The Leader in Cloud Security Research

Our expert security research team discovers and analyzes cloud risks and vulnerabilities to strengthen the Orca platform and promote cloud security best practices. The Orca Research Pod has discovered 15+ major vulnerabilities on public cloud platforms which were subsequently fixed, and continually analyzes the security of public cloud assets being scanned by the Orca platform, and observes attacker tactics and techniques in the wild.

In The News

Top 5 cloud security risks and best countermeasures

May 19, 2023

Azure admins warned to disable shared key access as backdoor attack detailed

Apr 11, 2023

Microsoft Patches ‘Dangerous’ RCE Flaw in Azure Cloud Service

Mar 30, 2023

Featured Research

Bad.Build: A Critical Privilege Escalation Design Flaw in Google Cloud Build Enables a Supply Chain Attack

Jul 18, 2023

Two XSS Vulnerabilities in Azure with Embedded postMessage IFrames

Jun 14, 2023

The Top 5 Cloud Security Risks of 2023 (so far)

May 18, 2023

Discovered Vulnerabilities

Critical cloud infrastructure vulnerabilities discovered by the Orca Research Pod.

‘Orca Watch’ Series

Blog series that discusses trends and new risks as seen on the Orca platform.

Technical Deep Dives

In-depth, technical articles on cloud security and recommended best practices.

Latest from the Orca Research Pod

Discovered Vulnerabilities

Azure HDInsight Riddled With XSS Vulnerabilities via Apache Services

Sep 13, 2023

Research

Beware the Azure Guest User: How to Detect When a Guest User Account Is Being Exploited

Aug 28, 2023

Research

Using AI to Detect Cloud Anomalies: A Supply Chain Attack Example

Jul 18, 2023

‘Orca Watch’ Series

2023 Honeypotting in the Cloud Report: Attackers Discover and Weaponize Exposed Cloud Assets and Secrets in Minutes

Jun 20, 2023

Research

Dependency Confusion Supply Chain Attacks: 49% of Organizations Are Vulnerable

May 09, 2023

See All Posts

Cloud Risk Encyclopedia

Search 2000+ cloud security risks or filter by cloud vendor, compliance framework, risk category, and criticality. 5 cloud platforms. 100+ compliance frameworks. 18 risk categories. 4 risk levels.

Learn more

The Leader in Cloud Security Research

In The News

Top 5 cloud security risks and best countermeasures

Azure admins warned to disable shared key access as backdoor attack detailed

Microsoft Patches ‘Dangerous’ RCE Flaw in Azure Cloud Service

Featured Research

Bad.Build: A Critical Privilege Escalation Design Flaw in Google Cloud Build Enables a Supply Chain Attack

Two XSS Vulnerabilities in Azure with Embedded postMessage IFrames

The Top 5 Cloud Security Risks of 2023 (so far)

Categories

Discovered Vulnerabilities

‘Orca Watch’ Series

Technical Deep Dives

Latest from the Orca Research Pod

Azure HDInsight Riddled With XSS Vulnerabilities via Apache Services

Beware the Azure Guest User: How to Detect When a Guest User Account Is Being Exploited

Using AI to Detect Cloud Anomalies: A Supply Chain Attack Example

2023 Honeypotting in the Cloud Report: Attackers Discover and Weaponize Exposed Cloud Assets and Secrets in Minutes

Dependency Confusion Supply Chain Attacks: 49% of Organizations Are Vulnerable

Cloud Risk Encyclopedia

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS