Security
Oracle Cloud Infrastructure (OCI) is a Gen-2, security-first cloud. The security pillar focuses on protecting users, safeguarding data, and meeting regulatory and compliance requirements.
OCI lets you migrate your organization's mission-critical workloads to the cloud while continuing to maintain or even improve your security posture. Reduce the overhead of building and operating data center infrastructure without sacrificing security.
The best practices in the security pillar help your organization to define a secure cloud architecture, identify and implement the right security controls, and monitor and prevent issues such as configuration drift.
Quick Links
Whether you're a security architect, a security administrator, or in security operations, OCI provides detailed security documentation and resources to support your role.
The following table helps you to quickly navigate to our most popular security resources.
- The Services column is a collection of OCI cloud-native security services and tools. These tools were designed and built as cloud services to help you achieve and maintain your target security posture. There's an assortment of tools to help you manage the security components at each layer of technology.
- The Best Practices Framework for OCI column provides architectural guidance about how to build OCI services in a secure fashion, based on recommendations in the Best practices framework for Oracle Cloud Infrastructure. Topics cover all security layers, and discuss recommended designs and configurations, including how best to apply OCI security tooling.
- The Security Guide column includes links to documentation in the Oracle Cloud Infrastructure Security Guide. The Security Guide provides detailed instructions about how to deploy and implement security functionality across OCI resources. Review the security guide with your organization's architect and operations teams in the planning phase of your implementation.
| Services | Best Practices Framework for OCI | Security Guide |
|---|---|---|
| General concepts and architecture | About Effective Strategies for Security and Compliance | |
|
Tenancy and Oracle Cloud Infrastructure Identity and Access Management |
Manage Identities and Authorization Policies |
|
|
Data security |
Database Storage Integration and management |
|
|
Platform and infrastructure security |
Isolate Resources and Control Access |
Platform operations Compute resources |
|
Network security |
Ensure Secure Network Access | |
|
Application security |
||
|
Security operations |
Optimize the Security Posture of Your Environment |
Securing Vulnerability Scanning Critical Patch Updates, Security Alerts and Bulletins |
|
Legal, risk, and compliance |
Monitor and Audit Your Environment Integration with third-party security information and event management (SIEM) solutions, such as Splunk and QRadar |
- |