Oracle Cloud Infrastructure (OCI) · 183 checks

Oracle Cloud, finally on the same radar as the rest.

Oracle Cloud is the second great blind spot. Teams running Autonomous Database, OCI compute, and Oracle workloads rarely have a cost-and-security tool that even speaks OCI, so the estate drifts unmonitored.

InfraSweep covers OCI broadly, Compute, Block/Object/File storage, ADB & DB Systems, VCN, IAM/policies, Vault/KMS, Cloud Guard, GoldenGate, Container Instances, Data Flow, Network Firewall, and VSS, with field names validated against the real Oracle SDK and a security-first detector mix.

Underserved

Almost no cost or CSPM platform covers OCI, so this is often a team's first real visibility into their Oracle estate.

84 checks

Security-first coverage: IAM policy posture, Vault/KMS, Cloud Guard, and Network Firewall gaps.

SDK-validated

Detector field names validated against the real Oracle Python SDK, not just the docs.

What we scan on Oracle Cloud

84 security checks

A representative sample of the 183 Oracle Cloud checks, grouped by service domain. Cost waste and security risk are surfaced in the same read-only pass.

Compute & storage

Compute, Block/Object/File storage, Container Instances.

Idle & oversized compute

Instances running with little real utilization.

Orphaned block volumes & backups

Storage left behind by deleted resources.

Object & file storage hygiene

Exposure and lifecycle gaps across buckets and file systems.

Container Instances & Data Flow waste

Serverless and analytics resources nobody uses.

Database

Autonomous Database, DB Systems, GoldenGate.

Autonomous Database idle/oversized

ADB scaled or licensed beyond actual use.

DB Systems utilization

Database nodes running well below capacity.

GoldenGate deployment hygiene

Replication deployments on outdated or unused configs.

Network

VCN, load balancers, Network Firewall.

Idle load balancers

Balancers with no backends or traffic.

VCN & gateway plumbing

Network resources provisioned and abandoned.

Network Firewall posture

Perimeter rules and exposure gaps.

Security & identity

IAM/policies, Vault/KMS, Cloud Guard, VSS.

IAM policy posture

Over-broad policies beyond least privilege.

Vault & KMS hygiene

Key management and rotation gaps.

Cloud Guard not enabled

Native detective controls left off.

Vulnerability Scanning (VSS) gaps

Workloads without scan coverage.

How you connect

An API signing key

Add a read-only user to a group with a read-only policy and upload the API signing key in the dashboard.

Read-only IAM policy (inspect/read verbs). Encrypted at rest, revocable any time.

How the dollars are calculated

Curated baseline pricing (live OCI pricing is on the roadmap); every finding labels its pricing source.

Every finding is backed by the raw cloud API response it came from, with a confidence score and the pricing source labelled, no black-box numbers.

Scan your Oracle Cloud estate free

Connect an api signing key and run a read-only scan. Findings come priced in real dollars with a fix and the evidence for each.

Start scanning free

Other clouds we scan