Industry’s Most Comprehensive Agentless Cloud Security Platform Grows
Orca Security, the innovation leader in the field of cloud security, today introduced new functions to further simplify the implementation of cloud security and compliance. For the first time, security teams can manage their cloud security configuration from a single agentless multi-cloud platform, protect workloads, manage infrastructure permissions, achieve comprehensive compliance, and assess their cloud security. Orca Security’s contextual engine combines the information gathered deep inside the workload with the details of cloud configuration and infrastructure authorization to instantly identify risks and their causes. Other updates to Orca Security include support for more than 40 compliance frameworks and Orca Security Score. This is the first benchmark to help companies compare their multi-cloud security posture with industry peers and within their own business units.
New cloud-Native Application Protection Platform (CNAPP) expands cloud infrastructure management capabilities, adds cloud security benchmarking and support for Kubernetes compliance frameworks
“Identity is a key component of cloud security,” explains Avi Shua, Co-Founder and CEO of Orca Security. “Unlike other cloud security solutions that take an isolated approach to identity risks, Orca Security provides users with a complete overview of their security posture along with contextualized risks such as vulnerabilities, misconfigurations, malware infections, and sensitive data. Orca Security also goes beyond native cloud identities and also considers unmanaged identities deployed as SSH keys and passwords on the workloads themselves. This gives our customers the complete coverage they need for secure innovation in the cloud.“
According to Gartner, “by 2024, companies running cloud infrastructure services will suffer at least 2,300 least privilege policy violations per account per year.” This report also states that “the vast majority of granted permissions are unnecessary in IaaS. More than 95 percent of accounts in IaaS use on average less than three percent of the permissions assigned to them, which significantly increases the attack surface for compromising accounts.“
Orca Security’s CIEM functions go far beyond identity hygiene
Cloud Infrastructure Entitlements Management (CIEM) is an essential function within modern cloud security platforms. Orca Security monitors all identities, roles, groups, permissions and policies deployed in a public cloud environment and alerts teams if there are violations of identity management best practices, such as the principle of least privilege access. Unlike traditional CIEM solutions, which are limited to cloud-managed identities, Orca Security captures unmanaged identities such as private SSH keys, cloud provider keys stored in files, environment variables that contain secrets, and improperly stored passwords that could be used for sideways movement. By combining CIEM, CSPM and CWPP functions in a single CNAPP platform and data model, Orca Security can detect chains of attacks with risky combinations. For example, an infected workload that can take on a highly privileged instance role that allows access to a database of sensitive data is prioritized for immediate remediation.
Industry’s first multi-cloud Security Assessment
Orca Security Score helps security and compliance teams demonstrate the state of their security controls and progress to auditors, senior management, the board, investors and cyber insurance companies. Companies can now compare their cloud security with other companies in the industry or with other business units and measure their progress over time. The Orca Security Score is based on factors such as suspicious activity, the risk of sideways movement, compromised data, vulnerable assets, and the time to resolve critical security issues.
In addition to HIPAA, GDPR, PCI-DSS, SOC 2, NIST, CCPA, FedRAMP, ISO, CIS Docker and others, Orca Security now also supports CIS Kubernetes Benchmarks and the New Zealand Information Security Manual Framework (NZISM).