Latest news with #OrcaSecurity
Business Wire
11-06-2025
- Business
- Business Wire
Orca Security Extends AI Innovation Leadership With Integrated Chatbot and New Detections for AI Security Posture Management (AI-SPM)
PORTLAND, Ore.--(BUSINESS WIRE)-- Orca Security, the leading innovator in agentless cloud security, today launched the latest innovations for Orca AI and new detections to secure sensitive AI training data in cloud-native environments. Orca AI now provides instant access to deep cloud telemetry from the Orca Unified Data Model through a simple, intuitive, chat-like experience to quickly and easily understand cloud security risks and compliance gaps. "We've been the frontrunner in leveraging generative AI to help simplify, accelerate, and enhance cloud security for our customers. The latest Orca AI innovations announced today further deliver on that promise." -- Orca CEO Gil Geron Share Orca's approach is built on a vision of making cloud security easy for everyone who uses the Orca Cloud Security platform. The foundation is Orca's patented SideScanning and Unified Data Model, which provides the broadest and deepest cloud telemetry available in any platform. Orca AI builds on that foundation with a collection of GenAI-powered capabilities, including natural language search and code remediation recommendations to help simplify, accelerate, and enhance cloud security for security and DevOps teams. Through the addition of an in-app chatbot, Orca AI now makes all this intelligence more accessible and actionable. For example, security analysts can ask Orca AI simple questions, such as, 'What are my most critical alerts?' and receive quick summaries, reducing the time to insight. They can then collaborate with Orca AI within the context of an alert to assess the potential impact and recommend the appropriate mitigating controls. Application security teams can also explore more complex problems like, 'Why is this code commit producing a critical alert, and how do I fix it?' Orca AI will explain the issue in plain English and then recommend code snippets to fix the security gap, extending Orca's AI-driven remediation capabilities into the chatbot experience. 'We've been the frontrunner in leveraging generative AI to help simplify, accelerate, and enhance cloud security for our customers,' said Gil Geron, CEO and co-founder at Orca Security. 'At the end of the day, they value solutions that make them more efficient while ensuring their clouds – and the AI applications running on them – are secure. The latest Orca AI innovations announced today further deliver on that promise.' New Sensitive Data Detections in AI-SPM As organizations accelerate their AI adoption, Orca research shows that many are overlooking basic security measures. Orca's 2025 State of Cloud Security report found that 84% of organizations now use AI in the cloud, and 62% of organizations have at least one vulnerable AI package. Through AI-SPM, Orca leverages its agentless SideScanning technology to provide the same visibility, risk insight, and deep data for AI models that it does for other cloud resources. It also addresses use cases unique to AI security, including detecting sensitive data in training sets. Orca enhanced its AI-SPM capabilities with new detections for sensitive data in training models, risk of data poisoning due to editable or replaceable AI training data, and advanced AI misconfigurations mapped to the OWASP LLM Top 10 and OWASP ML Top 10. New graph visualizations make it easy for security teams to understand and quickly remediate the risk to AI training models. These new training model detections will first be made available for Azure Open AI, with AWS Sagemaker, with support for Google Cloud's Vertex AI to follow. Please read Orca's blog to learn more. You can schedule a personalized demo at About Orca Security Orca enables organizations to make cloud security a strategic advantage. With the most comprehensive coverage and visibility across multi-cloud environments, the agentless-first Orca Platform unites teams to eliminate complexities, vulnerabilities and risks. Backed by Temasek, CapitalG, ICONIQ Capital, Redpoint Ventures and others, Orca is trusted by hundreds of organizations, including SAP, Gannett, Autodesk, Unity, Lemonade and Digital Turbine. Connect your first account in minutes: or book a personalized demo.
