Table of Contents
- Title and Copyright Information
- Preface
-
Part I Getting Started
-
1
Oracle CASB Cloud Service
- Typical Workflow for Oracle CASB Cloud Service
- How to Begin with Oracle CASB Cloud Service
- Setting Up a Primary Tenant Administrator
- Accessing Oracle CASB Cloud Service Using Universal Credits
- About Cloud Security Monitoring
- About Risk Detection in the Oracle CASB Cloud Service Console
- A Tour of the Oracle CASB Cloud Service Console
- Task Overview: Starting to Monitor Cloud Applications
-
1
Oracle CASB Cloud Service
-
Part II Administrative Tasks
- 2 Signing In and Managing Your Account
- 3 Managing Oracle CASB Cloud Service Administrators
- 4 Performing Miscellaneous Administrative Tasks
-
Part III Setting Up Cloud Applications for Monitoring
- 5 Preparing Cloud Applications for Monitoring
- 6 Registering Cloud Applications with Oracle CASB Cloud Service
-
7
Setting Up Amazon Web Services (AWS)
- Typical Workflow for Amazon Web Services Security Monitoring
-
Preparing and Registering AWS
- Using an IAM Role: Creating a Dedicated Service Role
- Using an IAM Role: Adding Source Dedicated Service Roles for Cross-Account Logging
- Using an IAM User: Creating and Registering a Dedicated Service User
- Using an IAM User: Adding Source Dedicated Service Users for Cross-Account Logging
- Security Control Values for AWS (Monitor Only/Read Only)
- Security Control Values for AWS (Push Controls/Read-Write)
- AWS Registration Errors
- Updating an AWS Instance
- Next Steps for AWS
- 8 Setting Up Azure
- 9 Setting Up Custom Apps for AWS
- 10 Setting Up Microsoft Office 365
-
11
Setting Up Oracle Cloud Infrastructure (OCI)
- Typical Workflow for OCI Monitoring
- Preparing OCI
- Adding an OCI Instance
- Updating an OCI Instance
-
Working with OCI Security Control Baseline Settings and Templates
- About Security Control Templates and Application Instances
- Creating a Template
- Attaching a Template to an OCI Application Instance
- Using a Template as the Base for Custom Settings
- Editing a Template
- Updating a Security Control's Settings in Multiple Templates or Application Instances
- Updating an Exception Setting in Multiple Application Instances
- Viewing an Inventory of Template Usage
- Duplicating a Template
- Deleting a Template
- Next Steps for OCI
-
12
Setting Up Oracle Enterprise Resource Planning (ERP) Cloud
- Typical Workflow for Oracle ERP Cloud Monitoring
-
Preparing Oracle ERP Cloud
- Creating a Dedicated Oracle CASB Cloud Service User in Oracle ERP Cloud
- Enabling Business Object Auditing for Oracle ERP Cloud
- Enabling Role Auditing for Oracle ERP Cloud
- Enabling Association of Oracle CASB Cloud Service with Oracle Access Manager (OAM) for ERP Cloud
- Whitelisting Oracle CASB Cloud Service if Oracle ERP Cloud Fusion POD is Whitelisted
- Adding an Oracle ERP Cloud Instance
- Updating an Oracle ERP Cloud Instance
- Next Steps for Oracle ERP Cloud
-
13
Setting Up Oracle Human Capital Management (HCM) Cloud
- Typical Workflow for Oracle HCM Cloud Monitoring
-
Preparing Oracle HCM Cloud
- Creating a Dedicated Oracle CASB Cloud Service User in Oracle HCM Cloud
- Enabling Business Object Auditing for Oracle HCM Cloud
- Enabling Role Auditing for Oracle HCM Cloud
- Enabling Association of Oracle CASB Cloud Service with Oracle Access Manager (OAM) for HCM Cloud
- Whitelisting Oracle CASB Cloud Service if Oracle HCM Cloud Fusion POD is Whitelisted
- Adding an Oracle HCM Cloud Instance
- Updating an Oracle HCM Cloud Instance
- Next Steps for Oracle HCM Cloud
- 14 Setting Up Oracle Identity Cloud Service (IDCS)
-
15
Setting Up Oracle Sales Cloud
- Typical Workflow for Oracle Sales Cloud Monitoring
