For more information, please refer to this announcement explaining best practices for getting answers to questions.
Does anyone have a Denial-of-Service SLA with Oracle?
Content
We are in the process of finalizing our MSA for 2014-16, and our Corporate Director of Enterprise Architecture and Technical Services is surprised to find that there is no SLAs for Denial-of-Service attacks and remediation. The MSA refers to "Oracle’s Enterprise Hosting and Delivery Policy (http://www.oracle.com/us/corporate/contracts/cloud-ent-hosting-del-policies-1881438.pdf ) which speaks to vulnerability and penetration testing in Section 1.6 – Network Security Management, but the only references to Denial-of-Service attacks are: "The network security infrastructure is designed to secure the servers from a network-based attack”, and a description of their monitoring process - "alerts are routed to a centralized monitoring system that is managed by the security operations teams 24x7x365.“