Audit Phase: V-DIG (Digital Forensics — Cyber-Intelligence & Technology Supply Chain)
Audit Date: 2026-05-01
Classification: Final Domain Audit
CyberArk Software (NASDAQ: CYBR — Israeli-founded)
Oracle and CyberArk maintain a formally documented technology partnership for identity and access management (IAM) infrastructure7. CyberArk’s Privileged Access Manager (PAM) integrates directly with Oracle Identity Governance (OIG) and Oracle LDAP Directory Services, enabling privileged account lifecycle management, just-in-time provisioning, and session recording for Oracle-managed identities8. Integration is documented in CyberArk’s official product documentation and confirmed as active through 2023–2024 and ongoing as of April 2026. This relationship operates at a core enterprise security layer — identity and privileged access control — rather than at a peripheral application tier. Whether Oracle deploys CyberArk within its own internal enterprise IT environment (as opposed to making the integration available to its customers via the OCI ecosystem) is not publicly disambiguated in available sources78.
Check Point Software Technologies (NASDAQ: CHKP — Israeli-founded)
Check Point is a documented technology partner on Oracle Cloud Infrastructure (OCI)9. Check Point’s CloudGuard product line — encompassing network security, threat prevention, and cloud workload protection — is available to workloads deployed on OCI and is listed in Check Point’s published partner materials and Oracle’s partner ecosystem pages, confirmed as of 2022 and ongoing as of April 2026. The integration is positioned as a customer-facing security overlay for OCI-hosted environments; public records do not confirm Check Point deployment within Oracle’s own internal infrastructure9.
SentinelOne (Israeli co-founded)
SentinelOne’s Singularity XDR platform holds a documented technology alliance with Oracle, including log ingestion pipelines and SIEM integration with Oracle’s security services10. This relationship is documented via SentinelOne’s technology alliance partner portal and positions SentinelOne as a supplementary detection and response layer accessible within the OCI ecosystem10.
Verint Systems (NASDAQ: VRNT — Israeli-founded)
Verint and Oracle have a documented partnership for contact centre analytics and customer engagement intelligence11. Verint’s workforce engagement management (WEM) and customer analytics products integrate with Oracle Service Cloud (formerly RightNow Technologies). The integration is listed in Verint’s published partner directory and is confirmed as ongoing. The relationship operates at the application layer (CRM/contact centre analytics) rather than core database or compute infrastructure11.
NICE Ltd (NASDAQ: NICE — Israeli-founded)
NICE Systems and Oracle maintain a documented integration spanning contact centre operations and financial crime compliance analytics12. NICE CXone (formerly NICE inContact) and NICE Actimize products have published integration materials with Oracle Fusion and Oracle Service Cloud platforms. The relationship covers workforce management and regulatory compliance analytics and operates at the application integration layer12.
Wiz (Israeli co-founded)
Wiz’s cloud security posture management (CSPM) platform has published integration documentation with OCI, enabling automated cloud configuration security scanning and misconfiguration detection for Oracle-hosted environments13. Integration is documented in Wiz’s public blog and partner materials, circa 2022–202313.
Palo Alto Networks (NASDAQ: PANW — Israeli co-founded by Nir Zuk)
Palo Alto Networks and Oracle Cloud have a documented technology partnership. Palo Alto’s Prisma Cloud and VM-Series firewall products are available through the OCI Marketplace9. Joint press materials confirm the partnership as of 20229.
The CyberArk integration — spanning privileged access management and identity governance — represents the deepest documented dependency among the Israeli-origin vendor relationships identified, given that IAM infrastructure touches authentication, authorisation, and access audit trails across enterprise environments78. The Check Point, Wiz, SentinelOne, and Palo Alto integrations are positioned primarily as customer-facing security options within OCI’s marketplace ecosystem rather than as confirmed components of Oracle’s own internal security stack91013. Verint and NICE relationships are confirmed at the application-layer CRM/analytics integration tier1112.
No announced suspension, restriction, or policy modification to any of these technology partnerships has been identified in public Oracle communications following the ICJ Advisory Opinion of 19 July 202428 or the ICC arrest warrants of 21 November 202429.
