Oracle Cloud Infrastructure Documentation

About Security Assessment

Poor database configurations, such as weak password policies, no controls on over-privileged accounts, and lack of activity monitoring, are the most common causes of vulnerabilities in Cloud databases. In Oracle Data Safe, Security Assessment analyzes your database configurations, user accounts, and security controls, and then reports findings with recommendations for remediation activities that follow best practices to reduce or mitigate risk.

The Security Assessment reports provide you an overall picture of your database security status. They highlight recommendations by the Center for Internet Security (CIS), European Union's General Data Protection Regulation (GDPR), and Security Technical Implementation Guide (STIG), making it easier for you to identify the recommended security controls.

Examples of what you might do with the Security Assessment feature:

  • Quickly and easily assess your database configurations to learn which configuration choices may have introduced unnecessary risk into your environment and how you can reduce, remove, or mitigate risks.
  • Apply security findings to accelerate compliance with the European Union's GDPR and other regulations.
  • Identify deployed security policies.
  • Learn how to protect sensitive data in your Cloud databases when moving applications from development to production. Security Assessment might suggest that you enable encryption and then point you to some documentation on how to do that.
  • Promote database security best practices.