Orca Elevates Rods&Cones’ Security Maturity Level with Active Monitoring and Alerting

Rods&Cones brings the world’s medical experts into local operating rooms through virtual connections 

Rods&Cones provides remote assistance solutions that virtually connect medical professionals globally in patient care areas such as operating rooms. This allows MedTech experts, assisting surgeons, medical students, and other healthcare professionals to see and communicate with surgeons working in any OR, anywhere in the world—all in real-time through advanced smart glasses technology. This is to ensure everyone has access to the best medical skills, expertise, and advice regardless of where they’re located.

Running in the background of the room, the plug-and-play, remote surgical assistance solution transmits audio and images. Its use requires no special handling and is sterile for the medical environment. Staff can focus on surgeries without concern for operational technology. 

Security and regulatory compliance are critical factors in product sales and device use. CGO and Co-Founder Jan Dheedene sees a parallel between his company and Orca Security. “The agile and smart approach that Orca takes to solving problems and the way it communicates with its customers is the same way we work at Rods&Cones. Both our companies look at unique ways of doing things, making our solutions smarter and easier in terms of technology and automation.”

Rods&Cones is all-in with Microsoft Azure cloud platform

The surgical assistance solution software runs on the Microsoft Azure cloud platform. Maintaining secure code with zero vulnerabilities is a top priority to ensure cloud security standards are being met. With Rods&Cones’ technology, no patient should ever be subject to a software issue during a surgical procedure directed by a remotely participating physician.

“We’re confident in our production software,” says Dario Vuljanic, head of engineering. “Our Azure setup combined with Orca Security provides a very secure environment. If we see an issue, it’s critical that we take corrective action immediately.”

Rods & Cones uses native Azure platform tools as much as possible. “One goal is to not deal with infrastructure, so we leverage the Microsoft Azure platform as a service whenever we can,” says Vuljanic. “We develop cloud native applications and leverage cloud services offered and managed by the Azure platform. And, we avoid virtual machines that require more from us with respect to maintenance. We do run bits and pieces on the Kubernetes system, but they remain within Azure cloud services where they’re more managed in a hands-off way.”

To secure its environment, the company uses Azure Sentinel in combination with Microsoft Defender for Cloud. Rods&Cones integrated Orca Platform alerts with Azure Sentinel to manage alerts in a centralized location.

Orca’s comprehensive platform sheds light on cloud security blind spots 

Despite the range of native security products in use, there were still visibility gaps during monitoring and assessing the current state of the entire application. This led Rods&Cones to Orca Security.

Vuljanic explains, “Because security is an iterative process, not a one-time job, we wanted to have an automated system assessment—something that provides continuous monitoring and alerting. It had to be live, immediately alert us when needed, and could inform us about system compliance when comparing two assessments.” Orca fits these exact needs.

“We first used Orca on our production environment, then added the staging environment. We also set up the alerting and automation part,” says Vuljanic. “Now issues occasionally pop up; we get alerts because of containers that have new Linux vulnerabilities or some misconfigurations we’ve identified. When a staging vulnerability appears, we want to make sure we solve it before it gets moved into production.”

“Orca can tell us if we have problems with the control plane and the location of a container running inside of Kubernetes,” says Vuljanic.

Orca’s integration with Microsoft Teams automates alert notifications

Orca’s integration with Microsoft Teams is underway to automatically distribute alerts. Rods&Cones has a specific Teams channel called “Security” that Vuljanic uses with his team, as well as the CTO and other security personnel. Orca will send a notification to that channel using a web hook when there’s a new alert. “We have to be careful about alert fatigue,” says Vuljanic, “but Orca can prioritize the critical alerts sent to this channel. Then an alert needs to be picked up by someone within 15 minutes depending on the severity and internal processes.

Integrating Orca with Teams is akin to taking a DevSecOps approach. We can make staff aware of vulnerabilities as soon as they’re found so they can be fixed promptly.”
Dario Vuljanic

Head of Engineering

Orca helps boost the security maturity level and eases compliance

The Orca Platform enhances Rods&Cones’ security posture. Vuljanic says, “In particular, we now have more visibility into our Azure environments with the data from the Orca Platform combined with Azure’s native security tools.”

“Validation and control are important. Working with Kubernetes and containers will introduce new security vulnerabilities, but we have visibility into them with Orca. We now have a security baseline; when something comes up we can see it and fix it immediately.”

Orca also plays a critical role in validating external regulation compliance (i.e., HIPAA, GDPR, ISO 27001), which is especially important to Rods&Cones’ customer base. “The hospitals we work with directly, as well as medical suppliers providing our product, ask for proof of regulation compliance,” says Dheedene. “Orca lets us easily provide that evidence by generating a compliance report to share with them. They get assured we’re following best practices and have a solid security framework.”

Some customers want to see a penetration test report. “Orca’s agentless approach lets us do vulnerability scanning and pen tests from a hacker’s perspective—meaning without legitimate access. But we go further; because Orca’s connected to the Azure API, we have full visibility of what’s happening behind the firewall, as well as on machines that penetration tests miss. That’s the biggest difference between Orca and legacy security tools.”

Automated scanning, monitoring, and alerting is a must-have. No matter the size of our staff, it can’t be covered manually anymore.”
Dario Vuljanic

Head of Engineering

A 99% savings in time and effort through increased security posture

One example of how Orca was extremely helpful was when the zero-day Log4j vulnerability was announced. “That was a real eye-opener,” Vuljanic says. “I understand Log4j is often nested in something else, so if you don’t have a deep inventory of your cloud estate, you could miss it. Legacy security scanning tools can’t provide results within minutes like Orca does. It saved us 99% of the time and effort we would have expended using other tools. Without Orca, it would have been difficult to discover if our production environment was vulnerable.” 

Orca has improved Rods&Cones’ security posture. The company is doing many more vulnerability checks today and probes much deeper into systems. And Orca aggregates all that information in a single view.

Being able to scan for possible exposure to the Log4j vulnerability within minutes was the absolute confirmation of the power of Orca Security.”
Dario Vuljanic

Head of Engineering