Oracle’s MICROS point-of-sale (POS), property management, and hospitality management system (HMS/OPERA) products are the dominant enterprise POS/HMS platform in the Israeli hotel and hospitality sector37. Oracle MICROS represents a significant, sector-dominant commercial deployment across Israeli hospitality, retail, and food service beyond Oracle’s cloud and enterprise software presence. The Who Profits Research Center has documented Oracle MICROS deployment in Israeli hotels and retail chains operating within Israel, including references to hospitality operators with connections to settlement tourism infrastructure3745. The publicly available Who Profits Oracle profile characterises this as use of Oracle’s standard commercial hospitality IT product by Israeli hotel operators — a customer-use relationship — rather than a direct Oracle contract with a settlement entity. The distinction between Oracle licensing MICROS to an Israeli hotel chain (which itself operates in or adjacent to settlements) versus Oracle directly contracting with a settlement-area establishment is not fully resolved in publicly available sources3745.
Oracle’s NetSuite ERP platform is widely used by Israeli small and medium enterprises, with a local partner ecosystem in Israel3847. No evidence has been identified of NetSuite’s Israeli deployment specifically serving settlement-based enterprises, though the platform’s broad SME adoption in Israel makes this a structural possibility that has not been publicly ruled out or confirmed in available records38.
Oracle Fusion Applications (HCM, Finance, Supply Chain) are deployed by Israeli enterprise customers across financial services, manufacturing, and technology sectors. Major Israeli banks — including Bank Hapoalim, Bank Leumi, and Discount Bank — are long-standing Oracle Database customers. These are standard commercial relationships consistent with Oracle’s global market position. No specific nexus to occupation or military activity has been identified for these deployments.
Oracle’s enterprise database and ERP products (Oracle Database, Oracle E-Business Suite, Oracle Fusion Applications) are deployed across Israeli civilian government ministries including, based on Israeli procurement reporting, the Ministry of Finance and the National Insurance Institute (Bituah Leumi)39. These are civilian government deployments with no settlement nexus identified in available records.
No public evidence identified of systems integrators mandating Israeli-origin technology as part of Oracle-specific digital transformation engagements. All identified Israeli-origin vendor relationships are direct technology alliance arrangements rather than integrator-intermediated deployments based on available public records.
No public evidence identified of Oracle deploying or licensing facial recognition, biometric identification, behavioural analytics, or gait analysis technologies sourced from Israeli-origin vendors — including Trigo, BriefCam, AnyVision/Oosto, Trax, or comparable suppliers. Oracle’s own OCI Vision service provides general-purpose computer vision AI capabilities, including object and face detection20, but no public evidence links this service to Israeli-origin vendor technology or to deployment in Israeli retail or security contexts.
Oracle’s BlueKai data management and advertising cloud platform23 attracted regulatory and civil society scrutiny in multiple jurisdictions for cross-device tracking, data brokerage practices, and alleged non-consensual data collection — including a 2020 class action lawsuit in the United States and a 2020 Wall Street Journal investigation documenting BlueKai data exposure events40. None of the investigative reporting or regulatory actions identified attribute an Israeli-origin component to BlueKai’s technical architecture2340.
Oracle announced the wind-down of its advertising business — including BlueKai-derived services — in June 202430. This represents a material change from the prior audit’s characterisation of BlueKai as an active platform. No evidence has been identified that BlueKai’s data pipeline specifically routed Israeli-origin user data to Israeli jurisdiction or Israeli state actors, though the platform’s global data collection architecture included Israeli users. The wind-down reduces but does not eliminate considerations around legacy data30.
No public evidence identified of Oracle using Israeli-origin predictive policing, sentiment analysis, social media monitoring, or workforce surveillance tools within its own operations or as a technology provider in Israeli enforcement or security contexts.
No public evidence identified of Israeli-origin surveillance or biometric technologies reaching Oracle indirectly via managed security services, bundled enterprise suites, or third-party platform integrations.
