Pull request to update WMS 700 and LiveLabs #3733: Be a Data Security Superhero with Oracle Data Safe (#364)

* removal of images using caps

removal of images using caps

* Updates for Cloud World 2025

* cloud world additions

* typos

* Text updates based on Bettina's feedback

* Updates after run-through test

Author: joglover

data-safe/access-environment/access-environment-ocw-sandbox.md

@@ -23,7 +23,7 @@ In this lab, you will:
 
 This lab assumes you have:
 
-- Obtained an Oracle Cloud account and signed in to the Oracle Cloud Infrastructure Console at `https://cloud.oracle.com`
+- Reserved your environment for the HOL with the instructions given by the speaker.
 
 
 ## Task 1: View your LiveLabs Sandbox reservation information and sign in
@@ -70,7 +70,7 @@ A database registered with Oracle Data Safe is referred to as a *target* databas
 3. Under **List scope**, browse to and select your compartment. Your registered target database is listed on the right.
 
     - A target database with an **Active** status means that it is currently registered with Oracle Data Safe.
-    - A target database with a **Deleted** status means that it is no longer registered with Oracle Data Safe. The listing is removed 45 days after the target database is deregistered.
+    - A target database with a **Deleted** status means that it is no longer registered with Oracle Data Safe.
 
     ![Target databases page in OCI](images/target-databases-page-oci.png "Target databases page in OCI")
 
@@ -87,7 +87,7 @@ A database registered with Oracle Data Safe is referred to as a *target* databas
 
     - In Security center, you can access all the Oracle Data Safe features, including the dashboard, Security Assessment, User Assessment, Data Discovery, Data Masking, Activity Auditing, SQL Firewall, and Alerts.
     - When you register a target database, Oracle Data Safe automatically creates a security assessment and user assessment for you. That's why the **Security assessment**, **User assessment**, **Feature usage**, and **Operations summary** charts in the dashboard already have data.
-    - During registration, Oracle Data Safe also discovers audit trails on your target database. That's why the **Audit trails** chart in the dashboard shows one audit trail with the status **In transition** for your Autonomous Database. Later you start this audit trail to collect audit data into Oracle Data Safe.
+    - During registration, Oracle Data Safe also discovers audit trails on your target database. That's why the **Audit trails** chart in the dashboard shows one audit trail for your Autonomous Database. Later you start this audit trail to collect audit data into Oracle Data Safe.
 
     ![Initial Dashboard - security controls](images/dashboard-security-controls.png "Initial Dashboard - security controls")
 
@@ -106,9 +106,6 @@ Database Actions provides a way for you to run SQL commands on your database. Th
 
 3. If required, sign in as the `ADMIN` user. 
 
-    - If a tenancy administrator provided you an Autonomous Database, obtain the password from that person.
-    - If you are using an Oracle-provided environment, enter the database password provided to you.
-
 4. Close the **SQL History** and **Warning** dialog boxes.
 
 5. Review the interface. Here are the ways that you use Database Actions during the workshop:
@@ -138,4 +135,4 @@ You may now **proceed to the next lab**.
 ## Acknowledgements
 
 - **Author** - Jody Glover, Consulting User Assistance Developer, Database Development
-- **Last Updated By/Date** - Jody Glover, June 25, 2025
+- **Last Updated By/Date** - Jody Glover, August 1, 2025

data-safe/access-environment/access-environment-sandbox.md

@@ -63,7 +63,7 @@ A database registered with Oracle Data Safe is referred to as a *target* databas
 3. Under **List scope**, browse to and select your compartment. Your registered target database is listed on the right.
 
     - A target database with an **Active** status means that it is currently registered with Oracle Data Safe.
-    - A target database with a **Deleted** status means that it is no longer registered with Oracle Data Safe. The listing is removed 45 days after the target database is deregistered.
+    - A target database with a **Deleted** status means that it is no longer registered with Oracle Data Safe. Cloud target databases are delisted after one day. Billable target databases are delisted after 45 days.
 
