Orca Security Announces the Second Generation of its Platform to Advance Financial Services Cloud Deployments and Ease Compliance Efforts

Top Financial Services Firms Partner with Orca Security to Secure their Public Cloud Environments

LOS ANGELES – October 29, 2020 – Orca Security today announced the second generation of its cloud security platform, featuring unique capabilities built specifically to respond to the public cloud security and compliance needs of global financial services customers. The new solutions are designed to help organizations in highly regulated industries use the public cloud to innovate safely, while staying in compliance with stringent regulations.

“In the race to create a digital-first model during COVID-19, financial services organizations must be able to innovate quickly and securely, while complying with regulations,” said Avi Shua the CEO and co-founder of Orca Security. “The rapid digitization of services coupled with increased cloud adoption opens financial organizations to incredible risk. With Orca Security, they gain the full cloud coverage and insights they need without agents to maximize compliance and security confidence to meet the tsunami of regulations on the horizon. It’s been gratifying to see our financial services customers reduce their cloud security project timelines from months and years to days or weeks.”                                                

In addition to uncovering critical risks, Orca Security is advancing how organizations can improve their public cloud security to easily comply with financial and data privacy regulations, such as the Payment Card Industry Data Security Standard (PCI-DSS), CIS benchmarks, FDIC mandates, the General Data Privacy Regulation (GDPR), System and Organization Controls (SOC 2), Europe’s Payment Services Directive (PSD2) and more. On top of providing comprehensive security for their sprawling cloud estate, Orca Security helps companies show regulators that they can identify and protect PII as well as detect vulnerabilities, malware, and improperly secured secrets in one solution.

New Orca Security Features for Financial Services

Financial organizations must be able to continuously monitor and improve the security of their AWS, Microsoft Azure, and Google Cloud Platform accounts without using agents. Previously, this level of security required installing agents on all cloud workloads, which was time intensive and could result in missed attack vectors. Orca Security offers the first agentless technology that enables organizations to conduct complete real-time assessments to identify vulnerabilities, misconfigurations, malware, lateral movement risk, weak and leaked passwords, unsecured PII, and other threats across all cloud workloads, and to remain in compliance with regulations.

Some of the key new Orca Security features for the financial services industry include:

  • Full Agentless PCI Compliance: Orca Security has created the first agentless cloud security solution to cover all major PCI-DSS requirements and provide coverage for all cloud resources, storage, and databases. Companies can now have vulnerability management, anti-malware, and file integrity monitoring across 100 percent  of their public cloud assets in less than five minutes with no agents needed. Learn more.
  • Comprehensive CIS: Orca Security continuously verifies the hardening of cloud environments against industry-standard CIS benchmarks, encompassing both the cloud configuration and the included workloads, such as Windows, RHEL, Amazon Linux, CentOS, Debian, Ubuntu, Docker, Apache, Tomcat, K8S, and more. 
  • Orca Pod: Hybrid-SaaS version of Orca Security that allows the SideScanning process to happen within the customer’s environment. This new deployment option enables companies to keep their raw data in its closed environment, while only transferring metadata to Orca Security for risk analysis.

“Our bank needs to innovate securely, in real-time, and while remaining in the bounds of regulations,” said Thomas Hill, the chief information security officer for Live Oak Bank. “Orca Security has been essential to this goal. It not only scans our entire cloud infrastructure for vulnerabilities, but also looks for PII data loss, viruses, and more. It does it all while saving us time and money.”

Orca Security built its new product features to enable its rapidly growing customer base of leading financial services organizations to innovate securely around the world. In 2020, the company has added many top global financial services organizations to its roster spanning banking, payment solutions, marketplaces, insurance, and accounting technologies, including Live Oak Bank, Rapyd, Cake, Paidy, MRS BPO, Payoneer, North American Bancard, and more.

Orca Security also closely collaborated with its advisory board and Silicon Valley CISO Investments (SVCI), a group of 50 prominent security leaders from across the industry, who have personally invested their capital and deep expertise. SVCI helped to provide feedback and counsel on Orca Security’s product development to ensure its new security features and Orca Pod deployment option are the most beneficial for customers.

Additional Resources:

About Orca Security

Orca Security provides cloud-wide, workload-deep security and compliance for AWS, Azure, and GCP - without the gaps in coverage, alert fatigue, and operational costs of agents.

Unlike legacy tools that operate in silos, Orca treats your cloud as an interconnected web of assets, prioritizing risk based on severity, exposure, and impact. This does away with thousands of meaningless security alerts to provide just the critical few that matter, along with their precise path to remediation. 

Find critical attack vectors before your adversaries without having to cobble together disparate tools for cloud services, containers, and datastores. Delivered as SaaS, Orca Security’s patent-pending SideScanning™ technology reads your cloud configuration and workloads’ runtime block storage out-of-band, detecting vulnerabilities, malware, misconfigurations, lateral movement risk, weak and leaked passwords, and unsecured PII.

Orca Security deploys in minutes ﹣ not months ﹣ because no opcode runs within your cloud environment. With Orca, there are no overlooked assets, no DevOps headaches, and no performance hits on live environments.

Connect your first cloud account in minutes and see for yourself. Visit https://orca.security/resources