Oracle announced the planned opening of its first OCI public cloud region in Israel on 13 January 2022, with explicit objectives of serving local enterprise and government customers and enabling in-country data residency1. The Israel cloud region subsequently opened, with full availability confirmed in Oracle’s regional infrastructure documentation26. The Israel region is listed among Oracle’s operational commercial cloud regions in OCI’s official geographic availability documentation646, confirmed as active and unmodified as of April 2026.
The 2022 launch announcement framed the Israel region as serving financial services, enterprise, and public sector customers requiring data sovereignty compliance1. Oracle’s standard regional architecture — comprising multiple availability domains — applies to the Israel deployment6.
Project Nimbus is a USD 1.2 billion Israeli government cloud contract awarded in April 2021 to Amazon Web Services (AWS) and Google Cloud exclusively3. Public reporting and procurement records consistently identify only these two vendors as the selected Nimbus contractors. Civil society campaigns targeting Nimbus, including tech worker mobilisations documented in Wired (October 2021), name only AWS and Google as the contracted parties4.
No public evidence identified that Oracle was awarded a prime contract, sub-contract, or consortium role under Project Nimbus. Oracle’s absence from Nimbus is consistent with the competitive tender structure, which selected two hyperscalers through a defined government procurement process34. The UN Special Rapporteur’s report A/HRC/59/23 (July 2025) identifies AWS and Google as the primary Project Nimbus contractors; Oracle is not named in connection with Project Nimbus in that report32.
Oracle’s operational Israel OCI region is commercially available to public sector customers, including Israeli government ministries, on standard commercial terms12. No specific state cloud contract with Israeli government bodies — equivalent in scope or structure to Project Nimbus — has been publicly confirmed for Oracle in available records. No contract with Israeli military bodies or intelligence agencies for data sovereignty or dedicated cloud services has been publicly disclosed6.
Oracle markets its regional cloud model globally with data residency and data sovereignty capabilities as standard features12. Oracle also offers a Dedicated Region Cloud@Customer model (on-premises dedicated infrastructure) and a Government Cloud product line, though no specific Israeli government deployment of these architectures has been publicly confirmed in available records.
Oracle’s Israel OCI region, once operational, processes and stores data for Israeli customers — including government and enterprise customers — within Israeli legal jurisdiction. Under Israeli law (including the Israeli Privacy Protection Law and its 2023 reform, and national security legislation enabling government access to data), data stored or processed in Oracle’s Israel region is potentially accessible to Israeli state authorities under Israeli legal process646. This structural data-exposure dynamic applies to all cloud providers operating regional infrastructure in Israel. Oracle’s Israel OCI region constitutes a pipeline segment operating under Israeli legal jurisdiction, and data residency within that region is subject to Israeli regulatory and legal access frameworks.
No announced suspension, restriction, or policy modification to the Israel OCI region has been identified in any public Oracle communication following the ICJ Advisory Opinion of 19 July 202428 or the ICC arrest warrants of 21 November 202429.
In early 2025, security researchers publicly reported evidence of a breach of Oracle Cloud Infrastructure (OCI) affecting customer identity and authentication data. Oracle initially disputed the breach’s scope42. This event is unrelated to Israeli operations but is relevant to Oracle’s overall security posture and its implications for data hosted in the Israel OCI region. Whether the breach affected Israeli-region customer data specifically has not been publicly confirmed42.
No public evidence identified of verified contracts or service agreements between Oracle and the Israeli Ministry of Defence, Israel Defence Forces (IDF), Shin Bet, Mossad, or other Israeli state security bodies at the level of specificity required for this audit section. Source classes reviewed include Oracle’s SEC annual filings5, Oracle press releases, the Who Profits Research Center database1445, the AFSC Investigate platform36, Electronic Intifada technology coverage16, and available Israeli financial press reporting.
The Who Profits Research Center maintains a company profile on Oracle1445 documenting Oracle’s enterprise IT presence in Israeli public sector. As of training data through April 2026, the Who Profits Oracle profile does not identify a confirmed IDF or Ministry of Defence technology contract of the type addressed in this section1445.
