Discover and Prioritize Cloud IAM Risk

Orca detects, prioritizes, and continuously monitors for common and obscure identity and access management (IAM) misconfigurations across your public cloud estate to meet stringent IAM compliance mandates and improve your cloud security posture.

State of Public Cloud Security Report

2022 State of Public Cloud Security Report

Discover and Prioritize Cloud IAM Risk


Loose permissions sink ships

Poor identity and access management hygiene is a top cause of intentional and accidental exposures in public cloud environments. Threat actors are constantly looking for ways to exploit IAM misconfigurations such as overly permissive identities, poor password and credential practices, and accidental public exposure.

Shrink your attack surface with good IAM hygiene

Shrink your attack surface with good IAM compliance hygiene

Orca employs multiple methods to identify poor password hygiene, including commonly used passwords, complex passwords that are reused across multiple applications and services, and highly secure passwords that have been leaked.

  • Orca scans all workloads — including IT scripts — for weak or encrypted passwords that an attacker might use in the course of lateral movement.
  • Orca performs fuzzy searches on account usernames and passwords using our extensive and frequently updated commonly used and leaked password database.
  • Orca ensures password policy settings in your cloud meet industry guidelines around the use of MFA, minimum password length, use of special characters, password age, password reuse, and more.
Screenshot of Orca Security's weak host password findings and alerts
Screenshot of Orca Security's weak encryption key findings and alerts

Find insecurely stored keys before attackers do

Orca scans your entire cloud estate for exposed keys, passwords in shell history, vulnerabilities, and other information that an attacker can leverage to move laterally in your environment.

  • Orca scans each machine’s file system for private keys and creates hashes of all discovered keys. Then Orca scans all other assets for authorized public key configurations with matching hashes.
  • Orca surfaces key-related information including paths to insecurely stored keys,  workloads that can be accessed with exposed keys, and stored user accounts and permissions.
  • Orca discovers any remote access keys, including cloud service provider keys, SSH keys, and more, that might allow attackers to access additional sensitive resources.

Take control
of your identities

Orca’s CIEM dashboard helps organizations understand the relationship between access rights and cloud resources. Orca alerts when overly permissive identities are found and prioritizes them according to potential business impact.

  • Orca monitors all identities, roles, groups, permissions, and policies deployed in your cloud environment.
  • Orca alerts teams when security best practices, such as the principle of least privilege, are not adhered to.
  • Get answers to questions such as: “Which human and machine identities have access to this Google Standard Storage resource?” or “Which AWS EC2 instances have access to an S3 bucket with PII data?”
Screenshot of Orca Security's identity activity dashboard displaying top risks

Orca helps you avoid uncomfortable conversations with your auditors


North America



cloud environment

AWS, GCP, Azure

“Anything that impacts development is going to be met with resistance. But with Orca SideScanning there is zero impact on systems. It’s also easy to use.”

Jonathan Jaffe CISO

Read the Case Study

Tel Aviv, Israel



cloud environment


“Orca Security has raised the standards of how we identify, prioritize, and solve risks within our cloud environment.”

Tomer Kazaz Co-Founder and CTO

Read the Case Study