2025-09-16 –, Main Room
Most of the cloud security world is built around a shared set of assumptions — assumptions shaped by AWS, Azure, and GCP. But what happens when a cloud provider challenges those assumptions at a foundational level?
Oracle Cloud Infrastructure (OCI) takes a fundamentally different approach to identity, access management, organizational structure, and policy enforcement. As more enterprises adopt multi-cloud strategies, it’s critical to understand how these differences can affect security design.
In this talk, we’ll explore how OCI’s tenancy + compartment model, human-readable policy syntax, and explicit access scoping contrast with other clouds — and why these differences matter. Rather than framing OCI as an outlier, this session highlights its intentional design — and how it offers both advantages and friction points for cloud security teams. Whether you're deep in other clouds or just OCI-curious, this talk offers a new perspective on how cloud architecture shapes the way we think about access and control.
Ariel Septon is a Software Engineer at Native (formerly RockSteady), a cloud security startup focusing on optimizing the use of powerful built in security capabilities. Coming from a backend engineering background, Ariel has developed a strong interest in how cloud structure and identity systems impact security. She's contributed to open-source infrastructure projects and is passionate about making complex systems more understandable and secure. Her current focus is exploring multi-cloud patterns and how thoughtful architecture and policy design can prevent security drift before it begins.