Oracle OpenWorld 2017 | Security Sessions

Version 6

    General Session: Manage and Secure Hybrid Cloud at Scale Using Artificial Intelligence [GEN7487]

    In this must-see session hear directly from Oracle Management Cloud customers about how they are leveraging machine learning to dramatically improve their application performance and security posture. Learn about the roadmap of Oracle’s investment in next-generation security and management and see a demonstration of upcoming capabilities. The session also features a look at the exciting new offerings that add value to Oracle Enterprise Manager.

    Amit Ganesh, Senior Vice President, Enterprise Manager , Oracle

    Steve Pratt, CTO , CenterPoint Energy

    Prakash Ramamurthy, Senior Vice President, Systems Management , Oracle

     

    Why Identity Security Operations Centers Are Required in the Cloud Era [CON6976]

    The cloud means that traffic is no longer traveling through your network perimeter—so your users are the new perimeter. But do you know what they are doing in the cloud? Oracle is providing the technology to bring together security information and event management, cloud access security broker, user and entity behavior analytics, and identity management to deliver the world’s first ever identity-based security operations center (SOC). In this session learn how Oracle customers are transforming their SOCs from being overwhelmed with security alerts and events to an identity SOC framework that brings artificial intelligence and machine learning to hybrid cloud security with identity context and integrated access control mitigation.

    Dan Koloski , Oracle

    Andy Smith, Senior Director of Product Management for Identity & Security , Oracle

    Fabio Gianotti, Chief Security Officer , UBI BANCA

     

    Cybersecurity and Compliance in 2017: Database Security Is Business-Critical [CON6571]

    Join Vipin Samar, senior vice president of Oracle Database Security development, to discuss recent developments in database security, along with a look into what to expect in 2018. Enforcement of the European Union's General Data Protection Regulation (GDPR) begins on May 25, 2018, and this sweeping new law is likely to be the #1 concern for most organizations this year. Organized crime, insiders, and nation-states continue to target databases. And of course, the transition to the cloud is changing the way we look at security controls. Learn about new security assessment tools, new security features in the latest database release, and what we are working on this year to help you secure your database whether on-premises or on the cloud.

    Vipin Samar, Senior Vice President, Database Security , Oracle

     

    Proactive Security Monitoring and Analytics for Oracle IaaS, PaaS, and SaaS [CON7061]

    A shared responsibility model for cloud infrastructure security accompanies the growing adoption of Oracle IaaS, PaaS, and SaaS offerings. Organizations must continue to monitor and protect the infrastructure and data within their span of control. Legacy security monitoring solutions are limited in their ability to monitor across on-premises and hybrid cloud estates. Join this session to learn how the new Oracle Security Monitoring and Analytics Cloud Service protects organizations by enabling proactive security monitoring for Oracle IaaS, PaaS, and SaaS infrastructure; rapid forensics with cyberattack chain discovery and visualization; and orchestration of security operations playbooks across Oracle and other cloud platforms.

    Akshai Duggal, Director Product Management , Oracle

    Ben Nelson, VP, Oracle Cloud Security Operations , Oracle

    Ansh Patnaik, VP, Product Management , Oracle

     

    To Patch or Not to Patch: Answering the CPU Question [CON6302]

    Oracle customers are increasingly experiencing malicious attempts to exploit vulnerabilities for which Oracle has already released fixes. In some instances, attackers have been successful because targeted organizations had failed to apply available patches. While in many cases, it may be required to defer application of security fixes, it is important that organizations accurately assess the risks they’re facing. In this session learn from security experts from Oracle and Onapsis how to analyze Oracle Security advisories and accurately determine which fixes require immediate deployment. Learn how unmitigated vulnerabilities in complex applications can be maliciously exploited to compromise your organization.

    Bruce Lowenthal, Senior Director, Security Alerts Group , Oracle

    Juan Perez-Etchegoyen, CTO , Onapsis

     

    Oracle Database: Net Naming and Single Sign-on with Active Directory [CON6719]

    This session features software demonstrations that show how easily Oracle Database integrates directly with Microsoft Active Directory to simplify name resolution and single sign-on, and perform user and role management. The session explores these topics as well as Oracle Database integration with native Windows security.

