Even a cursory read of the 2025 State of Cloud Security Report reveals that security teams are contending with more risks than ever. On average, each cloud asset contains 115 vulnerabilities. Nearly a third of cloud resources are in a neglected state. And the number of cloud assets exposing sensitive data to the public remains alarmingly high.

These figures highlight the growing importance of effective risk prioritization. Security teams must be able to quickly identify which risks pose real threats—based on actual exposure and business impact—so they can focus their limited resources where it matters most.

To help enable this, we’re excited to introduce new support for AWS Network Firewall. This enhancement extends our coverage to include AWS Network Firewall assets—such as firewall instances, policies, and rules—when evaluating the external exposure of cloud resources. By expanding Orca’s dynamic exposure analysis to include AWS Network Firewall, security teams gain more accurate and effective risk prioritization.

A screenshot of the Orca Platform giving teams full visibility into their AWS Network Firewall assets and risks
Using Orca, teams can gain full visibility into their AWS Network Firewall assets and associated risks

What is AWS Network Firewall?

AWS Network Firewall is a stateful, managed firewall and intrusion detection service that enables organizations to inspect and control traffic to, from, or between Virtual Private Clouds (VPCs). Security teams can define or import firewall rules and apply them centrally across VPCs and accounts via AWS Firewall Manager.

Why this integration matters

Orca evaluates external exposure by analyzing whether assets are publicly accessible and whether they can be reached from external addresses within or outside trusted ranges. Resources such as firewalls, security groups, and internet gateways can significantly influence exposure by allowing, restricting, or blocking access to other assets.

With this release, Orca now detects risks associated with AWS Network Firewall and also factors its rules and policies into determining an asset’s exposure level. This added context gives security teams a more complete picture of which risks are most severe and potentially impactful—helping them prioritize remediation more effectively and reduce alert fatigue.

What does this release include?

Orca’s integration with AWS Network Firewall provides several key features, including:

#1. Full visibility into AWS Network Firewall

Challenge: Security teams often lack visibility into how network-layer controls like firewalls influence asset exposure—making it difficult to assess and prioritize risk accurately.

Solution: Orca provides comprehensive visibility into AWS Network Firewall assets across your entire cloud environment, including instances, policies, and rules. Teams can view detailed information for each firewall asset, along with associated risks, compliance insights, and relevant context—all directly within the Orca Platform.

#2. Dynamic, prioritized alerts

Challenge: High alert volumes and limited context make it difficult for teams to determine which risks require immediate attention.

Solution: Orca automatically detects, analyzes, and prioritizes risks associated with AWS Network Firewall, as well as evaluates the relationship between AWS Network Firewall assets to other assets when evaluating external exposure. Our platform also applies the latter analysis to the detection and prioritization of attack paths—the toxic risk combinations that endanger high-value assets. Together, this ensures security teams can prioritize remediation, reduce alert fatigue, and prevent the oversight of critical risks.

A screenshot of the Orca platform prioritizing alerts related to AWS Network Firewall assets
Using Orca, teams receive prioritized alerts related to AWS Network Firewall assets with at-a-glance information and deep insights 

#3. Fast and flexible remediation

Challenge: Remediating risks often requires significant time and coordination across teams, slowing response times.

Solution: Orca provides fast and flexible remediation options for alerts involving AWS Network Firewall. Users can generate tailored code and step-by-step instructions using AI-driven workflows or rely on expert-written guidance from Orca. Additionally, Orca’s two-way integrations with Jira and ServiceNow allow teams to automatically create, assign, and track remediation tasks—without leaving the platform.

A screenshot of the Orca platform providing AI-driven options for fast and flexible risk remediation
Orca offers AI-driven and assisted options for fast and flexible risk remediation

About the Orca Cloud Security Platform

Orca offers a unified and comprehensive cloud security platform that identifies, prioritizes, and remediates security risks and compliance issues across AWS, Azure, Google Cloud, Oracle Cloud, Alibaba Cloud, and Kubernetes. The Orca Cloud Security Platform leverages Orca’s patented SideScanning™ Technology to provide complete coverage and comprehensive risk detection. 

Learn More

Interested in discovering the benefits of the Orca Platform? Schedule a personalized 1:1 demo, and we’ll demonstrate how Orca can secure your AWS environment, including multi-cloud estates.