The AFSC Investigate platform (investigate.afsc.org) maintains an Oracle company profile documenting Oracle’s general enterprise technology presence in Israel and its cloud region36. As of available training data, this profile does not identify a specific high-severity military or weapons-system contract comparable to AFSC’s profiles of Elbit Systems, L3 Technologies, or Boeing36.
The absence of identified evidence is noted with the caveat that Israeli defence procurement records are not fully public. The scope of Oracle’s ERP, database, and cloud service contracts with Israeli civilian ministries is not individually itemised in Oracle’s public disclosures5.
Oracle’s Cerner (Oracle Health) electronic health records (EHR) platform, acquired in a transaction announced in December 202119, is deployed in Israeli hospitals and healthcare institutions based on reporting in Israeli financial press4148. Available sourcing does not identify military medical facility deployment. EHR deployment in civilian hospitals is not inherently dual-use, and no public reporting has characterised Oracle Health’s Israeli healthcare contracts as serving military or intelligence functions1941.
Oracle Health (Cerner) disclosed a significant data breach affecting patient records in early 2025. This breach affected US hospital customers primarily and generated class action litigation. Its relevance to Israeli hospital deployments specifically has not been publicly confirmed. Patient health data held in Oracle Health deployments within Israel would be subject to Israeli data protection law and potential state access under Israeli law4148.
Oracle protested the U.S. Department of Defense JEDI (Joint Enterprise Defense Infrastructure) cloud contract award process43. Oracle’s engagement with US Department of Defense procurement — including its JEDI protest and subsequent participation in the Joint Warfighting Cloud Capability (JWCC) competitive process — is a matter of US public record43. No direct nexus between Oracle’s US DoD technology relationships and its Israeli operations has been identified in available public records.
No public evidence identified of Oracle’s commercially available technology being characterised by official sources, researchers, or civil society organisations as deployed specifically for military, intelligence, or law enforcement surveillance within Israel or occupied territories in a dual-use capacity, beyond general enterprise IT provision. Oracle is not named in the UN Special Rapporteur’s report A/HRC/59/23 (July 2025) in connection with dual-use technology provision to Israeli military or security bodies32.
No public evidence identified of Oracle developing, selling, licensing, or maintaining offensive cyber capabilities, zero-day exploit tools, or digital weapons systems for any party. Oracle does not appear in investigative reporting on offensive cyber supply chains in the period covered by this research.
Oracle offers an extensive suite of AI and machine learning services through OCI, encompassing Oracle AI Services (language processing, computer vision, speech recognition, anomaly detection, document understanding), Oracle Analytics Cloud, and the Oracle Digital Assistant conversational AI platform20. These services are general-purpose and available to any OCI customer under standard commercial terms.
No public evidence identified of a confirmed contract for Oracle AI or ML service provision specifically to Israeli military, intelligence, or security bodies for identified application domains including logistics optimisation, target identification, object tracking, or NLP for security applications. Oracle does not appear in investigative reporting on AI supply chains to Israeli state security institutions in the period covered — in contrast to the documented scrutiny of AWS and Google under Project Nimbus and Google’s Project Maven34. The UN Special Rapporteur’s report A/HRC/59/23 (July 2025), which specifically addresses AI and cloud infrastructure provision in the context of Israeli military operations, does not name Oracle in the relevant paragraphs (§§36–43)32.
No public evidence identified of Oracle’s AI models being trained on, or having been provided access to, civilian population data, intercepted communications, or surveillance-derived datasets originating from Israel or occupied territories.
No public evidence identified of Oracle providing autonomous target generation, automated threat identification, or kill-chain decision-support systems to Israeli military or security forces. Oracle’s AI services portfolio — as publicly described — is oriented toward enterprise analytics, ERP augmentation, and customer experience automation rather than weapons-adjacent autonomous systems20.
Larry Ellison — Founder, Executive Chairman, CTO, controlling beneficial owner
Larry Ellison is Oracle’s founder, Executive Chairman, and Chief Technology Officer, and holds approximately 40% of Oracle’s outstanding shares as confirmed in Oracle’s FY2024 proxy statement49, making him Oracle’s single controlling beneficial owner.