    Santanu Datta, Vice President of Development , Oracle

    Christian Shay, Product Manager - .NET and Windows Technologies , Oracle

     

    There’s Better Security in the Cloud, but Are You Using Clouds Securely? [CON6445]

    In this session, learn how to take on the top concerns for cloud adoption regarding security and data protection for all applications and workloads. Hear how successful organizations large and small have implemented and manage consistent security policies to identify threats with automation, analytics, and intelligent technologies across the hybrid data center. Watch a demonstration of Oracle Identity Security Operations Center (Oracle Identity SOC) capabilities that help organizations prevent, detect, respond to, and predict today’s innovative security threats.

    Troy Kitch, Director of Security Software Product Marketing , Oracle

    Akshay Bhargava , Oracle

     

    Modernizing and Securing Financial Sector Applications in the Cloud with Oracle [CON4597]

    In this session UBI bank shares its strategy for creating an adaptive and comprehensive security model with Oracle's identity security operation center (SOC) framework. Hear how UBI addressed its GDPR requirements with a set of integrated technologies from Oracle, and ensured compliance with new European regulations. Also learn how the identity SOC framework is coming together as UBI begins a secure cloud adoption process by monitoring all cloud environments with Oracle CASB Cloud Service and controlling access with Oracle Identity Cloud Service.

    Marella Folgori , Oracle

    Fabio Gianotti, Chief Security Officer , UBI BANCA

    Fabrizio Zarri, master principal sales consultant , emea champion for casb , Oracle

     

    NEW FEATURE! Centralized Database User Management Using Active Directory [CON6574]

    Attend this session to learn how to directly connect Active Directory (AD) to Oracle Database to authenticate and authorize users. The next release of Oracle Database offers a simpler alternative to today’s AD integration with enterprise user security and intermediate directories. Users can authenticate with passwords, Kerberos, or SSL while AD groups directly map to shared database accounts and roles. AD password policies like password expiration and lockout counts are enforced during user login.

    Alan Williams, Senior Principal Product Manager , Oracle

    Keith Wilcox, VP, Database , Epsilon

     

    Enhanced Security for Oracle SaaS: Manage Risk for Oracle HCM, ERP, CX [CON7068]

    SaaS customers rely on a shared security model for their SaaS applications. Oracle provides native security as part of its SaaS solutions, but also offers enhanced preventive, detective, and predictive controls to help customers with their portion of the shared security model. In this session hear how customers are adding advanced access controls and intelligent activity monitoring to identify and mitigate risky activity from potentially compromised accounts. Ensure secure configuration and monitor changes by privileged users to eliminate security gaps and ensure compliance.

    Shyam Kumar, Vice President - Cloud Platfrom and Security , Applications Software Technology Llc

    Atul Goyal , Oracle

    Arun Goel, Director of Product Management , Oracle

     

    Best Practices for implementing Database Security [CON6434]

    IT security meant to protect databases often impacts their performance so much that DBAs pay dearly for the increased time it takes to process transactions. Additionally, the security policies of an organization are often counterproductive to its need to respond quickly to complex queries. Wouldn't it be great to encrypt the data within the database transparently and be able to run the transactions as if run in real time within the cloud too? In this session learn how you can sleep well at night while meeting your SLAs with flying colors and extraordinary security.

    Saikat Saha, Product Director, Database Security , Oracle

     

    Best Practices for Oracle Database Performance and Security on Windows [CON6720]

    Windows is one of the most popular platforms for Oracle Database servers. This session covers best practices for secure deployment of Oracle Database on Windows and also provides best practices and tips and tricks for tuning the database for performance in both single-instance and Oracle Real Application Clusters environments.

