Hunters’ award-winning SOC platform enables customers to automatically identify and respond to security incidents
Enabling security teams to scale, Hunters’ security operations center (SOC) platform helps them mitigate cyber threats faster and more reliably than security information and event management (SIEM) tools. Offloading the majority of challenging and manual work security teams have been stuck with, Hunters delivers security results that analysts within any tier can consume to accelerate risk mitigation.
And by leveraging cloud connectors, security teams can integrate Hunters’ platform with their existing security tools or connect it directly to their SIEM. This way they can ingest security logs, events, and telemetry from dozens of data sources on-premises and in the cloud.
With large deployments in the US and Europe, Hunters is a rapidly growing startup founded in 2018. A recent investment funding round has enabled it to increase its internal team as it builds out its research, engineering, and product development capabilities. As the company grows, so does Hunters’ cloud environment.
Consultants recommended Orca Security to simplify SOC 2 auditing
Tomer Kazaz is Hunters’ co-founder and chief technology officer. As the company grows, he’s delegating more of his responsibilities to focus on innovation. “Hunters began as an XDR product that collects all logs telemetry to ease detection, automatic investigation, and correlation processes,” Kazaz says. “Today we offer a cloud-based SOC platform on AWS that can complement a company’s SIEM or fully replace it.”
Hunters’ operates in US and European regions with 600–800 nodes. Everything runs on Kubernetes or serverless architectures. It’s all becoming bigger and more complex, with more work teams involved.
“We used to keep track of our assets in Excel files,” he says. “Tracking changes at our scale was a huge challenge. We chose to augment this approach once we faced an external audit to pass our Service Organization Control (SOC 2) designation.”
A consultant recommended that Hunters deploy the Orca Cloud Security Platform to collect and automatically document cloud assets continuously. “He told us it would make our lives easier moving forward, finding everything in place, and making sure we’re always on top of things,” says Kazaz. “Now with Orca continuously monitoring Hunters’ environment, audit reports are almost instantaneous.”
“This is the only way to maintain those long lists of assets,” Kazaz says. “We get all the information on what we have, the operating systems, patch levels—all of those things. It also allows us to show auditors our processes for maintaining our assets, which is something they want to see.”
Hunters never considered any tool other than Orca
A big advantage of Orca compared to other security products is that there is no need to install and maintain agents. “We didn’t even consider deploying a product like Prisma because of the cost and complexity of using agents,” Kazaz explains. “Installing and maintaining them is annoying; we’d have to schedule a maintenance window and test the configuration in a staging environment. But with Orca, all we had to do was give read permissions to the bucket. It’s super easy.” Hunters was able to fully deploy the Orca solution and begin getting results in just a few hours. As the head of DevOps said, “It just started working!”
“The installation was super easy—since then we’re getting a prioritized list of everything we should do in our cloud environment to make it perfect.”
Tomer Kazaz
Co-founder and CTO
Another drawback of agent-based tools is that they consume resources, however small. Kazaz was concerned they could potentially impact performance on Hunters’ product. “We don’t have to worry about that with Orca.”
Orca Security helps Hunters be the best it can be
Orca has been most helpful as Hunters pursues compliance with various regulations. It started with SOC 2 Type 2 compliance. “We’re in our second year with the SOC 2 audit and Orca Security makes it so much easier,” says Kazaz. “We export an Orca report, take a few screenshots, and paste it as evidence. But the audit isn’t just about production. They want to know about policies pertaining to enterprise security and other company processes. Orca helps us with technical aspects of the audit by informing us how we can run as cleanly as possible.”
“Orca gives us visibility into our production environment. And it has compliance rules and detections that help us determine if anything is misconfigured or not in place.”
Tomer Kazaz
Co-founder and CTO
Next, the company plans to pursue ISO 27001 and possibly FedRAMP certification. Orca Security has templates that can guide any organization through the audit process for these and other certifications to make it as easy as possible. “We’ve got to do everything we can to prove we’re serious about security and compliance. Orca helps us with that,” says Kazaz.
“Our customers take for granted that we take security very seriously—and we do. The audits present us with long security and compliance questionnaires,” Kazaz says. “Now I can report we’re working with top-notch tools to protect our environment and be the best we can be.”
Orca’s information is very actionable
So far, Hunters’ primary use for Orca has been to support its compliance efforts. However, its DevOps team periodically uses it to get reassurance about configurations and possible vulnerabilities. “Orca gives our developers findings we weren’t aware of,” says Kazaz. “They learn about items that aren’t patched, or maybe a vulnerability that requires some hardening. Orca pushes us data on everything we need to do as we mature our AWS environment.”
Kazaz gives one example where Orca alerted them to issues. “We were using an old version of Kubernetes, which caused us to use some unpatched images. It was like a flashing light to Orca when we ran our scans,” he says.
The information Orca provides is very actionable. “You can just fix things and make them go away. This way, we create a clean baseline that’s very easy to keep track of and maintain. Orca finds the gaps we need to fix because we want to be better—and we want a top-notch, completely patched, and up-to-date production environment.”
“Orca Security has raised the standards of how we identify, prioritize, and solve risks within our cloud environment.”
Tomer Kazaz
Co-founder and CTO