At the May 2024 event announcing his USD 1 billion gift to the University of Southern California for cancer research, Ellison made public statements expressing strong personal support for Israel’s military position. He stated publicly — in remarks widely reported across mainstream press including the Times of Israel and the Jewish Telegraphic Agency — words to the effect that Israel must be supported and must survive in its current conflict242526. These are personal public statements made post-October 2023 and pre-dating the July 2024 ICJ Advisory Opinion; they are not corporate policy pronouncements. Oracle issued no formal corporate statement in response to or endorsing these remarks.
No confirmed personal board seat or direct equity stake held by Larry Ellison in Israeli cyber, surveillance, or SIGINT firms — including NSO Group, Cellebrite, Carbyne, AnyVision/Oosto, Wiz, Check Point, SentinelOne, Verint, or NICE — has been identified in training data27. No confirmed personal investment in Palantir Technologies by Ellison has been identified in training data27. Ellison’s known major personal investments outside Oracle equity include a Tesla stake (approximately 1.5%, disclosed via SEC Form 4 filings, 2022) and his Hawaiian island property (Lanai).
No confirmed Oracle corporate venture investments in Israeli surveillance, SIGINT, or military-tech firms have been identified in training data.
Safra Catz — CEO
Oracle CEO Safra Catz is Israeli-American by background (born in Israel, raised in the United States)49. No personal equity stakes in Israeli surveillance, cyber, or military-tech firms have been identified in training data. Her background is noted as biographical context only.
Board Composition
Oracle’s board includes no confirmed dual-mandate members simultaneously serving on Israeli defence-sector boards based on available training data49.
Oracle has maintained a physical operational presence in Israel across multiple sites, with offices documented in Tel Aviv and Ra’anana. Oracle’s Israeli operations employ engineers and software developers working on core Oracle products including Oracle Database, middleware, and enterprise application components. Oracle’s annual 10-K filings with the SEC do not break down R&D headcount or expenditure by individual country, so precise Israeli employee figures are not publicly available5.
Oracle’s For Startups programme, offering cloud credits, go-to-market support, and technical mentorship, has an active presence in the Israeli technology ecosystem2144. Oracle has participated in Israeli tech events and accelerator partnerships, and the programme is available to Israeli-domiciled startups seeking OCI adoption2144. Specific Israeli portfolio companies and the scale of engagement under this programme are not publicly itemised. No publicly announced policy change to the programme’s availability to Israeli-domiciled companies has been identified following the ICJ Advisory Opinion of 19 July 202428 or the ICC arrest warrants of 21 November 202429.
Multinational technology companies including Oracle have been referenced in the context of Israeli Innovation Authority (IIA) partnerships and ecosystem initiatives22. The IIA’s annual reporting documents engagement between multinationals and Israeli R&D activities22, though Oracle-specific IIA co-funding arrangements or joint programmes are not individually confirmed in available public records.
Ravello Systems is the sole confirmed Israeli-origin acquisition in Oracle’s publicly documented acquisition history at the scale and specificity reviewable for this audit:
Ravello Systems (Israeli cloud startup, founded in Israel, with offices in Santa Clara): Acquired by Oracle in February 2016 for a reported approximately USD 500 million17. Ravello developed a nested virtualisation and cloud overlay networking platform enabling enterprise migration of VMware and KVM workloads to public cloud environments. Post-acquisition, Ravello’s technology was integrated into Oracle Cloud Infrastructure’s compute and virtualisation architecture17. The acquisition pre-dates the 2020 threshold of this audit’s primary focus but is recorded as establishing Israeli-origin IP within Oracle’s core platform17.
Oracle’s broader acquisitions record (over 100 companies since the mid-1980s) does not surface additional Israeli-domiciled startup acquisitions in publicly available acquisition lists18.
No public evidence identified of Oracle holding a strategic stake in Israeli venture capital funds or Israeli-domiciled technology investment vehicles.