    Christian Shay, Product Manager - .NET and Windows Technologies , Oracle

     

    NEW! Database Security Assessment Tool Discovers Top Security Risks [CON6575]

    Most organizations understand the critical need to secure their databases, but they may not be aware of their vulnerabilities or what type of sensitive data they may have. In this session learn how Oracle Database’s security assessment tool (DBSAT) helps identify potentially sensitive data, highlights configuration and operational security risks, and recommends changes to mitigate them. DBSAT evaluates hundreds of parameters across Oracle Database, and provides both a summary and detailed reports of findings and recommendations. Learn how DBSAT gives you a quick start to discover sensitive data, quickly identify the security risks, and know how to remediate them. Map out the security issues and protect your databases before the hackers come knocking.

    Pedro Lopes, EMEA Field Product Manager , Oracle

     

    Transform Your Customer Experience with Consumer Identity Access Management [CON7080]

    In today's modern consumer-centric business environment, superlative customer experience is key to competitive advantage and profitability. In this session learn about transforming your customer experience with consumer identity access management. Consumer identity access management is a rapidly growing niche segment of the identity management market that has transformed thousands of digital businesses worldwide.

    Sanjay Rallapalli , Oracle

    YUKIO UEDA, Sales Solution Dept., Energy Sales Solution Support Sect., Manager , TOKYO GAS i NET CORP.

    Bhanu Prakash Vegi, Director Enterprise Systems , Beachbody LLC

     

    Give Digital Transformation a Boost with Modern Cloud-Based Identity Management [CON7072]

    Digital transformation projects are key to companies to maintain a competitive edge in modern business environments. However, many digital transformation projects fail due to inadequate or outdated identity access management deployments. In this session learn about modern capabilities and innovations in Oracle Identity Cloud Service. In addition hear from customers how they are gaining value from Oracle Identity Cloud Service today and their plans for the future.

    Paul Van Hout, CEO , Pragmatyxs, Inc

    Ricky Arora , Oracle

    Ryu Taniguchi, Systems Architect, Workplace Solutions Center, Office Services Business Group , Ricoh Company, Ltd.

     

    Machine-Learning-Based Analysis to Manage Cybersecurity Risks [CON7064]

    Moving toward continuous or short-cycle delivery? Lifting-and-shifting database and middleware workloads to the cloud? How about apps? Constantly rewiring your apps with microservice and similar architectures? How are you planning to maintain visibility and maximize service levels during migration and once this stuff gets into production? Coding instrumentation into your apps is time-consuming and error-prone. Instead, let machine learning do the work of adapting your monitoring to your fast-moving application environments. In this session learn about various types of machine learning that are optimized for operational data, and how they are leveraged to ensure your ops move as fast as the rest of your DevOps pipeline.

    Dan Koloski , Oracle

    Shailesh Dwivedi , Oracle

    Ganesh Kirti , Oracle

     

    Early Detection of Ransomware In Modern IT Landscapes [CON7062]

    WannaCry, CryptoLock, Locky... the list of ransomware wreaking havoc and holding enterprise data hostage is on the rise. Ransomware targets data availability and manifests as an accelerated cyber kill chain, making early detection critical. This requires advanced real-time analytics across endpoint protection tools, firewalls, hosts, databases, threat intelligence, and more. Join this session to learn how the new Oracle Security Monitoring and Analytics Cloud Service protects organizations through real-time analytics for early detection and visualization of ransomware attack chains, proactive monitoring for modern threats across assets on-premises and in the cloud, and automation of ransomware and other threat remediation security playbooks.

    Ansh Patnaik, VP, Product Management , Oracle

    Harish Jangada, Managing partner , Kapstone Technologies LLC

    Pravin Patil, Managing Partner , Kapstone Technologies LLC

     

    Why Oracle Cloud Access Security Broker Cloud Service Is #1 Security Tech [CON7067]

    Oracle Cloud Access Security Broker Cloud Service is a HOT security technology for helping customers secure the cloud. Whether it is providing visibility into shadow IT, monitoring and remediating risk in sanctioned SaaS or IaaS apps, or ensuring that security configurations are hardened, Oracle Cloud Access Security Broker Cloud Service is giving customers the confidence to transform into the cloud. In this session hear from Oracle how Oracle Cloud Access Security Broker Cloud Service provides visibility, compliance, data security, and threat protection. More importantly, listen to a panel of customers detail how they are deriving value from Oracle Cloud Access Security Broker Cloud Service today.

