Research Archives | Orca Security

Azure Machine Learning Escalation: When Pipelines Go Off the Rails

Microsoft Azure

Azure Machine Learning Escalation: When Pipelines Go Off the Rails

Table of contentsExecutive summaryA quick introduction to Azure Machine LearningHow AML pipelines are commonly usedHow the privilege escalation vulnerability could...

Ofir Yakobi

Jul 02, 2025

Improved Cloud Understanding by Connecting Amazon Q to the Orca MCP Server

Orca Platform

Improved Cloud Understanding by Connecting Amazon Q to the Orca MCP Server

When we first announced the Orca MCP Server, we showed some examples with Claude and with Cursor. In this blog,...

Irad Aharoni Ashleigh Lee

Jun 16, 2025

2025 State of Cloud Security Report: Cloud Risks Surge Amid Expanding AI Adoption

Cloud Security Insights

2025 State of Cloud Security Report: Cloud Risks Surge Amid Expanding AI Adoption

Today, we’re excited to release the 2025 State of Cloud Security Report, which reveals deep insights uncovered by the Orca...

Bar Kaduri Shir Sadon Todd Stansfield

Jun 05, 2025

Report

2025 State of Cloud Security Report

In-Depth Research 2025 State of Cloud Security Report Hunting threats in the age of relentless risk Get the Report Billions...

Jun 05, 2025

CVE-2025-31324 Exploited in the Wild: What We’ve Found in the Aftermath

Research

CVE-2025-31324 Exploited in the Wild: What We’ve Found in the Aftermath

In late April 2025, SAP disclosed CVE-2025-31324, a critical vulnerability in SAP NetWeaver’s Visual Composer development server. The flaw—stemming from...

Yonatan Broder

May 21, 2025

Bringing Memory to AI: A Look at A2A and MCP-like Technologies Across Platforms

Research

Bringing Memory to AI: A Look at A2A and MCP-like Technologies Across Platforms

Over the last year, we've witnessed a pivotal shift in how large language models (LLMs) are used - not just...

Ofir Yakobi Shir Sadon

May 19, 2025

Discovered Vulnerabilities

Kubernetes CRD Abstraction Risks in kro

Executive Summary: The Orca Research Pod has discovered CVE-2025-48710 in kro (Kube Resource Orchestrator) where an attacker could introduce a malicious CustomResourceDefinition...

Roi Nisimi

May 13, 2025

CVE is Not Dead, Yet: MITRE CVE Program Status in 2025

Cloud Security Insights

CVE is Not Dead, Yet: MITRE CVE Program Status in 2025

Yesterday, MITRE executives announced that the MITRE CVE database may go dark due to a funding gap starting from today,...

Bar Kaduri

Apr 16, 2025

Innovating with GenAI to Put Cloud Telemetry at Your Fingertips: Powered by Model Context Protocol, created by Anthropic, and Orca

Orca Platform

Innovating with GenAI to Put Cloud Telemetry at Your Fingertips: Powered by Model Context Protocol, created by Anthropic, and Orca

Generative AI is fundamentally changing how we work, expanding human creativity and optimizing productivity across the search-summarize-synthesize workflow we use...

Irad Aharoni Oren Sade Ashleigh Lee

Apr 03, 2025

Research

Azure Machine Learning Escalation: When Pipelines Go Off the Rails

Improved Cloud Understanding by Connecting Amazon Q to the Orca MCP Server

2025 State of Cloud Security Report: Cloud Risks Surge Amid Expanding AI Adoption

2025 State of Cloud Security Report

CVE-2025-31324 Exploited in the Wild: What We’ve Found in the Aftermath

Bringing Memory to AI: A Look at A2A and MCP-like Technologies Across Platforms

Kubernetes CRD Abstraction Risks in kro

CVE is Not Dead, Yet: MITRE CVE Program Status in 2025

Innovating with GenAI to Put Cloud Telemetry at Your Fingertips: Powered by Model Context Protocol, created by Anthropic, and Orca

Cloud Security Platform

Technology Ecosystem

By Solution

By Industry

Comparisons