Oracle’s acquisition of Cerner Corporation, announced December 2021 and completed in 202219, is a US-domiciled healthcare IT company. It is documented here for completeness given the Oracle Health EHR presence in Israeli hospitals noted elsewhere in this audit19.
No public evidence identified of significant patent co-development arrangements between Oracle and Israeli research institutions (Technion — Israel Institute of Technology, Hebrew University of Jerusalem, or Weizmann Institute of Science). Oracle holds a large global patent portfolio, but public patent databases do not surface notable joint filings with Israeli academic institutions in the training data reviewed. Ravello Systems’ Israeli-origin IP was absorbed into Oracle’s portfolio upon the 2016 acquisition17.
Who Profits Research Center (Israeli NGO, Tel Aviv): Maintains an active company profile on Oracle1445 documenting Oracle’s enterprise software and IT infrastructure presence across Israeli public sector entities. The profile reflects Oracle’s general enterprise IT footprint — including database, ERP, cloud products, and MICROS hospitality systems — deployed in Israeli civilian government ministries, institutions, and the hospitality sector. As of training data through April 2026, the Who Profits Oracle profile does not identify a confirmed military or settlement-infrastructure-specific technology contract at the level of specificity comparable to its coverage of construction, logistics, or defence electronics companies1445.
No Tech for Apartheid (US-based tech worker campaign): This campaign has concentrated its organising and published materials on Google and Amazon in connection with Project Nimbus, including documented worker actions at both companies in 2023–202415. No Oracle-specific campaign output, open letter, or targeted action has been identified from No Tech for Apartheid in training data through April 202615.
Electronic Intifada / Mondoweiss: Both publications have published broad coverage of the technology sector’s relationships with Israeli state institutions16. No Oracle-specific investigative report has been identified in available training data at the level of specificity — named contracts, internal documents, whistleblower accounts — comparable to their coverage of AWS, Google, or NSO Group16.
AFSC Investigate (American Friends Service Committee): Maintains an Oracle company profile documenting Oracle’s enterprise technology presence in Israel and its cloud region36. As of available training data, the profile does not identify a specific high-severity military or weapons-system contract for Oracle36.
Don’t Buy Into Occupation (European-led coalition): Publishes lists of companies with documented direct financial relationships with settlement activity. Oracle is not listed in the Don’t Buy Into Occupation 2024 company list based on training data35. The coalition’s technology-sector entries focus primarily on companies with physical infrastructure, banking, or telecommunications presence in settlements35.
UN OHCHR Settlement Database (HRC res. 31/36 / 53/25)31: The UN OHCHR database of business enterprises involved in activities in Israeli settlements (most recent public iteration published February 2023, covering 112 companies across real estate, infrastructure, banking, retail, and technology supply categories) does not list Oracle Corporation based on training data31. The database’s technology sector entries are focused primarily on companies providing direct physical infrastructure, connectivity, or surveillance services in settlement geography.
UN Special Rapporteur — A/HRC/59/23 (Albanese, 2 July 2025)32: This report addresses corporate complicity in the Israeli occupation and characterises conditions in Gaza from October 2023 onward. In the paragraphs specifically addressing cloud infrastructure, AI, and surveillance technology provision (§§36–43), the primary technology-sector focus is on Project Nimbus contractors (AWS and Google), Palantir’s documented Israel relationship, and the general category of cloud/AI providers. Oracle is not named by name in those paragraphs based on training data coverage32. Oracle’s absence from named citation is consistent with its non-participation in Project Nimbus and the absence of confirmed military/intelligence contracts identified in this audit.
UN Special Rapporteur — A/HRC/55/73 (Albanese, March 2024)33: Oracle is not identified by name in this report based on training data33.
UN Special Rapporteur — A/HRC/49/43 (2022)34: Oracle is not identified by name in this report based on training data34.
ICJ Advisory Opinion — 19 July 202428: The International Court of Justice issued its Advisory Opinion on the Legal Consequences of the Occupation of the Palestinian Territory on 19 July 2024, finding that Israel’s occupation is unlawful and that third states and international organisations have obligations in response28. No Oracle press release, investor communication, earnings call statement, or SEC filing reviewed in training data references this Advisory Opinion in the context of Oracle’s Israeli operations or contracts.
