Oracle on Tuesday announced the availability of its cloud-native, highly-automated security and management suite.
The new set of integrated suites – the Oracle Identity Security Operations Center (SOC) portfolio of services and Oracle Management Cloud – will help enterprises forecast, reduce, detect and remediate cybersecurity threats.
“The way to prevent data theft is more automation,” Oracle co-founder and CTO Larry Ellison said at the OpenWorld conference in San Francisco on Tuesday. “We need a cyber defense system that automatically detects vulnerabilities, fixes vulnerabilities before an attack, and if there is an attack, detect it and shut it down.”
Ellison unveiled the highly-automated cybersecurity system two days after he rolled out Oracle’s autonomous database, called 18c. The cyber defense system is not yet fully autonomous, as the database is, Ellison said. However, the two systems are designed to work together to stop data theft.
“Both of them use machine learning to detect attacks and stop them, real time, after detection,” Ellison said Tuesday. “The security system detects an anomaly and the database automatically patches itself.”
While the SOC Cloud was built to run in the Oracle Cloud, it doesn’t just manage Oracle assets. It can manage assets in other clouds, such as Amazon Web Services, as well as on-premise assets.
“It takes the configuration information of all of your assets and unifies it, puts it in one place, keeps track of all of your users… keeps track of everything,” Ellison said. It processes it all with machine learning to find patterns and anomalies to identify threats.
There’s no integration required and should work with an enterprise’s existing enterprise manager, Ellison said. “You don’t have to rip and place all that you have to take advantage of this.”
Security systems should be automated, Ellison said Tuesday, because “our data centers are enormously complicated.” Equifax, he said, “is a 100 year-old company that’s fighting for its survival… because someone didn’t locate an instance of Apache Struts and fix it when a fix was available.”
Even when people know what to patch, “we don’t take the security threat terribly seriously,” Ellison said.
“The people who are focused on security take it very seriously. The people who have other jobs in the data center are trying to get their jobs done… We’ve got to provide security without slowing down our other tasks, but we have to elevate the priority of security in our data center.”