Orca Security Adds Agentless Cloud Detection and Response to Stop Attackers from Exposing Sensitive Data

The Orca Platform leverages anomaly detection via machine learning, combined with continuous monitoring of cloud feeds, workloads, data, identities and configurations, to enable security teams and SOC analysts to quickly detect and respond to attacks

PORTLAND, OR – July 19, 2022 – Orca Security, the cloud security innovation leader, today added Cloud Detection & Response (CDR) capabilities to its agentless Cloud Security Platform to help organizations detect, investigate, and respond to in-progress attacks. The Orca Platform analyzes cloud provider logs and threat intelligence feeds using machine learning and rules-based heuristics, while also providing automated remediation to prevent security issues from progressing across the software development lifecycle (SDLC). 

The need for a new approach to counter rising cloud attacks is critical. According to IDC, in 2021, 98 percent of companies experienced a cloud data breach in the last 18 months, up from 79 percent in 2020. Orca Security Cloud Detection & Response capabilities are uniquely designed to solve this challenge by monitoring for risks and threats across the full cloud attack surface. By providing Security Operations Center (SOC) and Incident Response (IR) teams with contextualized data on potentially malicious events, security teams can accelerate investigation, triage, and respond to threats in the cloud.

Orca Security combines this information with its fully contextualized insights into cloud workloads and configurations to quickly identify the threats that need immediate attention. By leveraging anomaly detection based on cloud native applications combined with user activity, security teams can identify the threats that pose the greatest risk to applications and crown jewel assets to remediate them quickly and effectively from a single cloud security platform.

“With our new Cloud Detection and Response capabilities, we are greatly expanding the scope of the Orca Cloud Security Platform,” said Avi Shua, CEO and co-founder of Orca Security. “By leveraging heuristics and anomaly detection capabilities encompassing both workloads and cloud native activity, organizations can, for the first time, have 100 percent agentless coverage against all kinds of cloud attacks.”

A Gamechanger for Mitigating Cloud Attacks

Orca Security is the first agentless platform to combine anomaly detection and heuristics to cover the entire cloud native application attack surface–including cloud configuration, workload, data, network, and identity layers–in a unified data model to understand full risk context and which events potentially endanger the organization’s most critical assets.

“Identifying and responding to cloud threats is a difficult challenge for any organization. At Paidy, we trust Orca Security today for key capabilities like cloud vulnerability management and continuous compliance,” says Jeremy Turner, Deputy CISO and Senior Cloud Security Engineer at Paidy. “The added Cloud Detection and Response dashboard and capabilities strengthen the Orca Cloud Security Platform to continue scaling our cloud security efforts at Paidy.”

With Orca’s CDR capabilities, organizations can detect, investigate, and respond to cloud attacks: 

  • Detect: Orca continuously monitors for cloud vulnerabilities and misconfigurations, as well as malware, identity and access management (IAM) risks, lateral movement risks, sensitive data exposure, and more. It also knows exactly when to alert security teams, and avoids over alerting about insignificant issues, reducing alert fatigue, and potentially missed critical issues.
  • Investigate: Security teams can research malicious activity with Orca’s new CDR dashboard to quickly understand whether the events indicate an attack and if any of the organization’s critical assets are in danger.
  • Respond: Organizations can remediate cloud attacks by leveraging Orca’s automated steps to quickly prevent attacks efficiently. Orca also integrates with SIEM and SOAR solutions for fast investigation and remediation (e.g., Splunk, Sumo Logic, IBM Qradar, Torq, and Bringa) and offers several ticketing and notification integrations with providers such as Slack, PagerDuty, ServiceNow, and Jira.

Meet Orca Security at AWS re:Inforce

The Orca Security team is available to meet and conduct live demos of its new CDR capability at AWS re:Inforce on July 26-27, 2022, in Boston. Stop by booth #502 on the Expo floor, and schedule a meeting here to learn more.

Additional Resources

  • Attend Cloud Security LIVE 2022, Orca’s virtual summit featuring Brian Krebs, Andy Ellis, and IT security leaders on Thursday, July 28, 2022

About Orca Security

Orca Security is the industry-leading agentless Cloud Security Platform that identifies, prioritizes, and remediates risks. Orca connects to your environment in minutes with patent-pending SideScanning technology to provide complete coverage across vulnerabilities, malware, misconfigurations, lateral movement risks, weak and leaked passwords, and overly permissive identities. Founded in 2019, Orca is trusted by hundreds of customers globally, including Databricks, Autodesk, NCR, Gannett, and Robinhood. Connect your first account in minutes: https://orca.security or take the free cloud risk assessment.