We’re thrilled to announce that SC Media named Orca Security as the Best Cloud Workload Protection Platform (CWPP) in this year’s SC Awards! The SC Awards are cybersecurity’s most prestigious awards program honoring outstanding innovations, organizations and leaders that are advancing the practice of information security.

In addition to Best CWPP, Orca was also named a finalist in the Cloud Security Posture Management (CSPM) category. We’re especially honored since this is the second year in a row that Orca has won an SC Award; last year Orca was named Best Cloud Security Posture Management (CSPM) solution.


So why is Orca consistently winning in two categories, CWPP and CSPM? This is because the Orca Cloud Security Platform actually combines both (and more) in a single platform, detecting and prioritizing risks across workloads, configurations, and identities. 

In fact, Orca is a pioneer of a more recent category, namely the Cloud-Native Application Protection Platform (CNAPP), a platform that is built for the cloud and protects cloud-native applications with cloud-native security that is robust yet as agile as the cloud.

Orca detects risks across workloads, configurations, and identities

What is a Cloud-Native Application Protection Platform (CNAPP)?

Coined by Gartner in 2021, a Cloud-Native Application Protection Platform (CNAPP) is a security solution that protects and secures cloud-native applications deployed in cloud environments. Cloud-native applications often use containerization and microservices architecture as opposed to traditional monolithic applications, increasing the speed with which they can deploy and update applications.

By consolidating many different point solutions in one platform, such as CSPM, CWPP, CIEM (Cloud Infrastructure Entitlements Management), and DSPM (Data Security Posture Management), a CNAPP detects risks across the entire technological stack, including cloud configurations, workloads, and identities. 

By understanding the full context of risks and how they can be combined to create dangerous attack vectors, a true CNAPP plays a vital role in helping teams prioritize their remediation efforts and make the greatest improvement in their cloud security postures.

Orca detects security risks early in the development process

A CNAPP also shifts security left by seamlessly integrating security controls and remediation into the CI/CD process so that applications can be secured from code to production instead of only looking at security after applications are already deployed.

Comparing CNAPPs

Although there are several CNAPPs available on the market, features and capabilities vary significantly depending on the vendor offering the platform.

  1. With its agentless implementation, Orca solves a lot of challenges that agent-based platforms face, including cumbersome deployment, significant coverage gaps, performance degradation, and organizational friction between security and DevOps teams.
  2. Not all CNAPPs are truly consolidated in one platform. Instead, some vendors have bolted on different applications that are marketed as one solution, which means they cannot bring the benefit of full-stack visibility and attack path analysis.
  3. Many CNAPPs can detect security risks in development and deployment, but Orca is unique in that it can tie risks detected in production back to the original artifact and owner, so issues can immediately be assigned to the right individual for a speedy resolution.

Learn More About the Orca Platform

Want to learn more about the Orca Cloud Security Platform? Download the Orca Platform Overview, or watch a demo to see Orca in action.