Orca Security Automation & Customization Datasheet
Learn how Orca prioritizes, customizes and integrates alerts into your existing workflows to expedite remediation, improve efficiency and maintain regulatory compliance.
Reinventing Security for the Cloud Whitepaper
Orca introduces a revolutionary single platform for cloud security that covers all assets across your cloud estate, delivers prioritized alerts in context, and helps you to meet compliance mandates.
Orca Security Platform Overview
Read how Orca’s agentless approach and robust capability set replaces many of the point solutions previously needed to secure your cloud estate and maintain regulatory compliance now and in the future.
Use these questions to make an informed decision and make sure you include the relevant questions below in any public cloud security vendor RFP.
White Paper
The 7 questions you MUST ask your cloud security vendor
Seven questions you need to ask when responding to any cloud security vendor’s RFP.
Gartner Cool Vendor 2021
Orca Security: A Cool Vendor. Cool Category. Cool Customers.
Orca named 2021 Gartner Cool Vendor in Cloud Security Posture Management (CSPM).
Orca Security Video: Cloud Security Deserves Better
In 3-minutes, learn why legacy agent-based cloud security solutions don't pass muster anymore, and how Orca's radical new approach provides 100% coverage and surfaces the most important risks.
Orca Literature
Orca Security Solution Overview
Solution Overview on how Orca provides workload-deep, context-aware, agentless security and compliance for the Cloud.
Orca Literature
Agentless, Workload-Deep, Context-Aware Security for AWS
This partner brochure shows how Orca is partnering with AWS to help enterprises answer key questions about every layer of their cloud estate to detect risks in minutes.
How to Evaluate Agentless Cloud Security Vendors
7 Questions You MUST Ask Your Agentless Cloud Security Vendor
Tell me your secrets: Serverless Secrets in AWS Lambda
Orca research study: 26% of AWS Lambda functions contain secrets in their environment variables.
Orca Bytes: Focus on Compliance Standards
Orca Security now supports more compliance standards and a flexible way to create your own.
Orca Bytes: Multi-account Onboarding
Orca Security now supports multi-account onboarding and synchronization to ensure consistent visibility and governance as you grow!
Tag Cyber Vendor Landscape and TCO Analysis: Cloud Security
This TAG Cyber paper dives into how Orca’s platform can achieve workload-deep, cloud-wide visibility, strengthen cloud security postures, and reduce TCO.
Orca Bytes: Mergers and Acquisitions
Orca is perfectly suited for the auto-discovery of new infrastructure and associated risks when managing through mergers and acquisitions.
Orca Bytes: Malware Detection
Orca is purpose built to find both regular and advanced malware that tries to change itself to avoid detection.
Context Matters! Not All Security Alerts Are the Same
Security operations teams are drowning in improperly risked alerts lacking actionable details. Learn how Orca scores risks based on real world context.
Orca Bytes: New JIRA Integration
Orca Security's newly overhauled JIRA Integration allows for multiple flows that are fully configurable for what each team wishes to see.
CentOS Linux 8 End-of-Life: Identifying Risks
Red Hat announced the end of life for CentOS Linux, including v8. This has users struggling to identify where and how to update their platforms.
Orca Bytes: Orca Security and DevOps
Orca Security is purpose-built with DevOps values and fits easily into your existing processes.
Cloud Security Punch-Out! — Check Point CloudGuard vs Orca Security
In this match, we put CheckPoint CloudGuard into the ring. CheckPoint CloudGuard is largely based on the acquisition of Dome9 Security in 2018, and is a cloud security posture manager (CSPM).
Orca Bytes: File Integrity Monitoring
Agentless File Integrity Monitoring (FIM) provides full coverage of your cloud, helping solidify compliance measures.
Cloud Security Punch-Out! – Rapid7 InsightVM vs Orca Security
In this match, we put Rapid7 InsightVM into the ring. Rapid7 InsightVM uses a combination of workload agents and network scanners. Rapid7 scanners support many compliance standards.
Cloud Security and Compliance for Financial Services
Orca Security has unique capabilities built specifically to respond to the public cloud security and compliance needs of global financial services customers.
Cloud Security Punch-Out! – Orca Security vs Prisma Cloud
In this match, we put both Palo Alto Networks Prisma Cloud and Prisma Cloud Compute in the ring. Compare the ease of deployment and coverage, as well as how alert findings reduce risk.
A New Approach to Public Cloud Security
Learn about Orca Security’s Revolutionary Approach in 8 Minutes
Orca Security Overview
Meet Alice. Alice deploys Orca in less than five minutes so she can get work-load level security and visibility across 100% of her public cloud environment.
Technical White Paper
SideScanning™ Technical Brief – Inside the Engine that Powers Orca Security
Delivered as SaaS, Orca’s SideScanning™ technology reads your cloud configuration and workloads’ runtime block storage out-of-band.
451 Research Report on Orca Security’s Light, Agentless Approach to Cloud Security
“Orca’s combination of SaaS delivery, SideScanning technology, and access to cloud configuration APIs provides security visibility and context into different aspects of cloud security with less friction than agent-based approaches.”   Fernando Montenegro Principal Analyst, Information Security 451 Research
Cloud Security Punch-Out! — Orca Security vs Qualys Cloud Platform
In this match, we put Qualys Cloud Platform into the ring. Qualys has added some CSPM features and the majority of the platform is experienced through Qualys Cloud Agents and scanners.
Comparing Cloud Asset Visibility Solutions
See how agent-based solutions, unauthenticated network scanners, authenticated network scanners, and cloud security posture managers (CSPMs) compare to Orca Security
2020 Winner of 20X20 Innovation Challenge
Watch Gil Giron, co-founder and chief product officer, deliver his on stage presentation which won the 20X20 Innovation Challenge.
PCI-Compliant Workloads in the Cloud without deploying agents
Proving PCI-DSS compliance for cloud workloads still falls on the organization, as it has in the on-prem world. Here are the PCI requirements and how to meet them without installing any agents.
Identify Lateral Movement Risks in Your Cloud (Pre-Breach)
Orca Security has developed a unique way to detect weak passwords and protect our clients from brute-force, password-stuffing, and password-spraying attacks.
How Orca’s Cloud Security Solution Detects Weak Passwords
Orca Security has developed a unique way to detect weak passwords and protect our clients from brute-force, password-stuffing, and password-spraying attacks.
Orca Security: Deep Cloud Inspection
Have questions about Orca Security's technology? Watch Eric Gold hammer Orca's CEO with one question after another until he (and you) understand Orca's radical approach to public cloud security.
An MRI for Your Cloud Environment
Orca Security is like an MRI for your cloud in that it reads your cloud's "particles" to give a complete view of your cloud security risks without invasive agents or network scanners.
Not all Risks are Equal: Why Context Matters in Cloud Security
By combining data collected from your infrastructure and control planes, Orca builds a unified view of your assets in order to detect and prioritize vulnerabilities.
The Ultimate Guide to AWS, Azure, and GCP Cloud Asset Visibility
Conventional cloud visibility tools have blind spots. This ultimate guide covers the pros and cons of conventional approaches and includes a comprehensive solutions comparison matrix.

Download our eBook