Discover and prioritize cloud IAM risk

Orca detects, prioritizes, and continuously monitors for common and obscure identity and access management (IAM) misconfigurations across your public cloud estate to meet stringent IAM compliance mandates and improve your cloud security posture.
Research report Orca Security 2020 State of Public Cloud Security Report ->
Bad IAM Hygiene?

Loose permissions sink ships

Poor identity and access management hygiene is a top cause of intentional and accidental exposures in public cloud environments. Threat actors are constantly looking for ways to exploit IAM misconfigurations such as overly permissive identities, poor password and credential practices, and accidental public exposure.

Shrink your attack surface with good IAM hygiene

Orca detects and prioritizes identity and access management misconfigurations such as weak and leaked passwords, exposed credentials, and overly permissive identities. Continuous IAM monitoring across your cloud estate prevents malicious and accidental exposure.

Discover weak and or leaked passwords in the cloud

Orca employs multiple methods to identify poor password hygiene, including commonly used passwords, complex passwords that are reused across multiple applications and services, and highly secure passwords that have been leaked.

  • Orca scans all workloads — including IT scripts — for weak or encrypted passwords that an attacker might use in the course of lateral movement.
  • Orca performs fuzzy searches on account usernames and passwords using our extensive and frequently updated commonly used and leaked password database.
  • Orca ensures password policy settings in your cloud meet industry guidelines around the use of MFA, minimum password length, use of special characters, password age, password reuse, and more.

Find insecurely stored keys before attackers do

Orca scans your entire cloud estate for exposed keys, passwords in shell history, vulnerabilities, and other information that an attacker can leverage to move laterally in your environment.

  • Orca scans each machine’s file system for private keys and creates hashes of all discovered keys. Then Orca scans all other assets for authorized public key configurations with matching hashes.
  • Orca surfaces key-related information including paths to insecurely stored keys,  workloads that can be accessed with exposed keys, and stored user accounts and permissions.
  • Orca discovers any remote access keys, including cloud service provider keys, SSH keys, and more, that might allow attackers to access additional sensitive resources.

Take Control
of Your Identities

Orca’s CIEM dashboard helps organizations understand the relationship between access rights and cloud resources. Orca alerts when overly permissive identities are found and prioritizes them according to potential business impact.
  • Orca monitors all identities, roles, groups, permissions, and policies deployed in your cloud environment.
  • Orca alerts teams when security best practices, such as the principle of least privilege, are not adhered to.
  • Get answers to questions such as: “Which human and machine identities have access to this Google Standard Storage resource?” or “Which AWS EC2 instances have access to an S3 bucket with PII data?”
Take Control of Your Identities

Orca helps you avoid uncomfortable conversations with your auditors


North America



cloud environment

AWS, GCP, Azure

“Orca has helped reduce my audit effort; for example, I can run reports that show we maintain least privilege controls and that we use multi-factor authentication.”

Jonathan JaffeCISO

Read the case study