Business Wire
05-06-2025
- Business
- Business Wire
Orca Security Report Reveals Majority of Organizations Introducing Vulnerable AI Packages into Cloud Environments
PORTLAND, Ore.--(BUSINESS WIRE)-- Orca Security, a pioneer of agentless cloud security, today released the 2025 State of Cloud Security Report, providing critical insight into cloud security risks identified by the Orca Cloud Security Platform. Among the key findings, 84% of organizations now use AI in the cloud, and 62% of organizations have at least one vulnerable AI package. Compiled by the Orca Research Pod, the State of Cloud Security Report identifies consistent sources of risk from billions of cloud assets in AWS, Azure, Google Cloud, Oracle Cloud, Alibaba Cloud and hundreds of thousands of code repositories scanned by the Orca Cloud Security platform. Leveraging unique insights into current and emerging cloud risks, the report reveals the most common yet dangerous risk hotspots and how to mitigate them. 'As the cloud increasingly functions as an accelerator for innovation and growth, cloud security is entering a pivotal moment,' said Gil Geron, CEO and Co-Founder, Orca Security. 'While multi-cloud architectures offer outstanding flexibility and growth, it also makes it harder to maintain consistent visibility and coverage across environments. Add AI adoption to the mix, with organizations rushing to run vulnerable packages in the cloud, and you have a uniquely difficult environment for security professionals. Report Key Findings The Orca Security 2025 State of Cloud Security Report finds that: More cloud innovation brings greater cloud risk: As cloud adoption and cloud-native technologies expand, so too does the volume and severity of cloud risks. Nearly a third of cloud assets are neglected today, and each asset contains on average 115 vulnerabilities. Both are two data points among many others illustrating this troubling trend. Attack surfaces are expanding—and risks are increasingly interconnected: 76% of organizations have at least one public-facing asset that enables lateral movement, turning a single risk into an opportunity for broader compromise. Security teams not only need to defend a growing attack surface, but increasingly interconnected risks. To illustrate, 36% of organizations have at least one cloud asset supporting more than 100 attack paths—giving attackers a direct route to endanger high-value assets. Risks span the entire application pipeline: Cloud security risks aren't confined to runtime environments—they often originate earlier in the application development lifecycle. 85% of organizations have plaintext secrets embedded in their source code repositories. If a repository is exposed, attackers can extract the secrets to access systems, exfiltrate data, and more. Innovation is expanding attack surfaces—and the scale of cloud risks: 84% of organizations are now using AI in the cloud, introducing new risks, including AI-related CVEs that enable remote code execution. Kubernetes adoption adds further complexity—93% of organizations have at least one privileged service account, increasing the potential of a breach. Combined with growing multi-cloud adoption, these trends are reshaping the nature and scale of cloud security challenges. 'The 2025 State of Cloud Security Report shows how the increased software development productivity that comes with using cloud services creates challenges of scale for security teams. Traditional exposures, like neglected cloud assets and exposed sensitive data, continue to grow. At the same time, new challenges are emerging—from the rapid rise of non-human identities to a growing number of AI-related vulnerabilities. The report sheds light on how security teams need to address the expanding attack surfaces for effective cloud security,' said Melinda Marks, Practice Director, Cybersecurity, Enterprise Strategy Group. Additional Resources About Orca Security Orca enables organizations to make cloud security a strategic advantage. With the most comprehensive coverage and visibility across multi-cloud environments, the agentless-first Orca Platform unites teams to eliminate complexities, vulnerabilities and risks. Backed by Temasek, CapitalG, ICONIQ Capital, Redpoint Ventures and others, Orca is trusted by hundreds of organizations, including SAP, Gannett, Autodesk, Unity, Lemonade and Digital Turbine. Connect your first account in minutes: or book a personalized demo.