-
Preparing Oracle Sales Cloud
- Creating a Dedicated Oracle CASB Cloud Service User in Oracle Sales Cloud
- Enabling Role Auditing for Oracle Sales Cloud
- Enabling Association of Oracle CASB Cloud Service with Oracle Access Manager (OAM) for Sales Cloud
- Whitelisting Oracle CASB Cloud Service if Oracle Sales Cloud Fusion POD is Whitelisted
- Adding an Oracle Sales Cloud Instance
- Updating an Oracle Sales Cloud Instance
- Next Steps for Oracle Sales Cloud
-
Part IV Enhancing Security
-
16
Creating Policies and Managing Policy Alerts
- Typical Workflow for Creating Policies and Managing Policy Alerts
- About Policy Alerts
- Getting Started with Policies
- Working with Managed Policies
- Managing Policy Alerts in Risk Events
- Creating a Policy
- Modifying a Custom Policy
- Example Alert: Changes to a Sensitive File
-
Creating Policy Alerts for AWS
- Types of AWS Alerts
- Creating an AWS Policy
- Creating Alerts for IAM Users
- Creating Alerts for IAM Groups
- Creating Alerts for the AWS Root User
- Creating Alerts for Access and Federated Access
-
Creating Alerts for EC2 Instances and Networks
- Creating Alerts for EC2 Starts and Terminations
- Creating Alerts for EC2 Network ACL Modifications
- Creating Alerts for Creating or Deleting EC2 Network ACL Entries
- Creating Alerts for EC2 Network ACL Changes
- Creating Alerts for EC2 Network ACL Rule Changes
- Creating Alerts for EC2 Network Routing Changes
- Actions for EC2 Instances and Networks
- Creating Alerts for EC2 Security Groups
- Creating Alerts for EC2 VPCs and VPNs
- Creating Alerts for EC2 Internet Gateways
- Creating Alerts Based on EC2 Tags
- Creating Alerts for CloudTrail Changes
- Creating Alerts for S3 Resources
- Creating Alerts for Setting AWS Roles
- Creating Alerts for Cloud HSM
- Creating Alerts for RDS
- Creating Alerts for ACM
- Creating Alerts for Auto Scaling
- Creating Alerts for ELB
- Creating Alerts for KMS
- Creating Alerts for Redshift
- Creating Alerts for Route 53
- Creating Alerts for Direct Connect
- Creating Alerts for Elastic Search
- Condition Parameters for AWS Alerts
- Sample AWS Alerts
-
Creating Policy Alerts for Azure
- Creating an Azure Policy
- Creating Alerts for Virtual Networks
- Creating Alerts for Virtual Machines
- Creating Alerts for Storage Account Disks
- Creating Alerts for Storage Accounts
- Creating Alerts for Storage
- Creating Alerts for Key Vault
- Creating Alerts for Disks
- Creating Alerts for Classic Virtual Networks
- Creating Alerts for Classic Virtual Machines
- Creating Alerts for Classic Storage Accounts
- Creating Alerts for Azure Users
- Creating Policy Alerts for Discovered Applications
- Creating Policy Alerts for Office 365
-
Creating Policy Alerts for Office 365 Exchange Online
- Creating Alerts for Sending and Receiving Email Using Exchange Online
- Creating Alerts for Exchange Users, Admins, Roles, Contacts, and Groups
- Creating Alerts for DLP, Malware, and Filtering
- Creating Alerts for Exchange Information Rights Management
- Creating Alerts for Exchange Online Access Rules
- Creating Alerts for Exchange Mailboxes and Folders
- Creating Alerts for Exchange Email Retention Rule Changes
- Creating Alerts for Exchange Mobile Devices and ActiveSync
- Creating Alerts for Unified Messaging
- Alerts for Other Exchange Online Resources
- Creating Policy Alerts for Office 365 SharePoint and OneDrive
- Creating Policy Alerts for Office 365 Azure Active Directory
-
Creating Policy Alerts for Oracle Cloud Infrastructure (OCI)
- Creating an OCI Policy
- Creating Alerts for Compute Images
- Creating Alerts for Compute Instances
- Creating Alerts for Database Systems