     ![Target databases page in OCI](images/target-databases-page-oci.png "Target databases page in OCI")
 
@@ -78,7 +78,7 @@ A database registered with Oracle Data Safe is referred to as a *target* databas
 
     - In Security center, you can access all the Oracle Data Safe features, including the dashboard, Security Assessment, User Assessment, Data Discovery, Data Masking, Activity Auditing, SQL Firewall, and Alerts.
     - When you register a target database, Oracle Data Safe automatically creates a security assessment and user assessment for you. That's why the **Security assessment**, **User assessment**, **Feature usage**, and **Operations summary** charts in the dashboard already have data.
-    - During registration, Oracle Data Safe also discovers audit trails on your target database. That's why the **Audit trails** chart in the dashboard shows one audit trail with the status **In transition** for your Autonomous Database. Later you start this audit trail to collect audit data into Oracle Data Safe.
+    - During registration, Oracle Data Safe also discovers audit trails on your target database. That's why the **Audit trails** chart in the dashboard shows one audit trail for your Autonomous Database. Later you start this audit trail to collect audit data into Oracle Data Safe.
 
     ![Initial Dashboard - security controls](images/dashboard-security-controls.png "Initial Dashboard - security controls")
 
@@ -97,9 +97,6 @@ Database Actions provides a way for you to run SQL commands on your database. Th
 
 3. If required, sign in as the `ADMIN` user. 
 
-    - If a tenancy administrator provided you an Autonomous Database, obtain the password from that person.
-    - If you are using an Oracle-provided environment, enter the database password provided to you.
-
 4. Close any open dialog boxes.
 
 5. Review the interface. Here are the ways that you use Database Actions during the workshop:
@@ -129,4 +126,4 @@ You may now **proceed to the next lab**.
 ## Acknowledgements
 
 - **Author** - Jody Glover, Consulting User Assistance Developer, Database Development
-- **Last Updated By/Date** - Jody Glover, May 5, 2025
+- **Last Updated By/Date** - Jody Glover, August 1, 2025

data-safe/assess-database-configurations/assess-database-configurations-ocw.md

@@ -58,25 +58,19 @@ This lab assumes you have:
 
     ![Latest security assessment assessment summary tab](images/latest-sa-assessment-summary-tab.png "Latest security assessment assessment summary tab")
 
-6. To view details about the security assessment itself, click the **Assessment information** tab.
-
-    - Details include assessment name, OCID, compartment to which the assessment was saved, target database name, target database version, assessment date and time, schedule, name of the baseline assessment (if one is set), and whether the assessment complies with the baseline (Yes, No, or No baseline set).
-
-    ![Latest security assessment assessment information tab](images/latest-sa-assessment-information-tab2.png "Latest security assessment assessment information tab")
-
-7. Scroll down and view the **Assessment details** section.
+6. Scroll down and view the **Assessment details** section.
 
     - This section shows you all the findings for each risk category.
     - Risks are color-coded to help you easily identify categories that have high risk findings (red).
     - The high risk findings listed under **Privileges and Roles** were introduced when you ran the SQL script to populate your target database with sample data.
 
     ![Latest Security Assessment Assessment details section](images/latest-sa-assessment-details-section.png "Latest Security Assessment Assessment details section")
 
-8. Under **Filters by risks** on the left, notice that you can select the risk levels that you want displayed. Also notice on the left that you can filter by references.
+7. Under **Filters by risks** on the left, notice that you can select the risk levels that you want displayed. Also notice on the left that you can filter by references.
 
     ![Security Assessment filters](images/sa-filters.png "Security Assessment filters")
 
-9. On the right, expand categories and review the findings.
+8. On the right, expand categories and review the findings.
 
     - Each finding shows you the status (risk level), a summary of the finding, details about the finding, remarks to help you to mitigate the risk, and references - whether a finding is recommended by the Center for Internet Security (**CIS**), European Union's General Data Protection Regulation (**EU GDPR**), Security Technical Implementation Guide (**DISA STIG**), and/or **Oracle best practices**. These references make it easy for you to identify the recommended security controls.
     - In the example below, the **Transparent Data Encryption** finding has three references: **Oracle Best Practices**, **DISA STIG**, and **GDPR**.
@@ -86,7 +80,7 @@ This lab assumes you have:
 
 ## Task 2: Set the latest assessment as the baseline assessment
 
-A baseline assessment shows you data for all your target databases in a selected compartment at a given point in time. However, because we are only dealing with one target database in your compartment, the baseline assessment shows data for only one target database.
+A baseline assessment shows you data for all your target databases in a selected compartment at a given point in time. However, because we are only dealing with one target database in your compartment, the baseline assessment shows data for only one target database. Let’s assume that we are okay with the current configuration and we want to set it as our baseline. New assessments are then automatically compared to the baseline.
 