Business Wire
04-06-2025
- Business
- Business Wire
Orca Security Honored in Notable Capital's Rising in Cyber 2025
PORTLAND, Ore.--(BUSINESS WIRE)-- Orca Security, the pioneer of agentless cloud security, announced today that it has been honored by Notable Capital for its Rising in Cyber 2025. The independent list recognizes the most promising companies shaping the future of security in the eyes of Chief Information Security Officers (CISOs), venture capital investors, and other security leaders. Orca's inclusion on Notable Capital's Rising in Cyber 2025 list validates the fact that as organizations look for a best-in-breed cloud security partner, they are turning to Orca in record numbers. Unlike traditional rankings, Rising in Cyber 2025 honorees were selected through a multi-stage process grounded in real-world validation. Leading cybersecurity venture firms submitted nominations, and nearly 150 CISOs and senior security executives voted on the final list, highlighting the companies solving the most urgent challenges facing today's security teams. "It is a privilege to receive this recognition from the Notable Capital community of security leaders for the second consecutive year,' said Gil Geron, Co-Founder and CEO of Orca Security. 'This validates the fact that as organizations look for a best-in-breed cloud security partner, they are turning to Orca in record numbers. Our focus on securing our customers and making them more productive while pushing the boundaries of innovation allows us to move the market forward.' Orca joins a cohort that has collectively raised over $7.8 billion according to Pitchbook as of May 2025, and is defining the next era of cybersecurity across key areas like cloud security, identity, application security, agentic AI, and security operations. 'The demand for cybersecurity innovation has never been greater. As the underlying technologies evolve and agentic AI reshapes everything from threat detection to team workflows, we're witnessing a shift from reactive defense to proactive, intelligence-driven operations,' said Oren Yunger, Managing Partner at Notable Capital. 'What makes this list special is that it reflects real-world validation—honorees were chosen by CISOs who face these challenges every day. Congratulations to this year's Rising in Cyber companies for building the solutions that modern security leaders truly want and need.' In celebration, honorees will be recognized today at the New York Stock Exchange (NYSE) alongside top security leaders and investors. Orca's inclusion on Notable Capital's Rising in Cyber 2025 list closely follows the company's strategic acquisition of Opus to lead the company's next phase: evolving from observation and prioritization to agentic AI-based remediation and prevention. By integrating Opus' talent and expertise, Orca is the first CNAPP to not only identify and prioritize cloud security risks but also remediate and prevent them autonomously, at scale, and with ease. About Orca Security Orca enables organizations to make cloud security a strategic advantage. With the most comprehensive coverage and visibility across multi-cloud environments, the agentless-first Orca Platform unites teams to eliminate complexities, vulnerabilities and risks. Backed by Temasek, CapitalG, ICONIQ Capital, Redpoint Ventures and others, Orca is trusted by hundreds of organizations, including SAP, Gannett, Autodesk, Unity, Lemonade and Digital Turbine. Connect your first account in minutes: or book a personalized demo. About Rising in Cyber Rising in Cyber is an annual list recognizing the most innovative startups in cybersecurity as determined by nearly 150 leading CISOs and cybersecurity executives. Nomination criteria included private, venture-backed companies with a primary product focus on cybersecurity and the U.S. as a primary market. For more information about the honorees, participating investors, and methodology, visit About Notable Capital Notable Capital is a global venture capital firm based in the U.S. focused on early-to-growth-stage companies in cloud infrastructure and business and consumer applications. The firm invests primarily in the U.S., Israel, Europe, and Latin America. Notable Capital portfolio companies include Affirm, Airbnb, Anthropic, Brightwheel, Drata, Handshake, HashiCorp, Ibotta, Monte Carlo, Neon, Orca Security, Quince, Slack, Stori, Vercel, and more. Notable Capital is a longtime investor in the global cybersecurity sector. Its investments include Bitsight, Descope, Drata, Gem Security (Acquired by Wiz), HashiCorp ($HCP, Acquired by IBM), Nozomi Networks, Orca Security, Torq, and Vdoo (Acq by JFrog), and more. More information can be found at and @notablecap.
