We’re proud to share that Orca Security has been recognized as a Leader in the 2025 GigaOm Radar Report for Cloud-Native Application Protection Platforms (CNAPP). Out of 18 vendors evaluated, Orca stood out for its unified platform, dynamic risk prioritization, and rapid pace of innovation. This recognition reinforces Orca’s position at the forefront of cloud security, helping organizations thrive securely in the cloud with confidence.
GigaOm’s acknowledgment comes at a pivotal time, as organizations face mounting risks across their multi-cloud estates. The 2025 State of Cloud Security Report found that 36% of organizations have at least one cloud asset supporting more than 100 attack paths, creating toxic risk combinations that provide direct access to critical resources. At the same time, VulnCheck’s new study found that nearly a third of CVEs are exploited on or before the day of disclosure, making zero days more of a norm than an exception.
In such a high-stakes environment, organizations can no longer view cloud security as optional. They require comprehensive visibility and capabilities that extend across the entire cloud estate, enabling them to identify risks, understand potential attack paths, and take swift, informed action. This is why CNAPP technology has become a business necessity and why recognition in analyst reports like the GigaOm Radar matters so much.
What it means to be a Leader
According to GigaOm, Leaders are vendors that have achieved the right balance of breadth, depth, execution, and sustained innovation, outperforming their peers in both capability and market execution.
As GigaOm highlights:
“Orca Security delivers a cloud-native security platform designed to provide comprehensive coverage for modern cloud environments. The company has emerged as a leader, rapidly expanding its capabilities while maintaining platform cohesion and reliability.”
This recognition places Orca in the Maturity/Platform Play quadrant of the Radar, demonstrating our ability to provide both innovation and stability for organizations at scale.
Why Orca was named a Leader
Backed by our Unified Data Model, Orca brings together CNAPP capabilities—including CSPM, CWPP, CIEM, and more—into a single platform without the complexity of multiple tools or agents. Orca’s dynamic risk prioritization ensures security teams can focus on the risks that matter most by correlating findings with context such as asset exposure, importance, connectivity, and other attributes.
Numerous factors contributed to Orca’s leadership position in this year’s Radar, including:
- Configuration Drift Detection: An extensive prebuilt policy library and support for custom cross-domain policies allow teams to enforce sophisticated rules, such as “EC2 instances with PII must not be internet-exposed.” Automated remediation is supported through native capabilities and integrations with ticketing systems like Jira and ServiceNow and SOAR platforms.
- Visualization of Asset Relationships: A queryable graph database maps interconnected workloads, identities, infrastructure, and high-value assets to highlight internet exposure, IAM relationships, and potential blast radius, giving teams unmatched visibility into complex cloud environments.
- Data Security and Privacy: Agentless data discovery and classification across multi-cloud environments, coupled with attack path analysis, helps organizations protect their most sensitive assets and meet compliance requirements.
GigaOm further notes:
“The solution provides strong risk prioritization and attack path analysis specifically for sensitive data protection, helping organizations understand how attackers might reach critical information assets.”
Additionally, GigaOm recognized Orca’s agentless-first approach that delivers immediate value:
“Orca Security provides exceptional value for large-scale cloud environments requiring rapid security visibility without deployment complexity through its agentless approach that delivers results within 24 hours.”
Orca’s Commitment to Cloud Security Innovation
Being named a Leader in the 2025 GigaOm Radar for CNAPP reflects Orca’s continued focus on innovation. Recently, we’ve introduced numerous advancements that further strengthen the Orca Cloud Security Platform, some of which include:
- Patent-pending Agentless and Dynamic Reachability Analysis: Surfaces only the vulnerabilities that attackers can actually reach and exploit, dramatically improving prioritization and reducing noise.
- Orca AI: Provides AI-driven, contextual assistance across discovery, investigation, and remediation workflows. Orca AI continuously learns from user interactions, adapts to changing conditions, and accelerates security operations.
- Orca Sensor: Delivers real-time visibility, detection, and monitoring for sensitive workloads with a lightweight, eBPF-based technology. Covering public cloud environments, Sensor will soon support any hybrid cloud deployment, including public cloud, private cloud, and on-premises environments, as well as provide parity across Windows, Linux, and Kubernetes.
With these innovations, Orca continues to unify visibility, prioritize risk, and deliver security outcomes quickly, without the complexity of agents or fragmented tools.
Learn more about the Orca Platform
To learn how Orca can help you adopt CNAPP best practices, schedule a personalized walkthrough of the Orca Platform.
