Orca Security provides instant-on security and compliance for AWS, Azure, GCP, and Docker / Kubernetes
At Orca Security, their innovative Cloud Security Platform enables companies to scale in the cloud with confidence and close the loop on alerts faster than ever before. The Orca Platform is the first cloud-native application protection platform (CNAPP). Automatically links cloud risk detections in production with the development pipeline.
Orca brings together core cloud security capabilities, including vulnerability management, compliance and more in a single, purpose-built solution.
Simplifying cloud security operations for workload and data protection, cloud security posture management, vulnerability management, identities, and compliance management. Scanning database files (Oracle, SQL Server, My SQL etc) for PII and other pattern matches detecting vulnerabilities, misconfigurations, lateral movement risk, weak and leaked passwords.
How does it work and why it’s different
When performing vulnerability management within cloud environments, most tools take a traditional approach of running code within the environment that they want to scan. However, applying this method has its disadvantages:
- The code being run by the scanner could negatively impact other code on the machine being scanned.
- The scanner has to “catch” the machine while it is booted up (cloud resources are often created and destroyed on schedules or as demand dictates).
- The code (plugin, agent or similar term) that is running on a machine has to be certified for the given operating system.
Orca Security approaches the problem in a completely different way. To start with, Orca just needs read access to the environment to allow it to:
- Perform a compliance audit, against one of many different standards, comparing your configuration and policies to best practices.
- It will take a snapshot of any running machine, and any machine that is started. This ensures that everything is examined, and nothing “slips through the gaps”.
- The snapshot process has no impact on the running machine.
- Once the snapshot is created, Orca examines it from the outside, looking for:
- Vulnerabilities within the environment.
- Malicious software/viruses. As this is from outside the environment it is very easy for Orca to spot rootkits and similar that most endpoint technology cannot find.
- Un-encrypted PII, credit card numbers, secret keys and similar on the disks.
- Any Docker/Kubernetes images and perform a vulnerability scan within these.
- Everything is then populated into a reporting engine with attack path analysis for the user to explore.
What to do next
Interested in a quote, or the opportunity to talk through your requirements further?
S4 Applications will work with your business to help you understand what Orca Security can offer to evaluate your attack surface, priorities, and goals and develop a roadmap to deploy the right solution for your needs.
Where does your cloud security strategy stand?
Orca Security delivers a more effective malware scan because it is not on the same OS as the malware, providing a side scan of images, no agents required.
