We’re sorry. We could not find a match for your search.

We suggest you try the following to help find what you’re looking for:

  • Check the spelling of your keyword search.
  • Use synonyms for the keyword you typed, for example, try "application" instead of "software."
  • Start a new search.
Cloud Account Sign in to Cloud
Oracle Account
Report an incident to Oracle.

Incident Response


Reflecting the recommended practices in prevalent security standards issued by the International Organization for Standardization (ISO), the United States National Institute of Standards and Technology (NIST), and other industry sources, Oracle has implemented a wide variety of preventive, detective, and corrective security controls with the objective of protecting information assets.

Monitoring and Event Alerts

Alerts are sent to Oracle’s IT security and cloud security operations teams for review and response to potential threats. Oracle requires that these alerts are monitored within the Lines of Business (LoBs) 24x7x365.

Incident Response

Oracle will evaluate and respond to any event when Oracle suspects that Oracle-managed customer data has been improperly handled or accessed. Oracle’s Information Security Incident Reporting and Response Policy defines requirements for reporting and responding to events and incidents. This policy authorizes the Global Information Security (GIS) organization to provide overall direction for incident prevention, identification, investigation, and resolution within Oracle’s Lines of Business (LoBs).

GIS defines roles and responsibilities for the incident response teams embedded within the Lines of Business (LoBs). All LoBs must comply with GIS incident response guidance about detecting events and timely corrective actions. Corporate requirements for LoB incident-response programs and operational teams are defined per incident type:

  • Validating that an incident has occurred
  • Communicating with relevant parties and notifications
  • Preserving evidence
  • Documenting an incident itself and related response activities
  • Containing an incident
  • Addressing the root cause of an incident
  • Escalating an incident

Upon discovery of an incident, Oracle defines an incident-response plan for rapid and effective incident investigation, response, and recovery. Root-cause analysis is performed to identify opportunities for reasonable measures which improve security posture and defense in depth. Formal procedures and systems are utilized within the Lines of Business (LoBs) to collect information and maintain a chain of custody for evidence during incident investigation. Oracle is capable of supporting legally admissible forensic data collection when necessary.


In the event that Oracle determines that a confirmed security incident involving Personal Information processed by Oracle has taken place, Oracle will promptly notify impacted customers or other third parties in accordance with its contractual and regulatory responsibilities as defined in the Data Processing Agreement for Oracle Services. Information about malicious attempts or suspected incidents is Oracle Confidential and is not externally shared. Incident history is also Oracle Confidential and is not shared externally.

Security Vulnerabilities

Please refer to “How to report security vulnerabilities to Oracle” to find out how to report a security vulnerability to Oracle.

Report An Incident To Oracle
Report An Incident To Oracle

To engage Oracle regarding a security incident, please log a Service Request with Oracle Customer Support.