As the complexity of cloud ecosystems grows and the cloud security skills shortage persists, AI-driven security platforms are becoming increasingly vital for organizations to protect their data and infrastructure in the cloud. As the first comprehensive cloud security platform to integrate generative AI, Orca understands this need like no other cloud security vendor.
The Orca Cloud Security Platform leverages the power of AI in many ways, including advanced threat detection, predictive analytics, anomaly detection, and plain language asset searches. The latest AI addition is the integration with Amazon Bedrock, the generative AI model offered by AWS. Orca leverages Amazon Bedrock to effectively operate as a security co-pilot, automatically generating remediation instructions for detected risks in customer cloud environments.
The integration allows security teams to directly copy and paste remediation code generated by Amazon Bedrock into a command line interface and Infrastructure as Code (IaC) provisioning tools, or follow steps in the console. This helps organizations significantly accelerate their Mean Time to Remediation (MTTR) and lower the skill thresholds needed for cloud security professionals. As a result, less risks remain in the environment, and cloud security postures are considerably improved.
Orca’s Amazon Bedrock integration follows earlier integrations with ChatGPT and Azure OpenAI. By supporting different AI models, Orca is committed to giving customers access to the best available AI engines and the option to use the AI engine of their choice.
Orca integrates with Amazon Bedrock to automatically generate remediation code
What is Amazon Bedrock?
Amazon Bedrock is a service that enables developers to build their own generative AI applications on AWS. Generative AI applications can take natural language prompts and use them to generate new content such as text, images, music, and video. Amazon has partnered with leading AI companies, including AI21 Labs, Anthropic, and Stability AI, to offer developers large language models (LLMs) on Amazon Bedrock, which developers can use to build out their own applications hosted on AWS.
The Orca Amazon Bedrock Integration Accelerates Remediation
So how does the integration work? In simple terms, Orca feeds the cloud security alert data to Amazon Bedrock, including information about the risk and its contextual environment such as affected assets, attack vectors, and potential impact (any sensitive data is masked before submission). Amazon Bedrock then generates instructions and code with the fastest, most practical ways to remediate the issue. With detailed prompt engineering, Orca fully optimizes remediation responses.
Diagram showing how Amazon Bedrock integrates into Orca
To ensure data privacy and security, Orca adds several layers of filtering and sanitation to the input data, so that only the necessary information is passed on. In addition, Amazon Bedrock ensures adherence to stringent security and privacy requirements and common compliance standards.
The Orca platform provides instructions and code for several configuration tools:
- AWS, Azure, or Google Cloud Provider Console
- Command Line
- AWS CloudFormation
- AWS Cloud Development Kit
- Azure Resource Manager
- Google Cloud Deployment Manager
- Open Policy Agent
Security teams can follow console instructions or copy code into their tool of choice. Developers can copy and paste code into Infrastructure as Code (IaC) tools such as Terraform, Pulumi, and others. Additionally, through Orca’s integration with third-party ticketing systems such as Jira, remediation steps and code can automatically be included in tickets assigned to DevOps and development teams for speedy implementation.
If users need to get further clarification or refinement, it’s possible to ask Orca follow-up questions and fine-tune the remediation steps further.
Orca uses Amazon Bedrock to generate custom remediation steps for many different tools
Benefits of AI-Generated Remediation Instructions
With the cloud security industry facing serious challenges such as skills shortages, employee burnout, growing multi-cloud complexity, and attackers increasingly leveraging AI to accelerate breaches, it is now more important than ever that defenders leverage generative AI to keep up.
With Orca’s integrated AI capabilities, customers experience the AI benefits straight from the Orca platform:
- Accelerate Mean Time to Remediation (MTTR)
- Reduce specialized skills needed
- Fortify cloud security posture
- Allow team to focus on higher-value activities
- Less burnout, higher job satisfaction
Generated code can be copied and pasted into the command line or IaC tools
Data Privacy and Compliance
All requests from the Orca Platform to Amazon Bedrock are anonymized, and any sensitive information is removed or masked before submitting to Amazon Bedrock. In addition, any information that is submitted to Amazon Bedrock meets stringent security and privacy requirements and is compatible with common compliance standards including GDPR and HIPPA. With Amazon Bedrock, submitted content is not used to improve the base models and is not shared with third-party model providers.
Orca and AWS Partnership
The integration with Amazon Bedrock is the latest in a number of AWS integrations to enhance security for Orca and AWS customers’ cloud estates, including with Amazon GuardDuty and Amazon Security Lake. Named winner of the 2022 Global AWS Security Partner Award, Orca Security leverages its close relationship with AWS to comprehensively secure AWS cloud estates.
Orca supports over 100 AWS services to provide comprehensive security coverage for its customers’ AWS estates, detecting risks across infrastructure, workloads, identities, and data. The Orca Platform is available in AWS Marketplace.
Orca Security will be a sponsor at AWS Re:Invent on Nov 27 – Dec 1, 2023 in Las Vegas, NV.
About the Orca Cloud Security Platform
The Orca Cloud Security Platform identifies, prioritizes, and remediates risks and compliance issues across your cloud estate spanning AWS, Azure, Google Cloud, Alibaba Cloud, and Kubernetes. Leveraging its patented SideScanning technology, Orca offers comprehensive cloud security coverage detecting vulnerabilities, misconfigurations, lateral movement, API risks, sensitive data at risk, anomalous events and behaviors, and overly permissive identities. Instead of layering multiple siloed tools together or deploying cumbersome agents, Orca delivers complete cloud security in a single platform.
Learn More About How Orca Leverages AI
Would you like to learn more about the Orca platform? Schedule a 1:1 demo with one of our experts.