 1. At the top of the page, click **Set as baseline**.
 
@@ -103,7 +97,7 @@ A baseline assessment shows you data for all your target databases in a selected
 
 ## Task 3: Create a risk on the target database
 
-In this task, you issue a `GRANT` command on your target database so that later, when you refresh the latest security assessment, you can compare assessments.
+In this task, you manually create a new configuration risk on your database by issuing a `GRANT` command. Later, when you refresh the latest security assessment, you can compare assessments.
 
 1. Access the SQL worksheet in Database Actions. If your session has expired, sign in again as the `ADMIN` user.
 
@@ -148,12 +142,13 @@ In this task, you issue a `GRANT` command on your target database so that later,
 
 ## Task 5: Compare your assessment with the baseline
 
-1. With the latest security assessment displayed, under **Resources** on the left, click **Compare with baseline**. Oracle Data Safe automatically begins processing the comparison. 
+1. With the latest security assessment displayed, under **Resources** on the left, click **Compare with baseline**. 
 
-    If you navigated away from the latest security assessment, you can return to it by doing the following: Click **Security assessment** in the breadcrumb. Click the **Target summary** tab. Click **View report** for your target database.
+2. From the **Baseline** drop-down list, select your baseline. Oracle Data Safe automatically begins processing the comparison. 
 
+    If you navigated away from the latest security assessment, you can return to it by doing the following: Click **Security assessment** in the breadcrumb. Click the **Target summary** tab. Click **View report** for your target database.
 
-2. When the comparison operation is completed, scroll down the page to the **Comparison with baseline** section and review the information.
+3. When the comparison operation is completed, scroll down the page to the **Comparison with baseline** section and review the information.
 
     - Review the number of findings per risk category for each risk level. Categories include **User accounts**, **Privileges and roles**, **Authorization control**, **Data encryption**, **Fine-grained access control**, **Auditing**, and **Database configuration**.
     - You can identify where the changes have occurred on your target database by viewing cells that contain the word **Modified**. The number represents the total count of new, remediated, and modified risks on the target database.
@@ -174,4 +169,4 @@ You may now **proceed to the next lab**.
 ## Acknowledgements
 
 * **Author** - Jody Glover, Consulting User Assistance Developer, Database Development
-* **Last Updated By/Date** - Jody Glover, June 25, 2025
+* **Last Updated By/Date** - Jody Glover, August 1, 2025

data-safe/assess-database-configurations/assess-database-configurations.md

@@ -135,7 +135,7 @@ You can defer or change the risk level of a risk finding. In this task, defer th
 
 ## Task 4: Set the latest assessment as the baseline assessment
 
-A baseline assessment shows you data for all your target databases in a selected compartment at a given point in time. However, because we are only dealing with one target database in your compartment, the baseline assessment shows data for only one target database.
+A baseline assessment shows you data for all your target databases in a selected compartment at a given point in time. However, because we are only dealing with one target database in your compartment, the baseline assessment shows data for only one target database. Let’s assume that we are okay with the current configuration and we want to set it as our baseline. New assessments are then automatically compared to the baseline.
 
 1. At the top of the page, click **Set as baseline**.
 
@@ -152,7 +152,7 @@ A baseline assessment shows you data for all your target databases in a selected
 
 ## Task 5: Create a risk on the target database
 
-In this task, you issue a `GRANT` command on your target database so that later, when you refresh the latest security assessment, you can compare assessments.
+In this task, you manually create a new configuration risk on your database by issuing a `GRANT` command. Later, when you refresh the latest security assessment, you can compare assessments.
 
 1. Access the SQL worksheet in Database Actions. If your session has expired, sign in again as the `ADMIN` user.
 
@@ -197,12 +197,13 @@ In this task, you issue a `GRANT` command on your target database so that later,
 
 ## Task 7: Compare your assessment with the baseline
 
-1. With the latest security assessment displayed, under **Resources** on the left, click **Compare with baseline**. Oracle Data Safe automatically begins processing the comparison. 
+1. With the latest security assessment displayed, under **Resources** on the left, click **Compare with baseline**. 
 
-    If you navigated away from the latest security assessment, you can return to it by doing the following: Click **Security assessment** in the breadcrumb. Click the **Target summary** tab. Click **View report** for your target database.
+2. From the **Baseline** drop-down list, select your baseline. Oracle Data Safe automatically begins processing the comparison. 
 
