Veza Streamlines Oracle Access with Unified Visibility and Control
Veza now supports access controls across 300+ integrations, with 41% built self-service via OAA and new support for Oracle HCM, CyberArk, SAP SuccessFactors, and Microsoft 365
Veza, the identity security company, today announced the launch of Veza for Oracle Applications, a new offering to unify and secure access governance across complex Oracle environments, including Oracle E-Business Suite (EBS), JD Edwards EnterpriseOne (JDE), Oracle Fusion Cloud ERP and Oracle Databases addressing long-standing gaps in Oracle access governance, risk and compliance (GRC).
With more than 70,000 organizations depending on Oracle platforms, from ERP to cloud infrastructure, identity access risk is business-critical. According to Enlyft, over 22,000 companies run Oracle ERP, and nearly 30,000 rely on Oracle Database, underscoring the widespread complexity of managing permissions and privileges.
“Solving the identity problem is the top priority for every organization and security leader—and for good reason,” said Pradeep Kumar, Director, Identity and Access Management (IAM), Crowdstrike. “Traditional identity governance is fundamentally broken. Veza has cracked the code by shifting the focus from directories to what truly matters: permissions and entitlements. With Veza’s Access Platform, we’ve adopted a unified approach that gives us complete visibility and control across SaaS systems, cloud, and custom environments. The ability to integrate seamlessly with both widely used SaaS systems and our own internal systems has been critical — it’s what enables us to understand over-permissioned access, enforce least privilege, streamline audits, and consistently govern access across the entire technology stack.”
System specific permissions and entitlements across legacy Oracle environments lead to over-permissioning, audit risk and policy violations. Without centralized identity visibility, dormant accounts and toxic role combinations can persist undetected, exposing organizations to SOX, PCI-DSS and GDPR violations. Veza’s new integrations address these issues head-on, helping organizations move from reactive fire drills around audit findings to proactive risk reduction:
- Eliminate Blind Spots: Gain centralized visibility across all Oracle applications, uncovering hidden access risks.
- Manage Least Privilege at Scale: Detect privilege sprawl and right-size roles to reduce insider threats and compliance violations.
- Catch Risks in Near Real Time: Monitor critical changes to roles and permissions and get alerted to policy violations as they happen.
- Accelerate Compliance: Automate access reviews and generate audit-ready reports in minutes, not weeks.
Veza integrates with Oracle environments via native APIs and secure, agentless connections, eliminating the need for custom code or downtime. Oracle’s diverse and fragmented tech stack makes integration notoriously difficult; there’s no magic key for universal access. Legacy applications like EBS often demand deep domain expertise. With Veza, Oracle customers can—for the first time—help unify identity across their Oracle ecosystem and understand exactly what users can do. With auto-discovery of roles and entitlements, intuitive workflows and near real-time alerting, organizations can operationalize access governance quickly and without disruption.
“IAM transformation starts with understanding access permissions and entitlements, not just users and groups,” said Tarun Thakur, CEO and Co-Founder of Veza. “With over 300 integrations and over 20 billion permissions analyzed, Veza goes beyond SCIM to map fine-grained entitlements across enterprise systems. Our Access Graph normalizes this data into effective access, giving teams the clarity to reduce risk, enforce least privilege and prove compliance without operational drag. To meet customer demand, we’re scaling to more than 3,000 integrations by 2026, accelerated by LLM-based AI for faster development and app onboarding delivery.”
Battle-Tested Veza Integrations for Enterprise Systems
Veza has made significant strides in strengthening our integration ecosystem, delivering on our commitment to build new integrations and enhance existing integrations. With support for extended attributes and new identity data entities across enterprise platforms, Veza makes it easier than ever for customers to unlock value from their identity and data systems for identity security use cases of next-gen IGA, cloud PAM, ISPM, NHI, and identity security for AI agents. New capabilities include:
- Microsoft: Active Directory (AD), Teams, Office 365
- Kerberos authentication support for AD
- Filtering for disabled users for AD
- Substring-based identity mapping for AD
- Custom attributes for groups and users for AD
- Foreign Security Principal Objects for AD
- userAccountControl and manager_principal_name support for AD users
- Integration with Microsoft Teams
- Integration with Exchange Online
- Filtering for Sharepoint Sites for Sharepoint support
- Azure Entra ID support, including extension attributes, extension properties and MFA information
- Allow identity mapping from SAP user to Azure AD user
- Certificate-only authentication for Azure Entra ID
- ERP integration for Dynamics 365
- Azure CosmosDB support
- Enforce HTTPS for M365 URLs
- Secrets management via external secret vaults
- Support access keys and SAS tokens for Azure Storage Accounts
- Discover Azure resources’ inherited access permissions through Subscription/Management Group/Resource Group IAM permissions
- Azure Active Directory Devices support
 
- Okta
- Credential Provider support for Okta users
- Support Auth Server and private key JWT for authentication
- last_sign_in support for Okta users
- Mapping from Active Directory groups to Okta
- Expanded support for Okta Apps with additional NHI properties
 
- Amazon Web Services (AWS)
- Support for 40+ AWS services, with new integrations with AWS Secrets Manager, EKS secrets, AWS RDS Aurora Postgres, AWS RDS Oracle, AWS Identity Center,
- Support for AWS KMS and Non-Human Identity (NHI) entities (API keys and tokens, etc) and attributes (active status of API keys)
- AWS Control Tower Integration support
- Allow per-database “DB User” setting for each supported AWS Database
 
- Google Cloud Platform (GCP)
- Cross-org impersonation via Google Service Accounts
- Prebuilt admin role for Workspace
- Support for system service accounts, API keys and tokens
- Support Integration with Workload Identity Federation
- Support GCP Cloud Run
 
- Oracle
- OracleDB standalone
- Oracle JDE
- Oracle EBS
- Oracle HCM
- Oracle EPM
- Oracle Fusion Cloud
 
- GitHub
- Deeper access to secrets, deploy keys, API keys and repositories
- Personal Access Token (PAT) support
- Custom field for identity mapping
 
- HashiCorp Vault
- Extended metadata for secrets (e.g., last_used_at, created_at) and NHI support
 
- Salesforce
- API keys and tokens
- Support for permission set groups, profiles, permission sets
- Support for custom objects and properties
- New Salesforce objects (e.g., Billing Installment, Price List Item, Business Case)
- NHI-specific attributes like created_at for Connected Applications
 
- SAP
- New integration with SuccessFactors
 
- Workday
- Support for organizational structures and roles
- Option to omit sensitive worker fields (e.g., Gender)
- Support custom attribute types such as “Self referencing instance” and “Currency”
- Ability to exclude Default entity attributes
- Expanded support for system accounts and NHI
- Add created_at and updated_at for security groups
 
- Snowflake
- Support private link URL
- Snowflake native application
- Advanced activity monitoring for Snowflake – last_used_at, last_resource_used_at, etc.
- Support export of audit and event logs to Snowflake
- Flexible identity mapping using non-email fields
- Visibility into organizations, network/password policies, and row access policies
- Expanded coverage of NHI entities and properties
 
- OAA (Open Authorization API)
- Full support for SCIM, including custom attributes, OAuth 2.0, bring your own certificate for authentication
- ○Support OAA custom permissions
- Support path_values as a key in the api_post method for oaaclient Python SDK
- Add Veza Event when OAA App is pushed
- Flexible CSV uploader
- Role-based access controls across integrations
- Identity mapping between OAA integrations
- Bi-directional risk score exchange with CrowdStrike
 
The post Veza Streamlines Oracle Access with Unified Visibility and Control first appeared on AI-Tech Park.