- Creating Alerts for Dynamic Routing Gateways
- Creating Alerts for Identity Groups
- Creating Alerts for Identity Policies
- Creating Alerts for Identity Users
- Creating Alerts for Identity Compartments
- Creating Alerts for Identity Federations
- Creating Alerts for Networking Internet Gateways
- Creating Alerts for Networking Load Balancers
- Creating Alerts for Networking Network Security Groups
- Creating Alerts for Networking Security Lists
- Creating Alerts for Networking Virtual Cloud Networks
- Creating Alerts for Object Storage
- Creating Alerts for Storage Block Volumes
- Creating Policy Alerts for Oracle ERP Cloud
- Creating Policy Alerts for Oracle HCM Cloud
- Creating Policy Alerts for Oracle Identity Cloud Service (IDCS)
- Creating Policy Alerts for Oracle Sales Cloud
- 17 Maintaining Secure Configuration Settings
-
18
Discovering Shadow Applications
- Typical Workflow for Discovering Shadow Applications
- About Discovering Shadow Applications
- Subscribing to Oracle CASB Cloud Service — Discovery
- Manually Uploading a Log File
- Setting Up Automatic Upload of Log Files
- Viewing Discovered Applications and Understanding the Results
- App Discovery Reference
-
16
Creating Policies and Managing Policy Alerts
-
Part V Monitoring Cloud Applications
-
19
Creating and Running Reports
- Typical Workflow for Creating and Running Reports
- What's in Reports
- Running Predefined Reports
- User Activity Reports
- System Audit Trail Report
- Analyzing a Report
- Creating a Custom New Report
- Running an Ad Hoc Report: Report Builder
- Viewing Predefined Application-Specific Reports
- Viewing Reports for AWS
- Viewing Reports for Azure
- Viewing Reports for Custom Apps for AWS
- Viewing Reports for Microsoft Office 365
- Viewing Reports for Oracle Cloud Infrastructure (OCI)
- Viewing Reports for Oracle ERP Cloud
- Viewing Reports for Oracle HCM Cloud
- Viewing Reports for Oracle Sales Cloud
-
20
Analyzing User Activity Risks and Trends
- Typical Workflow for Analyzing User Activity Risks and Trends
- Different Types of Risk That Oracle CASB Cloud Service Monitors
- Risk Summaries: The Dashboard Summary Tab
- Overall Health of All Registered Services: The Health Summary Card
- Risks Specific to Each Application: The Applications Page
- Risks to Users
- Risks for Access IPs and Clients
- Managing Different Types of Risks
- Searching For and Viewing Risks
- Dismissing Risk Events
-
21
Managing Behavioral Anomalies and Threats
- Typical Workflow for Managing Behavioral Anomalies and Threats
- Dashboard View of User Risks and Threats
- Finding and Analyzing Users at Risk
- User Risk Factors
- Viewing Suspicious Activity Threats
- Monitoring Suspicious IP Addresses
- Detecting Application-Specific Threats
-
19
Creating and Running Reports
- Part VI Exporting Data
-
Appendixes
-
A
Troubleshooting Registration of Fusion Applications
- An error occurred while connecting to the Oracle ERP Cloud instance
- Auditing is not enabled for OPSS
- Auditing is not enabled for these business objects...
- Authorization has failed
- Failed to get Audit API version
- Invalid hostname
- Invalid login credentials
- Invalid OAM hostname
- Oracle <Fusion Application type> instance you are trying to connect to is not available
- Unable to determine the OAM server hostname
- Unable to reach Oracle ERP Cloud instance, as CASB IPs are not whitelisted
- You have selected to associate CASB instance with OAM but OAM integration is not enabled
- B Objects Monitored by Application Type
- C Third-Party and Open Source Software Attributions
- D Managing Oracle CASB Cloud Service's Data Center Migration
-
A
Troubleshooting Registration of Fusion Applications