Cloud Security Use Cases
How AI-Powered Cloud Security is Helping Solve Five Industry Problems
In cloud security, speed is of the essence. Organizations need speed to stay ahead of the attackers who are constantly...
Blog
Orca Platform
Orca Security: A Strong Performer in the 2024 Forrester Wave™ for Cloud Workload Security
At Orca Security, we’re on a mission to make it fast, easy, and cost effective for organizations to address the...
‘Orca Watch’ Series
‘Leaky Vessels’ Docker Vulnerabilities Found in Many Cloud Environments: RunC (60%) and BuildKit (28%)
On January 31st, Snyk unveiled the discovery of four novel container vulnerabilities that target the runC and BuildKit components within...
Research
Azure HDInsight: The Sequel – Unveiling 3 New Vulnerabilities That Could Have Led to Privilege Escalations and Denial of Service
Orca has discovered three new vulnerabilities within various Azure HDInsight third-party services, including Apache Hadoop, Spark, and Kafka. These services...
‘Orca Watch’ Series
Jenkins Vulnerability Estimated to Affect 43% of Cloud Environments
On January 24th, Jenkins, a widely used open source CI/CD automation tool, released a security advisory regarding a new critical...
Technical Deep Dives
Diving into Exploit Prediction Scoring System (EPSS) for Effective Vulnerability Management
Publicly disclosed computer vulnerabilities are compiled into a list called Common Vulnerabilities and Exposures (CVE). To understand the severity of...
‘Orca Watch’ Series
How to Protect Against Midnight Blizzard-Style Kill Chains
Last week, Microsoft revealed that the Russia-based threat actor group known as Midnight Blizzard, Cozy Bear, and APT29 had compromised...
Discovered Vulnerabilities
Sys:All: How A Simple Loophole in Google Kubernetes Engine Puts Clusters at Risk of Compromise
The Orca Research Pod has uncovered a dangerous loophole in Google Kubernetes Engine (GKE) that could allow an attacker with...
Discovered Vulnerabilities
How the Sys:All Loophole Allowed Us To Penetrate GKE Clusters in Production
Following our discovery of a critical loophole in Google Kubernetes Engine (GKE) dubbed Sys:All, we decided to conduct research into...
