Oracle Data Safe, which is included with Autonomous Database, provides a unified control center that helps you manage the day-to-day security and compliance requirements of Oracle Databases.

Data Safe helps you to evaluate security controls, assess user security, monitor user activity, mitigate risk from compromised accounts, and address data security compliance requirements for your database. Data Safe accomplishes this by evaluating the sensitivity of your data and assisting you when you need to mask sensitive data for non-production databases.

Oracle Data Safe provides features to assist you when:

• Your organization's policies require that you monitor your databases and retain audit records.

• You need to protect against common database attacks coming from risks such as compromised accounts.

• Your developers need to use copies of production data for work on a new application and you're wondering what kinds of sensitive information the production data contains.

• You need to make sure that staff changes haven't left dormant user accounts on your databases.

Oracle Data Safe provides the following:

• Security Assessment: Configuration errors and configuration drift are significant contributors to data breaches. Use security assessment to evaluate your database's configuration and compare it to Oracle and industry best practices. Security assessment provides reports on areas of risk and notifies you when configurations change.

• User Assessment: Many breaches start with a compromised user account. User Assessment helps you spot the riskiest database accounts, those accounts which if compromised could cause the most damage. User Assessment helps you take proactive steps to secure these accounts. User Assessment Baselines make it easy to know when new accounts are added, or when an account's privileges are modified. You can use Oracle Cloud Infrastructure Events to receive proactive notifications when a database deviates from its baseline.

• Data Discovery: Provides support to locate and to manage sensitive data in your applications. Data discovery scans your database for over 150 different types of sensitive data and helps you to understand what types and how much sensitive data you are storing. Use the data discovery reports to formulate audit policies, develop data masking templates, and create effective access control policies.

• Data Masking Minimize the amount of sensitive data your organization maintains to help you meet compliance requirements and satisfy data privacy regulations. Data masking helps you remove risk from your non-production databases by replacing sensitive information with masked data. With reusable masking templates, over 50 included masking formats, and the ability to easily create custom formats for your organization's unique requirements, data masking can streamline your application development and testing operations.

• Activity Auditing Activity auditing collects audit records from databases and helps you manage audit policies. Understanding and reporting on user activity, data access, and changes to database structures supports regulatory compliance requirements and can aid in post-incident investigations. Audit insights make it easy to identify inefficient audit policies, while alerts based on audit data proactively notify you of risky activity.

  Note
  
  One (1) million audit records per database per month are included for your Autonomous Database if using the audit collection for Activity Auditing in Oracle Data Safe.

• SQL Firewall Management Protect against risks such as SQL injection attacks or compromised accounts. Oracle SQL Firewall^Foot 1 is a security capability available with Oracle Database 23ai that offers best-in-class protection against these risks. The SQL Firewall feature in Oracle Data Safe lets you centrally manage and monitor the SQL Firewall policies for your target databases. Data Safe lets you collect authorized SQL activities of a database user, generate and enable the policy with allowlists of approved SQL statements and database connection paths and provides a comprehensive view of any SQL Firewall violations across the fleet of your target databases.

See Oracle Data Safe Overview for more information.

To use Oracle Data Safe you first need to register your database with Oracle Data Safe.

1. Apply the necessary Identity and Access Management (IAM) permissions to register your target database.

   See Permissions to register an Autonomous Database for more information.

2. If you are registering an Autonomous Database that is configured to use a private IP address, then you need to create an Oracle Data Safe private endpoint either before or during registration.

   See Create an Oracle Data Safe Private Endpoint for more information.

3. Use the Oracle Data Safe Wizard to register your Autonomous Database instance.

   See Register an Autonomous Database for details on the registration steps.

After you register Autonomous Database with Oracle Data Safe you can use the Data Safe features.