code, or functionality, and should not be relied upon
in making purchasing decisions. The development, release, and timing of any features or
functionality described for Oracle’s products remains at the sole discretion of Oracle.

Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | 2

Healthcare domains • Certifications – Oracle Database RAC 12c certified implementation specialist – Oracle Database 12c certified implementation specialist • 30+ Public events and 70+ customer facing sessions • Social: Twitter: CMVithlani. Founding and Core team member • Over 2 decades of Global IT Industry experience across BFSI. Oracle Management Cloud • Cyber. Cloud and Information Security Solutions Architect • AIOUG Bangalore • Blogs: https://www.linkedin. All rights • YouTube: https://www.Brief Introduction • Product Manager. Oracle and/or its | 3 . LinkedIn: https://in.linkedin. Copyright © 2016.

| 4 . Oracle and/or its affiliates.Agenda • Overview of Oracle Management Cloud (OMC) • OMC Security Services (detail and demo) • Q&A Copyright © 2016. All rights reserved.

| . Oracle and/or its affiliates. We need new systems. “We have to reprioritize and re-think about how we defend our information. Oracle Keynote highlights Copyright © 2016. And make no mistake: it's a war. It's got to be our computers versus their computers. It can't be our people versus their computers. CTO.” Press release – Larry Ellison. All rights reserved. We're going to lose that war.

World’s First Cloud Native Management & Security System • Complete and Integrated System – Monitor and analyze ALL users and assets in a single system • Powered by Machine Learning (ML) – ML-based insights and anomaly detection Configuration Logs SIEM + UEBA Remediation • Automated Remediation Application & Infrastructure Monitoring Analytics – Automated operational workflows and real-time security remediation Copyright © 2016. All rights reserved. Oracle and/or its affiliates. | 6 .

Growing Impact of Cybersecurity 2015 2016 2017 eBay MySpace Yahoo 427M passwords 148M customer 360M emails ALL 3 Billion+ 111M usernames user accounts records Prioritize deals that are or can be driven by external threats. Oracle and/or its affiliates. specifically data breaches Copyright © 2016. | Confidential – Oracle Internal/Restricted/Highly Restricted 7 . All rights reserved.

Modern Security Challenges Visibility Detection Efficiency • BYOD reduces perimeter • Zero day attacks require • More assets. & alerts to manage • Cloud assets uncovered • Low & slow. Oracle and/or its affiliates. | Confidential – Oracle Internal/Restricted/Highly Restricted 8 . security security efficacy anomaly detection tools. multi-stage • High false positives or by legacy security threats require sequence noise to signal ratio monitoring tools awareness • Manual remediation • DevOps multiplies • Targeted. credentialed spread across point tools change rates and risk of attacks require identity erodes time to resolution vulnerable configurations awareness Copyright © 2016. All rights reserved.

Integration Intensive UEBA (User and Entity Behavior Analytics) User context. configuration auditing Copyright © 2016.Current Approach: Fragmented. All rights reserved. | Confidential – Oracle Internal/Restricted/Highly Restricted 9 . Forensic search. Oracle and/or its affiliates. IT ops analytics Configuration Management Secure state. Rules based detection X Separation of rules & ML based threats X Configuration management per stack X Silo’d and manual remediation Log Management X Scale and delivery model differences Raw logs. data models for same data Security context. Anomaly detection SIEM (Security Information and Event Management) X Multiple UIs.

reduced management overhead Copyright © 2016. Orchestration Management  Heterogeneous coverage across cloud and on-premise assets Cloud  Extends operational intelligence to modern threat detection  Delivered as cloud native services for rapid time to value. Log Management.Oracle Management Cloud for SIEM/UEBA Oracle  Integrated SIEM/UEBA. ease of expansion/scale. All rights reserved. Configuration Management. | 10 . Oracle and/or its affiliates.