    Steve Zalewski, Chief Security Architect , Levi Strauss

    Adina Simu, Sr. Dir of Product Management , Oracle

    Alice Wang , Oracle

    Chet Sharrar, Chief Information Security Officer , Marlette Funding, LLC

    Bill Billings, CISO , Ooyala

     

    Data Management and Security in the GDPR Era [CON6573]

    The EU General Data Protection Regulation (GDPR) is the most significant data privacy legislation to date. With enormous potential impact on IT security and operations, GDPR fines can be as high as 4 percent of company revenue, making GDPR compliance a business-critical issue with board-level interest. GDPR becomes effective on May 25, 2018, so if you are not already working on GDPR compliance, you are behind schedule. Databases and the privacy-sensitive data they contain are at the heart of GDPR and should be one of the first areas of focus in your compliance strategy. In this session learn about the impact GDPR is likely to have on managing your data, typical preparatory strategies, and which database features and controls are applicable to GDPR.

    Russ Lowenthal , Oracle

    Franck Hourdin , Oracle

    Mike Turner, Global COO Cybersecurity , Capgemini

     

    Keep Structured and Unstructured Data Secure in the Cloud [CON7075]

    Just because you move to a cloud app does not mean you can shirk your responsibility for data security. Predictive, preventive, and detective controls are necessary for both structured and unstructured data to be kept safe. In this session learn from Oracle security professionals and partners how Oracle’s security cloud services offer comprehensive data security for both structured and unstructured data. Hear how you can take advantage of new capabilities in Oracle Cloud Access Security Broker Cloud Service for DLP, anti-malware, and true real-time prevention.

    Adina Simu, Sr. Dir of Product Management , Oracle

    Joshua McKibben, Director Cyber , KPMG

     

    Encrypt Your Crown Jewels and Manage Keys Efficiently with Oracle Key Vault [CON6580]

    Encrypting sensitive data has become a must in light of recent megabreaches and ever-expanding compliance regulations. The security of your encrypted data depends on how complete the encryption is within database environment, and the security and control you have over the encryption keys. Centralized protection and management of keys has become an important consideration for organizations. Join this session to learn about new innovations in Oracle Advanced Security’s transparent data encryption, including the new online and offline encryption capabilities, latest innovations, and deployment best practices in Oracle Key Vault. The session also features demonstrations and real-life customer deployment stories.

    Saikat Saha, Product Director, Database Security , Oracle

    Hamid Habet, Service Manager , Allianz Technology SE

     

    Security Monitoring and Analytics for Hybrid Cloud Environments [CON7060]

    As IT infrastructure expands to new IaaS, PaaS, and SaaS platforms from multiple vendors, the surface area of risk and threats also increases. Meanwhile, security teams have to contend with silos of visibility and weak monitoring across distributed cloud assets. Unified security monitoring is critical to detecting modern threats that are rapidly evolving to exploit the growing visibility gaps. Join this session to learn how the new Oracle Security Monitoring and Analytics Cloud Service protects modern enterprises by enabling early detection of threats across on-premises and hybrid cloud assets, rapid forensics with cyberattack chain discovery and visualization, and orchestration of security operations playbooks in a cloud infrastructure.

    Shishir Agrawal , Oracle

     

    Database Security Without Performance Impact: Here Is How to Do It [CON2623]

    Hackers target databases for one primary reason: that is where the data is. Extensive database encryption capabilities exist, but many organizations have not fully deployed them either due to implementation complexity or concerns over performance impact. Now, new capabilities such as live encryption of databases and centralized, policy-based key management radically simplify deploying data encryption for your databases. Additionally, new Oracle processor technology radically accelerates wide-key data encryption making everyday use an obvious choice. Want to encrypt databases without any downtime? This session provides an overview of the capabilities and demonstrates on both on-premises and cloud databases.