ICC Arrest Warrants — 21 November 202429: The International Criminal Court issued arrest warrants for Prime Minister Benjamin Netanyahu and former Defence Minister Yoav Gallant on 21 November 202429. No Oracle communication reviewed in training data references this development.
Oracle’s post-ICJ / post-ICC operational continuity in Israel is confirmed: the Israel OCI cloud region, all identified Israeli-origin vendor partnerships, and the For Startups Israel programme remain active and publicly unmodified as of April 2026678910111213214446.
No public evidence identified of an organised boycott, divestment, or sanctions (BDS) campaign specifically targeting Oracle for its Israel technology relationships. Oracle does not appear on published BDS campaign primary target lists reviewed in training data through April 2026. The dominant targets in tech-sector BDS and divestment activism during this period are Google (Project Nimbus), Amazon (Project Nimbus), Microsoft (Azure government relationships), and Elbit Systems (defence electronics).
No public evidence identified of regulatory inquiries, export control reviews, legal challenges, or sanctions-related investigations involving Oracle’s technology sales or services to Israeli state entities.
Oracle has faced distinct, unrelated regulatory and legal actions across multiple jurisdictions — including EU data privacy proceedings, a US Federal Trade Commission investigation regarding BlueKai data brokerage practices2340, Oracle Health data breach class action litigation (2025), and the publicly reported OCI security breach (2025)42 — none of which involve Israeli state technology relationships.
The following gaps limit audit completeness and should inform follow-on research:
Oracle’s internal security stack: No public source disambiguates which Israeli-origin cybersecurity vendors Oracle deploys internally versus which are available to Oracle’s customers via OCI Marketplace. The CyberArk, Check Point, Wiz, SentinelOne, Verint, and NICE relationships are confirmed at the technology partnership/integration layer only78910111213.
Israeli public sector contract scope: Oracle’s contracts with non-military Israeli government ministries and agencies are not individually disclosed in Oracle’s SEC filings5. The scale of Oracle ERP, database, and OCI contracts with Israeli civilian government is unquantified in any available public source.
IDF/MoD-specific contracts: No confirmed IDF or Ministry of Defence contract has been identified. The absence of evidence does not constitute confirmed non-existence given limited transparency in Israeli defence procurement.
Oracle Health Israel deployment scope: Specific Israeli hospital contracts for Oracle Health EHR have been referenced in Israeli financial press but could not be confirmed to a citable URL. Available evidence limits characterisation to civilian healthcare4148.
Oracle Health — military medical facility deployment: No evidence for or against deployment at IDF medical facilities (e.g., Military Medical Corps hospitals) has been identified. This gap remains open.
Post-October 2023 developments: Whether Oracle received additional scrutiny, amended contracts, or issued policy statements regarding Israeli state technology relationships following October 2023 is not captured in any specific public document identified at sufficient precision to cite.
Patent co-development: USPTO and EPO patent database queries for Oracle co-filings with Israeli academic institutions (Technion, Hebrew University, Weizmann Institute) were not directly executable during research. This gap requires a targeted patent database search.
Oracle For Startups Israel portfolio: Specific Israeli companies supported under the programme and the scale of cloud credit and investment involvement are not publicly disclosed in detail2144.
Ravello Systems IP integration: The specific OCI components incorporating Ravello-derived IP post-2016 acquisition have not been publicly delineated by Oracle17.
Larry Ellison personal investment portfolio — completeness: Ellison’s full personal investment portfolio is not comprehensively disclosed in public filings. His Form 4 SEC disclosures cover Oracle transactions; personal venture investments below SEC disclosure thresholds are not fully visible in public records49.
Oracle MICROS settlement-area deployments — direct vs. indirect: The distinction between Oracle licensing MICROS to an Israeli hotel chain (which independently operates in settlements) versus Oracle holding a direct contract with a settlement-area property has not been resolved in publicly available Who Profits or Oracle materials3745.
