CISO Corner
Telling Fairy Tales to Your Board
At RSAC 2023, Oren Sade and I will be presenting a delightful talk about how to take a technical analysis...
Blog
CISO Corner
Baby Gates in the Cloud: Beginning Your Secure Digital Transformation in the Cloud
The security industry spends a lot of ink (or electrons) telling CISOs how to secure their cloud estates, but there...
Life at Orca
Pod Spotlight: Gal Lotem
Life at Orca Security revolves around the Pod - the people who have joined Orca’s mission to make the cloud...
Orca Platform
Three Examples of How Orca’s Cloud Discovery Supports Data-Driven Security Decisions
Visibility is a foundation of any cloud security platform. Security teams need to easily identify—both broadly and granularly—all of their...
Discovered Vulnerabilities
From listKeys to Glory: How We Achieved a Subscription Privilege Escalation and RCE by Abusing Azure Storage Account Keys
Here at Orca Security, our team of cloud researchers are continually pushing the cloud security limits to ensure that we...
Orca Platform
Coming Full Circle: Tracing Cloud Security Issues Back to Code Origins
The cloud security landscape is constantly evolving, and traditional approaches to security may no longer be effective in today's fast-paced...
Pod Spotlight: Tohar Braun
Life at Orca Security revolves around the Pod - the people who have joined Orca’s mission to make the cloud...
Discovered Vulnerabilities
Super FabriXss: From XSS to an RCE in Azure Service Fabric Explorer by Abusing an Event Tab Cluster Toggle (CVE-2023-23383)
Today, at BlueHat IL 2023, we proudly announced our discovery of a new vulnerability in Azure, which we've dubbed 'Super...
Orca Platform
Enabling DevSecOps: Meet the Orca GitHub App
For security teams, the benefits of integrating security scanning and policy enforcement into CI/CD pipelines is obvious. The more we...
