AI adoption is accelerating at an incredible clip. The 2024 State of AI report found that 56% of organizations have adopted AI services for custom applications with integrations and data specific to their environment. When the Orca Research Pod revisited the data for the 2025 State of Cloud Security, they found that number surged to 84%. Use cases are getting more sophisticated, especially in regulated industries like healthcare and finance that have the most to gain from the AI advantage.
However, as we consider the benefits of intentionally training AI models on sensitive data, like patient data in healthcare for quicker, more precise treatment, or user financial data for fraud detection, we also must consider the risks of using sensitive data accidentally. How can organizations ensure sensitive data is only used in designated AI training data sets?
Enter Orca.
The Orca Platform now detects sensitive data in Azure OpenAI training data, prioritizing these risks in context with the rest of your cloud environment so your team understands what is most important to remediate first.
Detect PII, PHI, PCI, and secrets in AI training data with Orca
The Orca Platform detects out of the box hundreds of common sensitive data types (PII, PHI, PCI and secrets) while also giving customers the flexibility to create custom identifiers to detect their own sensitive data types in files (including image files), databases, storage buckets, and more. We now extend our sensitive data detections to AI training files so that you can identify and prioritize this risk in context with the rest of your cloud stack.
Securing Data and AI with the Orca Platform
Orca Security offers extensive AI-SPM and Data Security Posture Management (DSPM) capabilities. The Orca Platform uses patented SideScanning™ technology to provide visibility into deployed AI models across AWS, Azure, and Google Cloud, while automatically identifying and classifying sensitive data including PII, PHI, and PCI across these environments. Orca scans entire cloud estates to detect sensitive data at risk in workloads, storage buckets, databases, serverless applications, and now AI training data sets, providing exact locations and masked samples for evidence-based remediation. Customers use Orca to discover shadow AI, provide complete AI inventory and Bill of Materials, and ensure secure configuration of all cloud resources. Orca continuously monitors data security risks and contextualizes threats by understanding whether data stores are publicly exposed or connected to internet-facing assets. By analyzing attack paths and evaluating internet exposure among other factors, Orca automatically updates the risk scores of alerts to prioritize the issues that expose your sensitive data to threat actors.
About the Orca Cloud Security Platform
Orca offers a unified and comprehensive cloud security platform that identifies, prioritizes, and remediates security risks and compliance issues across AWS, Azure, Google Cloud, Oracle Cloud, Alibaba Cloud, and Kubernetes. The Orca Cloud Security Platform leverages Orca’s patented SideScanning™ technology to provide complete coverage and comprehensive risk detection.
Learn More
Want to explore how Orca can protect AI at your organization? Schedule a personalized 1:1 demo, and we’ll demonstrate how the Orca Cloud Security Platform drives visibility and prioritized risk mitigation to deploy AI securely.