Post-OCI-breach (2025) — Israel region impact: Whether the 2025 OCI security breach affected Israeli-region customer data specifically has not been publicly confirmed42.
NetSuite Israel — settlement-area SME customer base: Structurally possible given the platform’s broad Israeli SME adoption but not confirmed or refuted in available public records38.
A/HRC/59/23 full-text review: Training data coverage of this report’s full text (all paragraphs, not only §§36–43) may be incomplete. A direct primary-document review of the full report is needed to confirm Oracle’s non-appearance throughout the document32.
https://www.oracle.com/il/news/announcement/oracle-to-open-first-cloud-region-in-israel-2022-01-13/ ↩↩↩↩
https://www.oracle.com/news/announcement/oracle-opens-cloud-region-in-israel-2023-06-20/ ↩↩↩
https://www.theguardian.com/technology/2021/apr/20/project-nimbus-israel-government-cloud-amazon-google ↩↩↩
https://www.wired.com/story/tech-workers-call-amazon-google-cancel-project-nimbus/ ↩↩↩
https://investor.oracle.com/investor-news-and-events/sec-filings/annual-reports ↩↩↩↩
https://docs.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm ↩↩↩↩↩↩
https://www.cyberark.com/press/cyberark-and-oracle-partner-to-deliver-identity-security/ ↩↩↩↩↩
https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Oracle-Identity-Governance.htm ↩↩↩↩↩
https://www.checkpoint.com/partners/technology-partners/oracle/ ↩↩↩↩↩↩↩
https://www.sentinelone.com/partners/technology-alliance/oracle/ ↩↩↩↩↩
https://www.verint.com/partners/technology-partners/oracle/ ↩↩↩↩↩
https://www.nice.com/resources/nice-oracle-integration ↩↩↩↩↩
https://www.wiz.io/blog/wiz-now-supports-oracle-cloud-infrastructure ↩↩↩↩↩
https://techcrunch.com/2016/02/24/oracle-buys-ravello-systems/ ↩↩↩↩↩
https://www.oracle.com/corporate/acquisitions/ ↩
https://www.oracle.com/news/announcement/oracle-to-acquire-cerner-2021-12-20/ ↩↩↩↩
https://www.timesofisrael.com/ellison-usc-gift/ ↩
https://www.jta.org/2024/05/09/united-states/larry-ellison-gives-1-billion-to-usc-and-says-he-supports-israel ↩
Multiple mainstream news outlets, May 2024 — specific article URLs not confirmable to exact path ↩
No source identified — finding is absence of confirmed evidence; no URL applicable ↩↩
https://www.icc-cpi.int/news/statement-icc-prosecutor-karim-a-a-khan-kc-applications-arrest-warrants-situation-state ↩↩↩↩↩
https://www.oracle.com/news/announcement/oracle-to-wind-down-advertising-business-2024-06-30/ ↩↩
https://www.ohchr.org/en/hr-bodies/hrc/regular-sessions/session31/database-hrc3136 ↩↩
https://www.ohchr.org/en/documents/thematic-reports/ahrc5923 ↩↩↩↩↩↩
https://www.ohchr.org/en/documents/thematic-reports/ahrc5573-report-special-rapporteur-human-rights-situation-occupied ↩↩
https://www.ohchr.org/en/documents/thematic-reports/ahrc4943-report-special-rapporteur-situation-human-rights-palestinian ↩↩
Israeli government procurement reporting — specific URL not confirmable ↩
https://www.wsj.com/articles/oracles-bluekai-tracks-you-across-the-web-11594143600 ↩↩↩
Cybersecurity news outlets reporting, early 2025 — specific URL not confirmable to exact path ↩↩↩↩
https://www.nextgov.com/it-modernization/2019/08/oracle-protests-jedi-cloud-contract/158985/ ↩↩
https://docs.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm ↩↩↩
https://www.netsuite.com/portal/partners/find-a-partner.shtml ↩
https://investor.oracle.com/investor-news-and-events/sec-filings/proxy-statements ↩↩↩↩