+    If you navigated away from the latest security assessment, you can return to it by doing the following: Click **Security assessment** in the breadcrumb. Click the **Target summary** tab. Click **View report** for your target database.
 
-2. When the comparison operation is completed, scroll down the page to the **Comparison with baseline** section and review the information.
+3. When the comparison operation is completed, scroll down the page to the **Comparison with baseline** section and review the information.
 
     - Review the number of findings per risk category for each risk level. Categories include **User accounts**, **Privileges and roles**, **Authorization control**, **Data encryption**, **Fine-grained access control**, **Auditing**, and **Database configuration**.
     - You can identify where the changes have occurred on your target database by viewing cells that contain the word **Modified**. The number represents the total count of new, remediated, and modified risks on the target database.
@@ -223,4 +224,4 @@ You may now **proceed to the next lab**.
 ## Acknowledgements
 
 * **Author** - Jody Glover, Consulting User Assistance Developer, Database Development
-* **Last Updated By/Date** - Jody Glover, May 5, 2025
+* **Last Updated By/Date** - Jody Glover, August 1, 2025

data-safe/assess-database-users/assess-database-users-ocw.md

@@ -2,7 +2,7 @@
 
 ## Introduction
 
-User Assessment helps you assess the security of your database users and identify potential high risk users. By default, Oracle Data Safe automatically generates user assessments for your target databases and stores them in the Assessment History. You can analyze assessment data across all your target databases and for each target database. You can monitor security drift on your target databases by comparing the latest assessment to a baseline or to another assessment.
+User Assessment helps you assess the security of your database users and identify potential high risk users. This allows you to review the potential risk to your data in case any of your user accounts get compromised or go rogue. By default, Oracle Data Safe automatically generates user assessments for your target databases and stores them in the Assessment History. You can analyze assessment data across all your target databases and for each target database. You can monitor user or entitlement changes on your target databases by comparing the latest assessment to a baseline or to another assessment.
 
 In this lab, you explore User Assessment.
 
@@ -35,7 +35,7 @@ This lab assumes you have:
 
 ## Task 1: Analyze users in the latest user assessment
 
-The latest user assessment is the one that was automatically generated by Oracle Data Safe when you registered your target database.
+The latest user assessment is the one that was automatically generated by Oracle Data Safe when your target database was registered.
 
 1. In the breadcrumb at the top of the page, click **Security center**. On the left, click **User assessment**.
 
@@ -82,11 +82,11 @@ The latest user assessment is the one that was automatically generated by Oracle
     - User name
     - User profile
     - User type (for example, PRIVILEGED)
-    - Status (for example, OPEN)
-    - Potential risk (for example, CRITICAL) - Hover over the **i** to view what constitutes a critical risk user.
-    - Last login date and time
     - Date and time when the user was created
+    - Potential risk (for example, CRITICAL) - Hover over the **i** to view what constitutes a critical risk user.
+    - Status (for example, OPEN)
     - Date and time when the password was last changed
+    - Last login date and time
     - Password expiry date
     - Privileged roles (the Admin roles granted to the user)
     - Roles: Expand **All roles** to view all the roles granted to the user
@@ -153,11 +153,8 @@ You can select a user assessment to compare with the latest user assessment. Wit
 
 4. From the **Select assessment** drop-down list, select the initial assessment for your target database. As soon as you select it, the comparison operation is started.
 
-5. Review the results.
-
-    - There is a new user added and a user deleted. The new user finding is identified as a potential **CRITICAL** risk.
-    - There are user grants modified by the `DS$ADMIN` user. This finding is also identified as a potential **CRITICAL** risk.
-
+5. Review the results. A new user is added and a user is deleted. The new user finding is identified as a potential **CRITICAL** risk.
+   
     ![User Assessment Comparison report](images/ua-comparison-report3.png "User Assessment Comparison report")
 
 6. In the **Comparison results** column, click one of the **Open details** links to view more information.
@@ -178,4 +175,4 @@ You may now **proceed to the next lab**.
 ## Acknowledgements
 
 * **Author** - Jody Glover, Consulting User Assistance Developer, Database Development
-* **Last Updated By/Date** - Jody Glover, June 24, 2025
+* **Last Updated By/Date** - Jody Glover, August 1, 2025