Cloud Security Learning
What is Serverless Security?
Table of contentsWhat is serverless computing and how does it work?A brief history and timeline of serverlessThe benefits of serverless...
Blog
Application Security
What is DevSecOps?
Table of contentsWhat does DevSecOps stand for?History of DevSecOpsWhat does DevSecOps entail?Why do you need DevSecOps?How can you implement DevSecOps?DevSecOps...
Orca Platform
Zen and the Art of Vulnerability Prioritization
If you're trying to patch every high and critical severity vulnerability, you're probably about as effective as patching none of...
Orca Platform
Orca Security Partners with Snyk to Trace Cloud Runtime Risk Data to Code Origins
Today, cloud native security leaders Snyk and Orca Security are announcing a strategic partnership to deliver integrations to their customers...
Technical Deep Dives
Watch the Typo: Our PoC Exploit for Typosquatting in GitHub Actions
In the world of software development, automation is a huge time-saver, and GitHub Actions is one of the best tools...
Research
Kubernetes Testing Environment: An Open Source Resilience Platform for EKS, GKE and AKS
It will come as no surprise that Kubernetes deployments are growing exponentially across many industries. According to the Cloud Native...
Cloud Security Learning
What is AI-SPM (AI Security Posture Management)?
Table of contentsAI-SPM DefinedWhy AI-SPM is important in cybersecurity Benefits of AI-SPM Key features of an effective AI-SPM solutionChallenges and considerations in...
‘Orca Watch’ Series
Mitigating CVE 2024-38063: Critical RCE Vulnerability On Windows Systems With IPv6
Microsoft recently advised of a critical TCP/IP Remote Code Execution Vulnerability dubbed CVE 2024-38063, which is a critical unauthenticated Remote...
Orca Platform
Orca Simplifies Azure Policy Creation With Generative AI
We’re pleased to announce that Orca Security now supports AI-generated Azure policies to prevent future cloud security risks and enforce...
