Oracle Puts AI and Automation Between Its Cloud and the Bad Guys

Despite a slow start a few years ago, Oracle has transformed itself into a cloud builder, quickly expanding its Oracle Cloud infrastructure to be among the top second-tier providers, though still far behind Amazon Web Services, Microsoft Azure, and Google Cloud. The longtime database and middleware giant and maker of other enterprise software is so committed to this change that it changed the name of its main user and developer conference from Oracle OpenWorld to Oracle CloudWorld, the latest of which was held last week.

At the show, Oracle showed off a mix of cloud-related moves — including announcing or expanding partnerships with larger rivals — and efforts to infuse everything it does with AI, from introducing OCI generative AI agents in its Oracle 23ai database to making Meta’s latest open-source Llama 3.1 large-scale language model available in its managed services.

It’s no wonder that when founder Larry Ellison—now the company’s president and CTO—took the stage to deliver the keynote address, he focused on the continued integration of AI into cloud operations. Ellison sees AI in particular as key to protecting the cloud infrastructure that Oracle has spent so much time and money building, as well as the applications and data it houses. That means automating as much as possible and removing the human element—from users to developers to database administrators—from the mix.

This includes everything from moving away from passwords for authentication to significantly expanding use of the vendor’s Oracle Autonomous Database.

“We could better protect our data if the database system that manages it were fully autonomous,” Ellison said, telling a story about an unnamed major bank that lost its credit card data because of a programming error. “Almost all cyberattacks start the same way—with human error. Oracle Autonomous Database has a DBA robot. The DBA robot automates everything. Humans don’t configure the database. Robots configure the system. It’s fully autonomous. It configures itself. It makes decisions. It encrypts everything. It backs up itself. If you need to restore from a backup, it does it fully automatically. There are no humans involved in the backup. There are no humans involved in the recovery. A new version of Oracle comes out, the software automatically updates. There’s a security patch. It automatically patches itself. … If multiple processors go down, the system keeps running. Who maintains it? It does it automatically. There are no humans involved.”

For you history buffs out there, this automation is nothing new, even if it is new to Oracle. The AS/400, announced by IBM in 1988, had an integrated (and unnamed for many years) relational database at the heart of the platform and was purpose-built to be free of database administrators, self-managed, and self-tuned—one reason the AS/400 outperformed other mid-market platform vendors and is still going strong more than three and a half decades later.

Cloud protection

With AI, the same automation can be applied to cloud network cybersecurity, Ellison said. Oracle has migrated many of its applications to Autonomous Database and plans to migrate even more, all of which will be migrated next year. The company is also aggressively moving to biometrics to identify users instead of passwords and is rolling out new security tools in hopes of thwarting attacks.

Enterprises continue to migrate workloads to the public cloud. About 46 percent of enterprises say they already have some in the cloud, with 8 percent saying they plan to move more in the coming months. Additionally, 48 percent say they have data stored in the public cloud. Some workloads are moving back from the cloud to on-premises infrastructure—“repatriating”—for reasons ranging from cost to compliance, but the trend toward cloud is growing. And as organizations keep more of their business in the cloud, threat actors will follow suit.

Check Point found that 61 percent of organizations were affected by cloud security issues last year, and 21 percent experienced data breaches. Not surprisingly, cloud security spending is also growing, from more than $2 billion this year to an expected $6.6 billion by 2029.

Automation is what matters most

Oracle is taking a multi-pronged approach to the problem, Ellison said. All databases will become standalone databases, and all applications will be on them. As you can see below, many of them—including the Cerner Millennium Health application and upcoming versions of Fusion CX Sales and Marketing—are already on them, with more coming next year.

Oracle is also generating more code through its AI-enhanced APEX code generation tool, automating the application development process to not only speed it up 10 times but also reduce software security holes that developers can inadvertently introduce, he said. By integrating AI capabilities into APEX, “a computer program writes code. It won’t make that mistake. It won’t generate a security hole that needs to be fixed later.”

A key part of Oracle’s effort is incorporating a Zero Trust Packet Routing (ZPR) approach to security into OCI’s networking fabric and combining it with its Gen2 cloud security suite. ZPR is a technology developed by Applied Invention that has been on Oracle’s radar for more than a year as a tool to solve what Ellison called the “very, very complicated problem” of network security.

Separation of network configuration and security

“There are two conflicting goals when you set up a network,” he said, pointing to the need to make it highly efficient with high throughput and multiple paths, while also making it secure. “The solution to the problem is you really have to separate the security of the network from the configuration of the network. Don’t worry about two things. Worry about one thing. Worry about making it fast and reliable. Then let’s build a completely new system that will be responsible for network security. This completely new system will authorize specific paths through the network for specific users on specific services, will check specific data, and only authorized paths will be allowed, and no other paths will be allowed.”

The idea behind ZPR is that organizations can write their security policies in such a way that the security intent is created at the network level, so traffic that is not allowed by the policy will be kept at the network level. This will improve the security posture of the enterprise by restricting access to sensitive data and preventing its exfiltration by bad actors, ensure that the necessary security controls are in place – a key part of any security audit – and make security management easier.

He added that Oracle will have a code generator that will enable enforcement of the ZPR protocol, and robots on the network will inspect billions of packets per second.

“You can change the configuration,” he said. “You can add ports. You can do all sorts of things, and ZPR will automatically generate new bots to make sure your data is still protected. All of a sudden, you have a much simpler configuration. There are none of these subnets. You don’t have to worry about security when you’re configuring your network. You just worry about performance and reliability.”

The entire cloud network security program is stored in a single database in the ZPR language that is used to generate robots.

“If we’re really good at defending our networks, defending our computer systems and stopping data theft, stopping identity theft, all of those things, we need to use cutting-edge technologies to defend ourselves,” Ellison said. “Those cutting-edge technologies are artificial intelligence.”

Related Articles