Orca Security Gets More Fuel to Help Global Enterprises Gain Deep Cloud Security in Minutes, Not Months

I’m thrilled to announce that we closed a $20.5M Series A funding round led by GGV Capital, with participation from our seed investors, YL Ventures, and SVCI (Silicon Valley CISO investments). This, together with the seed investment announced last June, brings Orca Security total funding to $27M USD in less than 12 months.

We’re going to use these funds to help more enterprises around the world grow securely in the cloud. Our unique SideScanning™ technology provides full coverage in minutes and is a stark contrast to repurposed, pre-cloud tools—deceptively rebranded as “cloud-native”— that take months to deploy and still only provide limited capabilities.

About 16 months ago, after I finished my work at Check Point, where I was chief technologist, I was in a Tel Aviv coffee shop asking myself, “Say I’m responsible for an AWS/Azure/GCP environment…I need to discover and manage all possible risks. What should I do?” There was no good answer.

CSPM (cloud security posture management) was the go-to answer. After all, it was easy to deploy. Desperate to solve this problem for their customers (or at least advertise it), every major security player bought one or two CSPM vendors. Palo Alto Networks bought RedLock and Evident.IO, Check Point bought Dome9, TrendMicro bought Cloud Conformity, Aqua bought CloudSploit, ZScaler bought Cloudneeti, Rapid7 bought DivvyCloud and the list goes on. But no one in their right mind would consider those to provide full security, including the CSPM vendors themselves. They don’t go workload deep—for example, they don’t provide an alert if you have a vulnerable web server or an infected workload.

Sure, you can install agents or network scanners. But those take many months to deploy and can harm your production environment. You’ll invest hundreds of thousands of dollars (or more) while annoying your DevOps team. Once deployed, you’ll still have limited coverage and thousands of irrelevant, out of context alerts for the security team to chase after. And after all that, you’ll still be saddled with the ongoing agony and expense to maintain it all.

Before Check Point, I served in Israeli intelligence (Unit 8200) for almost a decade. I undertook advanced technical training and led one course. The most important lesson I learned is this:

“Believe you’ll find a solution to any given problem. Never assume that existing approaches are the only possible solutions.”

And I applied this mindset to the problem of how to discover and manage all possible risks across AWS, Azure, and GCP. The characteristics of the ideal solution were clear:

  • Detect all important risks in your cloud environment—both workload and control plane—whether it is a piece of vulnerable software, infected workload, misconfigured S3 bucket, lateral movement risk, improperly secured PII—you name it.
  • Integrate with any cloud environment in minutes without any side effects on performance and availability—thereby eliminating organizational friction. It would do so without running a single opcode on the customer environment and without sending a single packet—all while guaranteeing 100% coverage.
  • Prioritize alerts based on all available data, presenting a manageable number of alerts. It doesn’t make sense having a vulnerability management agent tell you about 1,000 workloads at risk due to vulnerabilities, then have to go to your CSPM to assess whether there is a real attack vector involved, followed by having to install another distinct agent-based antivirus solution to detect existing compromises. That doesn’t work—we need to deliver the functionality of multiple tools out of the box, with actionable alerts, not “security concerns by the kilo.”

Partnering with an elite team of cybersecurity veterans, we’ve created the world’s only product that achieves full, contextual cloud security that can realistically be deployed in mere minutes and provides 100% coverage. The secret sauce – our unique, patent-pending, SideScanning™ technology that reads the workloads’ run time block storage out-of-band, and cross-references this with cloud context pulled directly from the cloud vendors’ APIs.

View from the Tel Aviv coffee shop where I came to realize that there were no cloud security solutions that could detect and discover all risks across AWS, Azure, and GCP

Today, just 16 months after that day in the Tel Aviv coffee shop, Orca technology has earned the trust of a multitude of customers. This includes fast-growing companies such as People.AI, Sisense, Rapyd, Qubole, Fiverr, and Paidy—that were born in the cloud—to more mature organizations now moving to the cloud, such as Lionbridge and MRS BPO. Others include Fortune 500/100 customers, each benefiting from what Orca Security provides.

Rave reviews from visionary IT security leaders continue to fuel our imagination as to what is possible when you don’t assume existing approaches are the only possible solutions:

“What I like most about Orca Security is that you get very deep results with only a small investment in time. You get value on day one.”
Andy Ellis

CISO, Akamai

“Within minutes, we gained full visibility into our AWS account. Before Orca, I had zero visibility. Now, I see everything I need to see. Plus, we now have a single tool that does it all.”
Shahar Maor

CISO, Fiverr

“The most impressive thing about Orca Security is being able to see results so quickly across 100% of our cloud assets.”
Drew Daniels

Chief Security Officer, Qubole

“Competing solutions are either agent-driven, which can’t keep pace with how engineers build in the cloud, or they’re metadata-driven, which provide limited visibility. Orca Security gives you the visibility of multiple tools in one, saving you time, effort, and money.”
Kevin Paige

CISO, Flexport

“These days, any cloud security solution that requires agents, libraries or costly and complex integrations should be out of the question. In contrast, Orca Security provides a comprehensive security perspective that doesn’t require material changes to the cloud environment, but still identifies all issues across the entire stack – OS, applications, and services.”
Ian Amit

Chief Security Officer, Cimpress


You can read more Orca Security reviews and case studies here.

To conclude, one cannot ignore the elephant in the room—COVID19—which has prematurely ended too many lives and affected too many industries. To lend a hand in some way, we’re offering highly affected customers—such as those in travel, hospitality, and event management industries—a fully-featured, six-month subscription for only $1, with no commitment or mandatory renewal required. It’s what we can do to help. If you’re highly affected by the pandemic, but don’t specifically fall in these categories, please feel free to approach us—we’ll be happy to consider extending the offer to you, too.