    Michael Ramchand, Platforms Technical Director, EMEA , Oracle

     

    Unify Compliance Auditing of Oracle Technology Across Hybrid Cloud Environments [CON7063]

    Obtaining a unified security compliance posture of your Oracle landscape deployed across on-premises and Oracle cloud environments poses differing organizational, technical, and operational challenges. Legacy configuration compliance auditing solutions are limited in their support of Oracle Cloud environments and buckle under the increased resource demands of today’s cybersecurity frameworks. Join this session to see how Oracle Management Cloud provides continuous configuration assessments across on-premises and Oracle Cloud assets; broad coverage of industry, Oracle best practice, and custom standards; automated remediation and proactive enforcement; and proactive drift monitoring to protect applications from unwanted changes.

    Perren Walker , Oracle

    David Wolf , Oracle

     

    Oracle Cloud: Best-of-Breed Global Hybrid Identity Access Management Deployment [CON7082]

    Oracle's DevOps team is responsible for supporting a large volume of applications with stringent uptime requirements for more than 130,000 employees. To efficiently support these applications, which include both on-premises and cloud applications, DevOps has deployed a hybrid identity access management deployment that allows employees granular access control to applications with their corporate credentials, while allowing Oracle to conform to security and compliance requirements for on-premises as well as cloud applications. In this session Chirag Andani, VP of cloud operations, walks through the innovative hybrid identity access management deployment in place at Oracle and shares best practices for similar implementations at your company.

    Chirag Andani , Oracle

    Michael Terra , Oracle

     

    Securing Oracle IaaS [CON7071]

    In this session a leading Oracle Cloud security expert outlines the best practices of protecting your applications and workloads in third-party clouds. Breaches occur all too frequently due to poor access control policies, insecure admin configurations, and inadequate monitoring and remediation processes. Learn about these and other best practices to secure your PaaS and IaaS applications.

    Arun Goel, Director of Product Management , Oracle

    Kamalendu Biswas , Oracle

     

    Become an Oracle Log Analytics Cloud Service Power User [CON7053]

    Aggregating, analyzing, and searching logs from across your data center is a significant improvement over traditional script-based analysis of logs. Searching through logs can be an easy way to find what you are looking for, but you can leverage the powerful commands in Oracle Log Analytics Cloud Service to derive significant operational intelligence from your logs as well. In this session learn to master the power of all query commands available in Oracle Log Analytics Cloud Service and turn yourself into a power user, creating compelling saved searches and dashboards.

    Rakesh Dhoopar, Vice President, Product Management , Oracle

    Nima Haddadkaveh , Oracle

     

    Top Five Tips for Building Secure Database Applications [CON6578]

    Maintaining secure database configurations and encrypting data are essential to any information security program, however, keeping your data secure begins with the development of secure database applications. In this session learn from leaders on the Oracle Database Security development team about how to protect sensitive data, implement least privilege, control access to sensitive application data, audit application activity, and leverage data-driven security features in the Oracle Database. This session outlines how to secure data at the source by taking advantage of a variety of security technologies available to the Oracle Database developers.

    Scott Rotondo , Oracle

     

    Where People and Things Collide: Securing IoT when People Matter [CON7084]

    Use cases for the Internet of Things (IoT) is a hot topic that becomes even more complicated when humans enter the picture and also need to be associated with those things. In this session learn how real-world customers are thinking about IoT security in these use cases and see how identity management can help.

    Gautam Muralidharan, Director Advisory , PwC

    Atul Mahamuni, Vice President, Product Development , Oracle

    Subbu Iyer , Oracle

     

    Exadata Security Best Practices [CON6671]

    Security is one of the primary concerns of IT managers, and the good news is that Exadata is hardened with advanced security features at every level. Join this session to learn about the Exadata storage, OS, and database-layer security options and best practices. This session covers security considerations during deployment, database creation, and steady-state operations. Attendees also learn security and monitoring best practices for Oracle Exadata Cloud deployment models, including strategies for achieving compliance regulations and maintaining audit standards.

