We are thrilled to announce that the Orca Cloud Security Platform has completed the Australian IRAP assessment at the Protected classification level. This achievement, following our recent FedRAMP authorization in the United States, shows our commitment to security practices that meet national security standards required for public sector systems. We are proud to have accomplished the IRAP assessment with Tesserent, an approved IRAP assessor and our auditing partner.
What is IRAP?
IRAP is Australia’s Information Security Registered Assessors Program, an initiative by the Australian Cyber Security Centre (ACSC), a division of the Australian Signals Directorate (ASD). The goal is to ensure that any provider of technology working with sensitive government data takes a risk-based approach and meets the security requirements set forth by the Australian Government Information Security Manual (ISM).
Completing the IRAP assessment means that Orca Security is committed to securing sensitive data according to the standards set by the Australian government.
How does Orca help secure Australian government cloud assets?
The 2023-2030 Australian Cyber Security Strategy outlines how the Australian government plans to build national cyber resilience in the wake of rising cybercrime. Part of this initiative is to ensure Australian citizens can trust digital products and software, protect the most valuable datasets, and adopt emerging technologies safely. Additionally, the Australian government recently deepened its relationship with AWS to expand cloud access to all levels of government. According to TechTarget, “over 140 Commonwealth, state and territory agencies already use AWS for critical services in transport, health, education and tax collection.”
Quick time-to-value
Orca gives Australian government agencies an agentless-first approach to the most comprehensive coverage of their cloud estate by detecting misconfigurations, vulnerabilities, malware, lateral movement, data risks, API risks, AI risks, active breaches, and more—without the overhead of agents. Our patented SideScanning™ technology delivers an inventory of assets, risks, and compliance gaps in just minutes of deploying.

Protect sensitive data
The Orca Platform provides a Data Security dashboard that shows an overview of cloud data stores, sensitive data, and security and compliance alerts. When Orca’s SideScanning™ technology detects sensitive data, it classifies what type of sensitive data was detected, keeps a redacted sample, and deletes the rest. The data sample, paired with deep contextual data, gives team members confidence in any alerts sent their way to fix. All customer data is handled securely complying with ISO certified techniques and procedures.

Precisely prioritize risks to remediate
The Orca Platform pulls together data across cloud configurations, cloud event logs, CI/CD scans, network, cloud entitlements and privileges, agents, and our SideScanning technology into a Unified Data Model. Orca uses this depth of data to visualize attack paths and precisely prioritize risks with a calculated risk score that keeps the root cause of a security issue and dynamically updates as the context changes. Whether teams use an asset-focused approach or risk-focused approach to remediation, Orca makes sure that teams focus on what really matters.

Adopt AI safely
The Orca Platform supports the safe adoption of emerging technologies like AI in two ways: AI-SPM and AI-driven discovery and remediation.
AI-SPM
Orca identifies deployed AI models in your multi-cloud environment to protect against data tampering and leakage. Orca covers 50+ AI models and software packages—including Pytorch, TensorFlow, OpenAI, Hugging Face, scikit-learn, and many more—allowing you to confidently adopt AI tools while maintaining visibility and security for your entire tech stack.

AI-driven discovery and remediation
Orca uses AI across the platform to make teams more effective, even when they are earlier in their cloud journey. Developers and security practitioners alike can lean on ready-to-use remediation steps, simplified search, and suggested IAM policy configurations. Orca even uses AI to detect anomalous activity and provide cloud detection and response capabilities with an agentless-first approach.

About the Orca Cloud Security Platform
Orca offers a unified and comprehensive cloud security platform that identifies, prioritizes, and remediates security risks and compliance issues across AWS, Azure, Google Cloud, Oracle Cloud, Alibaba Cloud, and Kubernetes. The Orca Cloud Security Platform leverages Orca’s patented SideScanning™ technology to provide complete coverage and comprehensive risk detection.
Learn more
Interested in seeing how the Orca Platform can help you command your cloud? Schedule a personalized 1:1 demo.