Orca Security, added Cloud Detection and Response (CDR) capabilities to its agentless Cloud Security Platform to help organizations detect, investigate, and respond to in-progress attacks.
The Orca Platform analyzes cloud provider logs and threat intelligence feeds using machine learning and rules-based heuristics, while also providing automated remediation to prevent security issues from progressing across the software development lifecycle (SDLC).
The need for a new approach to counter rising cloud attacks is critical. According to IDC, in 2021, 98 percent of companies experienced a cloud data breach in the last 18 months, up from 79 percent in 2020. Orca Security Cloud Detection & Response capabilities are uniquely designed to solve this challenge by monitoring for risks and threats across the full cloud attack surface. By providing Security Operations Center (SOC) and Incident Response (IR) teams with contextualized data on potentially malicious events, security teams can accelerate investigation, triage, and respond to threats in the cloud.
Orca Security combines this information with its fully contextualized insights into cloud workloads and configurations to quickly identify the threats that need immediate attention. By leveraging anomaly detection based on cloud native applications combined with user activity, security teams can identify the threats that pose the greatest risk to applications and crown jewel assets to remediate them quickly and effectively from a single cloud security platform.
“With our new Cloud Detection and Response capabilities, we are greatly expanding the scope of the Orca Cloud Security Platform,” said Avi Shua, CEO and co-founder of Orca Security. “By leveraging heuristics and anomaly detection capabilities encompassing both workloads and cloud native activity, organizations can, for the first time, have 100 percent agentless coverage against all kinds of cloud attacks.”
A game changer for mitigating cloud attacks
Orca Security is the first agentless platform to combine anomaly detection and heuristics to cover the entire cloud native application attack surface–including cloud configuration, workload, data, network, and identity layers–in a unified data model to understand full risk context and which events potentially endanger the organization’s most critical assets.
“Identifying and responding to cloud threats is a difficult challenge for any organization. At Paidy, we trust Orca Security today for key capabilities like cloud vulnerability management and continuous compliance,” says Jeremy Turner, Deputy CISO and Senior Cloud Security Engineer at Paidy. “The added Cloud Detection and Response dashboard and capabilities strengthen the Orca Cloud Security Platform to continue scaling our cloud security efforts at Paidy.”
With Orca’s CDR capabilities, organizations can detect, investigate, and respond to cloud attacks:
- Detect: Orca continuously monitors for cloud vulnerabilities and misconfigurations, as well as malware, identity and access management (IAM) risks, lateral movement risks, sensitive data exposure, and more. It also knows exactly when to alert security teams, and avoids over alerting about insignificant issues, reducing alert fatigue, and potentially missed critical issues.
- Investigate: Security teams can research malicious activity with Orca’s new CDR dashboard to quickly understand whether the events indicate an attack and if any of the organization’s critical assets are in danger.
- Respond: Organizations can remediate cloud attacks by leveraging Orca’s automated steps to quickly prevent attacks efficiently. Orca also integrates with SIEM and SOAR solutions for fast investigation and remediation (e.g., Splunk, Sumo Logic, IBM Qradar, Torq, and Bringa) and offers several ticketing and notification integrations with providers such as Slack, PagerDuty, ServiceNow, and Jira.