Orca Security Video: Cloud Security Deserves Better


Hello, my name is Avi Shua, CEO, and co-founder of Orca Security. I alongside seven former Check Point executives and architects co-founded Orca two years ago. Even though Orca is only 2 years old, we already have more public customer logos than companies 10 times our size. We made a splash recently when Palo Alto Networks tried to use legal threats to prohibit us from comparing our capabilities to theirs.

For decades before Orca, there were de facto two delivery methods for cybersecurity, endpoint-based and network-based. Then cloud computing came, agents and scanners weren’t enough as they don’t cover the configuration of the cloud itself. So the industry invented cloud security posture managers or CSPMs, which look at the cloud configuration. But cloud workloads are essentially a black box for them. For that, we’re told to use agents and network scanners as we did in the ’90s.

This patchwork of combining CSPMs and agents had two primary deficiencies. First, agents simply don’t work for the cloud. They’ve got incredibly high TCO and cause lots of organizational friction. Worse, ephemeral workloads may run for a few minutes only before an agent can even manage to wake up and do anything. Second, this siloed approach to security means that each security tool sees only one part of the puzzle. Security practitioners need to combine all of the pieces themselves and this is not feasible.

To address these shortcomings, Orca invented a unique patent-pending technology called SideScanning. SideScanning enables Orca to dip into the workloads without any of the operational costs and limitations associated with agents, network scanners, or CSPMs. Literally, zero packets are sent, zero code runs in your environment. SideScanning works by collecting data directly from the workloads run time block storage in an out-of-band manner. This means that after a quick one-time deployment, we surface the most important risks, vulnerabilities, malware, misconfiguration, and more both in the workload and in the cloud configuration, all while guaranteeing 100% coverage. This was simply not possible before Orca.

At Orca, we understand that risk is much more than the severity score of the underlying issue. In real life, it depends also on the exposure and the business impact of the at-risk assets. The Orca security platform builds a graph that encompasses all of the cloud assets, the risk, connectivity, and trust. Then we use this graph to prioritize the risk based on all of these factors. In real-life environments, this allows us to reduce the number of critical alerts by three or four orders of magnitude compared to siloed tools that simply don’t take risk exposure or the blast radius into consideration. To secure the cloud, we must not rely on friction-inducing technologies from the ’90s that frankly, didn’t work well back then and certainly are not going to work now. Cloud security deserves better. It deserves Orca Security.

Get deeper visibility at a fraction of the operational cost of agent-based solutions. See for yourself.