00:00welcome back in this lesson we are going to look at oracle cloud guard
00:08oracle cloud guard is a very unique feature available within oracle cloud infrastructure
00:14what is oracle cloud guard cloud guard is a service that falls under the category of security
00:20cloud security posture management it helps to monitor and identify potential security issues
00:25and then remediate them what is really interesting about cloud guard is that it can completely
00:31automate the remediation as you can see here the two key aspects you detect a problem and there
00:37are a couple of ways you do that you can check configurations you can monitor activities and
00:41then you can apply a response and you can automate this response so how does this really work in
00:47practice so the first thing you do is you specify a target and a target basically sets the scope of
00:54resources to be examined for oci compartments can be can be target and their child compartment can be
01:01the target so target is nothing but resources to be examined then you have detectors and these
01:07detectors are basically identify issues detectors are cloud guard components that identify issues
01:14with resources or user actions and alert when an issue is found so as you can see here if there is
01:21a public instance where it should not be it will flag that if there is a public bucket it would flag that
01:26etc then you have problems and problems are potential security issues so in a way think about problems as
01:34being notifications that a configuration or activity is a potential security issue and then finally we
01:40have responders which provide notification and corrective actions for security problems so as you can
01:45see here if the instance is public you could stop that instance if a bucket is public you could you could disable
01:52that bucket or make it private and and so on and so forth you could decide what kind of responders you you want
01:57now let us look at this in in action so the scenario here is a public bucket and you don't want this bucket to
02:06be public you want this to be a private bucket because that's sort of aligns with your security posture so first what a
02:13cloud guard does suppose this bucket is living in a compartment which is monitored by cloud guard cloud guard is
02:19running these configuration monitoring so it's looking at your bucket and it triggers a flag saying that this particular bucket is
02:27public and it it marks flags that as a critical issue and a problem gets created so think about problem as sort of a ticket so it gets
02:35created saying bucket is public and at the same time because it assigns a security score it says it's a critical risk so it notifies that that it's a critical risk and then there are responders which look at that and they say that is my responder enabled on for this kind of issue and if the answer is yes it can also have additional functionality so things like cloud event it could go to cloud event
03:03trigger that as an event and then you could get notification out of that you could also go to OCI functions which is our serverless service and it could do something else it could slack you or something like that right so it could have some other feature built in so the responder looks at that and then it hands it over to a cloud guard operator this is a policy which you write which says can I remediate the problem do I have the permission to remediate the problem because one interesting thing about cloud guard is that
03:33cloud guard is you could automate all this and if the answer is yes then it responds and it makes the bucket private and that's how you go to that critical risk gone and the situation turns to green again so this is sort of an end-to-end workflow on how cloud guard works a lot of this is transparent you don't see it and it's a great way to automatically detect issues and fix problems just to recap cloud guard is a service that falls under the category of cloud security posture management
04:03it helps to monitor and identify potential security issues and then remediate them you could also automatically remediate these problems I hope you found this lesson useful thanks for watching
Be the first to comment