    Dan Norris , Oracle

    Jeffrey Wright, Senior Principal Product Manager , Oracle

    Dan Lungu, Architects Team Leader , BRD

     

    MySQL 8.0: What’s New in Security [CON7312]

    This session provides a developer-centric view of MySQL 8.0 security. MySQL 8.0 is continuing in the direction set by MySQL 5.7: to be secure by default. The security development team added quite a few interesting features to the core MySQL server, such as SQL roles and making the ACL statements atomic. This session discusses the roles implementation and considers some of the interesting possibilities it provides. Oracle is also working on rearchitecting the security-related parts of the server, which makes it possible to come up with modern pluggable APIs, such as the keyring API and the extensions to the audit API in 5.7, that allow for a modern and extensible server.

    Georgi Kodinov , Oracle

    Mike Frank , Oracle

     

    Inside the Head of a Database Hacker [CON6572]

    With unprotected assets in plain sight in databases, no wonder hackers seek to steal sensitive data from them. Exploiting common vulnerabilities such as unpatched systems, overprivileged accounts, insecure database configurations, stolen passwords, and unencrypted data is a quick place to start. However, knowing the mind of a hacker can better help you strategize and create a blueprint for protecting your database. In this session the Oracle Database security architect (and resident white-hat hacker) takes you into the mind of a cybercriminal adept at exploiting vulnerabilities to access sensitive data stored in databases, and then discusses ways to stop them.

    Mark Fallon , Oracle

     

    Modernize Your Access Management Deployment in the Cloud [CON7079]

    As you adopt applications in SaaS, PaaS, or IaaS, your identity access system will also need to adapt and extend to cloud applications. Every customer's journey to the cloud is unique and most will constitute a combination of on-premises and cloud-based access management. In this session see a set of best practices to adapt your identity access management deployment to include cloud applications and plan a phased journey to the cloud.

    Venu Shastri , Oracle

    John Griffith, Identity Development Manager , Regions Bank

    Terry Carlson, Director Architecture , Alberta Blue Cross

     

    Identity Governance as a Service: What Is Your Path? [CON7078]

    Oracle is rethinking identity governance processes and techniques to make it cooler and easier. In this session learn how Oracle Identity Cloud Service expands to cover full-fledged identity governance as a service. Learn how existing Oracle Identity Governance Suite customers are planning their transition. Current customers can learn what’s coming in the new release as well as how Oracle will help with hybrid identity management capabilities to smooth the journey.

    Ravi Erukulla, Director of Product Management , Oracle

    Hiren Parikh, Identity Engineer , Qualcomm Inc

    Saurabh Sharma, Principal , Kapstone Technologies LLC

     

    Leveraging Logs When You Don’t Know What to Search For [CON7057]

    Aggregating, analyzing, and searching logs from across your data center is a significant improvement over traditional script-based analysis of logs. Searching through logs can be an easy way to find what you are looking for. In this session learn how to leverage machine learning techniques to find anomalies, identify potential problems, and use trend correlation for rapid problem troubleshooting. Learn how topology-aware log exploration can help correlate log events among the different components of the application.

    Rakesh Dhoopar, Vice President, Product Management , Oracle

    Nima Haddadkaveh , Oracle

     

    Oracle’s Identity and Security Vision: Powering Next-Gen Digital Transformation [CON6973]

    Next-generation digital transformation is not without big risks, but the companies that can marry security with identity and utilize advanced machine learning and AI to quickly detect and remediate risk will have the advantage. In this session learn about Oracle’s strategy for identity management and security, including where we are going and how we can help you with your priorities for lift and shift, IoT, DevSecOps, and how you can leverage new technology such as AI and Blockchain. Peter Barker, Oracle SVP for identity and security, sets the stage for your week at Oracle OpenWorld.

    Peter Barker , Oracle

    Janet Heins, Global IT Operations Leader , WL Gore & Associates