11 . Oracle and/or its affiliates. All rights reserved.Oracle Management Cloud END USER Global threat feeds EXPERIENCE / ACTIVITY Cloud access INTELLIGENT. Identity UNIFIED PLATFORM APPLICATION Real users Synthetic users POWERED BY MACHINE App metrics MIDDLE TIER Transactions LEARNING Server metrics DATA TIER Diagnostics logs INFORMED BY A COMPLETE Host metrics DATA SET VIRTUALIZATION VM metrics TIER Container metrics Configuration HETEROGENEOUS Compliance Unified Platform AND OPEN INFRASTRUCTURE Tickets & Alerts TIER Security & Network events Copyright © 2017.

box ML Monitoring Monitoring and analyze • Automated • IT Analytics actions and • User • Complete • Topology. All rights reserved. Mobile • Deep • Data workflows & Synthetic support for Explorer • Config. • Security Infrastructure aggregate. & Users Oracle Compliance Copyright © 2016.OMC Key Capabilities Unified Log Analytics Remediation Security Monitoring Management • Application & • Monitor. • Out-of-the. runbook Behavior Transaction Aware log • Pre-built Visibility exploration dashboards • Simple & • Incident complex Response • Real. | 12 . Oracle and/or its affiliates.

All rights reserved.Services Designed To Work Together Application Performance Monitoring Monitor real and synthetic users Orchestration Security Monitoring and and application performance Analytics Infrastructure Execute automated remediation Detect. investigate. and remediate Monitoring and other tasks at cloud scale full range of security threats Monitor database and cross-tier IT Configuration & infrastructure performance Analytics Compliance Log Analyze business and IT data using Manage configuration and change Analytics pre-built apps and explorers against industry and own standards Aggregate. | 13 . and explore the entire enterprise log estate Systems Management Services (for “the NOC”) Security Services (for “the SOC”) Copyright © 2016. index. Oracle and/or its affiliates.

Not Data Terabytes of telemetry Unified metric and log We know the kinds of generated every day data can be understood questions we want to ask overwhelm humans by purpose-built ML Is what I’m seeing What caused the normal or problem? abnormal? What do I need to What problem is pay attention to coming up in the right now? near future? Copyright © 2016. All rights reserved. Oracle and/or its affiliates.ML Is Ideally-Suited for Security & Management • Massive Data Volume • Data Is Highly-Patterned • Need Insights. | 14 .

All rights reserved. Oracle and/or its affiliates.Oracle Identity SOC Functional Overview Single Pane of Glass OMC Security Monitoring & Analytics CS Content Security User Security Configuration Forensics CASB Identity OMC Configuration OMC CS CS & Compliance CS Log Analytics CS Automated Response & Remediation (OMC Orchestration CS) ADAPTIVE INTELLIGENCE Unified Data Platform (includes OMC APM CS & Infrastructure Monitoring CS) and Purpose-Built Machine Learning Copyright © 2016. | 15 .

hybrid environments • One-stop Security Operations Center (SOC) analytics. Oracle and/or its affiliates. investigation and response Copyright © 2016. | 17 .Security Monitoring & Analytics CS • Security Information and Event Management (SIEM) + User Entity Behavior Analytics (UEBA) • Security Monitoring spanning operational and security data across heterogeneous. All rights reserved.

etc.Configuration & Compliance Cloud Service Continuous Compliance Across Hybrid Cloud Estate • Maintain industry and regulatory compliance (STIG. GDPR. All rights reserved. | 18 . Oracle and/or its affiliates.) • Enforce company-specific compliance across hybrid clouds • ML driven configuration drift management Copyright © 2016.

Oracle and/or its affiliates.Demonstration Security Monitoring & Analytics CS Configuration & Compliance CS Copyright © 2016. | 19 . All rights reserved. Copyright © 2016. | 20 https://www.darkreading. Oracle and/or its https://developer.forbes. All rights reserved.Oracle POVs on ML-Enabled Management & Security https://www.

com/management @OracleMgmtCloud Copyright © #MgmtCloud community. All rights reserved. Oracle and/or its affiliates.For More Information | 21 .

All rights reserved.Copyright © 2016. Oracle and/or its affiliates. | 22 .