Understand Adaptive Security

Adaptive Security is an advanced feature that provides strong authentication capabilities for your users, based on their behavior within Oracle Identity Cloud Service, and across multiple heterogeneous on-premises applications and cloud services.

When activated, the Adaptive Security feature can analyze a user’s risk profile within Oracle Identity Cloud Service based on their historical behavior, such as too many unsuccessful login attempts and too many unsuccessful MFA attempts, and real-time device context, such as access from unknown devices, impossible travel between locations, and so on. To evaluate the user’s behavior across other systems with which Oracle Identity Cloud Service isn’t directly involved, Adaptive Security allows you to configure your existing risk providers to obtain the user’s risk score from third-party risk providers, such as Symantec CloudSOC Cloud Access Security Broker (CASB). With this enriched context and risk information, Adaptive Security risk profiles each user, and arrives at its own risk score and an overall consolidated risk level (High, Medium, Low) that can be used with Oracle Identity Cloud Service policies to enforce a remediation action, such as allowing or denying the user from accessing Oracle Identity Cloud Service and its protected applications and resources, requiring the user to provide a second factor to authenticate into Oracle Identity Cloud Service, and so on. Administrators can also view how the user’s risk profile trended over a period of time, and drill down to see details associated with each event.