Neglected assets

Host OS reaching End of Support

Risk Level

Hazardous (3)

  • Non-platform specific

Compliance Frameworks
  • Orca Best Practices

About End-of-Support (EOS) Software

Software products continue to receive updates and bug fixes until they hit their end-of-support (EOS). Vendors usually mark their older software versions as “approaching EOS” and issue a notification with the actual date.

After EOS, the vendor no longer provides any product technical support and isn’t required to fix any vulnerabilities or bugs subsequently discovered.

EOS is typically the last stage of a software’s lifecycle. If it’s approaching EOS, it’s essential to upgrade to a newer, supported version before that date arrives. Failure to upgrade can put your systems at risk of compromise.

Cloud Risk Description

Malicious actors take special interest in discovering EOS software vulnerabilities, as official patches never get released for them. If attackers learn of an exploitable vulnerability, all they have to do is locate a system running the EOS software to execute a successful attack. If the software is fundamental and/or has widespread use (e.g., an operating system), ramifications of an attack can be devastating.

How Can Orca Help?

Orca discovers neglected workloads, i.e., machines running an unpatched or unsupported OS. In addition, Orca alerts you to a host operating system reaching EOS in less than 90 days, as shown in the above screenshot . This enables you to upgrade the OS before the EOS date.


Orca Security, the cloud security innovation leader, provides cloud-wide, workload-deep security and compliance for AWS, Azure, and GCP - without the gaps in coverage, alert fatigue, and operational costs of agents.