Thoughts on the recent alleged breach of Oracle Cloud’s login servers? What are your initial reactions to Oracle’s denial of the breach now that some customers have validated the leaked data?

Threat Intelligence & Incident ResponseThreat & Vulnerability Management
2.3k viewscircle icon1 Upvotecircle icon3 Comments
Sort by:
CIO in Government5 months ago

Shameful! As the saying goes, it's not the crime, it's the cover up. 
Oracle knew for months of the breach but kept on denying it rather than notifying their customers. 

CISO and Head of Digital Channels in Healthcare and Biotech5 months ago

To mitigate risks, we assumed breach, adhering to IR playbooks and pressuring the vendor for accountability.

CIO in Banking5 months ago

Take identity and access management very seriously , require single sign on through Office365 Azure AD , think of rehearsing circuit breaking , and utilize conditional access to your cloud tenants , consult with Oracle team to help apply CIS benchmarks and security best practices

Lightbulb on1

Content you might like

Vulnerability patching is now a full-time job.

Strongly agree8%

Agree61%

Neutral21%

Disagree5%

Strongly disagree3%

Unsure (please comment)

View Results

Which units of time do you use to measure speed of incident detection?

Seconds / minutes19%

Hours74%

Days / weeks5%

Other (specify in comments)

View Results

What tools/services do you use for CTEM (continuous threat exposure management)?

Read More Comments

What’s your “hot take” when it comes to security questionnaires?

Read More Comments

What models are in place for risk partners based in Line 2? What are the jobs to be done? How do they operate? What does the structure/operating rythms look like?

Read More Comments