Oracle Cloud
      Back to home
      1. Knowledge Base
      2. Cloud Scanning (CSPM)
      3. Oracle Cloud

      What cloud services are supported for Oracle?

      Holm Security Cloud Scanner can verify security best practices and security misconfigurations that contribute to the most common causes of security breaches within a vast list of Oracle services.

      There is also a set of plugins highlighting unused or misused services that could help save monthly Oracle costs. Read more about these plugins in this article:

      https://support.holmsecurity.com/knowledge/what-are-the-oracle-cost-saving-plugins

      Supported services

      Here's the list of services that we currently support:

      • Audit
      • Block Storage
      • Cloud Guard
      • Compute
      • Database
      • File Storage
      • Identity
      • Logging and Monitoring
      • Networking
      • OKE
      • Object Store
      • Vaults

       

      Supported policies
      Across the services, the following policies are scanned for:

      • Audit - Log Retention Period
      • Block Storage - Block Storage Policy Protection
      • Block Storage - Block Volume Backup Enabled
      • Block Storage - Block Volume CMK Encryption
      • Block Storage - Block Volume Restorable
      • Block Storage - Boot Volume CMK Encryption
      • Block Storage - Volume Groups Restorable
      • Cloud Guard - Cloud Guard Enabled
      • Compute - Autoscale Enabled
      • Compute - Boot Volume Backup Enabled
      • Compute - Boot Volume Restorable
      • Compute - Boot Volume Transit Encryption
      • Compute - Instance Max Count
      • Compute - Instance Monitoring Enabled
      • Compute - Instance Policy Protection
      • Compute - Instance Pool Multiple AD
      • Compute - Legacy Metadata Endpoint Disabled
      • Database - DB Network Security Groups Enabled
      • Database - DB Private Subnet Only
      • Database - Database Backup Enabled
      • Database - Database Policy Protection
      • File Storage - File Storage Policy Protection
      • File Storage - File Systems CMK Encryption
      • File Storage - NFS Public Access
      • Identity - Admin User API Keys
      • Identity - Empty Groups
      • Identity - Excessive Policies
      • Identity - Excessive Policy Statements
      • Identity - IAM Group Changes
      • Identity - IAM Policy Changes
      • Identity - Identity Provider Changes
      • Identity - Idp Group Mapping Changes
      • Identity - Minimum Password Length
      • Identity - Notification Topic With Active Subscription
      • Identity - Password Requires Lowercase
      • Identity - Password Requires Numbers
      • Identity - Password Requires Symbols
      • Identity - Password Requires Uppercase
      • Identity - Policy Least Privilege
      • Identity - User API Keys Rotated
      • Identity - User Auth Token Rotated
      • Identity - User Changes
      • Identity - User Customer Secret Keys Rotated
      • Identity - Users Email Verified
      • Identity - Users MFA Enabled
      • Identity - Users Password Last Used
      • Logging and Monitoring - Default Tags For Resources
      • Networking - Default Security List
      • Networking - Excessive Security Lists
      • Networking - Flow Logs Enabled
      • Networking - LB Network Security Groups Enabled
      • Networking - Load Balancer HTTPS Only
      • Networking - Load Balancer No Instances
      • Networking - Network Gateway Changes
      • Networking - Open All Ports Protocols
      • Networking - Open Autonomous Data Warehouse
      • Networking - Open CIFS
      • Networking - Open DNS
      • Networking - Open Docker
      • Networking - Open FTP
      • Networking - Open HTTP
      • Networking - Open Hadoop HDFS NameNode Metadata Service
      • Networking - Open Hadoop HDFS NameNode WebUI
      • Networking - Open Kibana
      • Networking - Open MySQL
      • Networking - Open NetBIOS
      • Networking - Open Oracle
      • Networking - Open PostgreSQL
      • Networking - Open RDP
      • Networking - Open RPC
      • Networking - Open SMBoTCP
      • Networking - Open SMTP
      • Networking - Open SQLServer
      • Networking - Open SSH
      • Networking - Open Salt
      • Networking - Open Telnet
      • Networking - Open VNC Client
      • Networking - Open VNC Server
      • Networking - Route Table Changes
      • Networking - Security Group Changes
      • Networking - Security List Changes
      • Networking - Stateless Security Rules
      • Networking - Subnet Multi AD
      • Networking - VCN Changes
      • Networking - VCN Inbound Security List
      • Networking - VCN Multiple Subnets
      • Networking - WAF Public IP Enabled
      • OKE - OKE Private Endpoint
      • OKE - OKE Secrets Encrypted
      • OKE - OKE Security Groups
      • Object Store - Bucket CMK Encryption
      • Object Store - Bucket Object Events
      • Object Store - Bucket Public Access Type
      • Object Store - Bucket Versioning
      • Object Store - Bucket Write Logs Enabled
      • Object Store - Object Store Policy Protection
      • Object Store - Pre-Authenticated Requests Access
      • Object Store - Pre-Authenticated Requests Expiry
      • Vaults - Key Rotation