Yahoo
04-06-2025
- Business
- Yahoo
Orca Security Honored in Notable Capital's Rising in Cyber 2025
Company named to list for second consecutive year; Recognizes most promising cybersecurity companies endorsed by leading CISOs, venture capitalists, and security figures PORTLAND, Ore., June 04, 2025--(BUSINESS WIRE)--Orca Security, the pioneer of agentless cloud security, announced today that it has been honored by Notable Capital for its Rising in Cyber 2025. The independent list recognizes the most promising companies shaping the future of security in the eyes of Chief Information Security Officers (CISOs), venture capital investors, and other security leaders. Unlike traditional rankings, Rising in Cyber 2025 honorees were selected through a multi-stage process grounded in real-world validation. Leading cybersecurity venture firms submitted nominations, and nearly 150 CISOs and senior security executives voted on the final list, highlighting the companies solving the most urgent challenges facing today's security teams. "It is a privilege to receive this recognition from the Notable Capital community of security leaders for the second consecutive year," said Gil Geron, Co-Founder and CEO of Orca Security. "This validates the fact that as organizations look for a best-in-breed cloud security partner, they are turning to Orca in record numbers. Our focus on securing our customers and making them more productive while pushing the boundaries of innovation allows us to move the market forward." Orca joins a cohort that has collectively raised over $7.8 billion according to Pitchbook as of May 2025, and is defining the next era of cybersecurity across key areas like cloud security, identity, application security, agentic AI, and security operations. "The demand for cybersecurity innovation has never been greater. As the underlying technologies evolve and agentic AI reshapes everything from threat detection to team workflows, we're witnessing a shift from reactive defense to proactive, intelligence-driven operations," said Oren Yunger, Managing Partner at Notable Capital. "What makes this list special is that it reflects real-world validation—honorees were chosen by CISOs who face these challenges every day. Congratulations to this year's Rising in Cyber companies for building the solutions that modern security leaders truly want and need." In celebration, honorees will be recognized today at the New York Stock Exchange (NYSE) alongside top security leaders and investors. Orca's inclusion on Notable Capital's Rising in Cyber 2025 list closely follows the company's strategic acquisition of Opus to lead the company's next phase: evolving from observation and prioritization to agentic AI-based remediation and prevention. By integrating Opus' talent and expertise, Orca is the first CNAPP to not only identify and prioritize cloud security risks but also remediate and prevent them autonomously, at scale, and with ease. About Orca Security Orca enables organizations to make cloud security a strategic advantage. With the most comprehensive coverage and visibility across multi-cloud environments, the agentless-first Orca Platform unites teams to eliminate complexities, vulnerabilities and risks. Backed by Temasek, CapitalG, ICONIQ Capital, Redpoint Ventures and others, Orca is trusted by hundreds of organizations, including SAP, Gannett, Autodesk, Unity, Lemonade and Digital Turbine. Connect your first account in minutes: or book a personalized demo. About Rising in Cyber Rising in Cyber is an annual list recognizing the most innovative startups in cybersecurity as determined by nearly 150 leading CISOs and cybersecurity executives. Nomination criteria included private, venture-backed companies with a primary product focus on cybersecurity and the U.S. as a primary market. For more information about the honorees, participating investors, and methodology, visit About Notable Capital Notable Capital is a global venture capital firm based in the U.S. focused on early-to-growth-stage companies in cloud infrastructure and business and consumer applications. The firm invests primarily in the U.S., Israel, Europe, and Latin America. Notable Capital portfolio companies include Affirm, Airbnb, Anthropic, Brightwheel, Drata, Handshake, HashiCorp, Ibotta, Monte Carlo, Neon, Orca Security, Quince, Slack, Stori, Vercel, and more. Notable Capital is a longtime investor in the global cybersecurity sector. Its investments include Bitsight, Descope, Drata, Gem Security (Acquired by Wiz), HashiCorp ($HCP, Acquired by IBM), Nozomi Networks, Orca Security, Torq, and Vdoo (Acq by JFrog), and more. More information can be found at and @notablecap. View source version on Contacts Susie Dougherty, Marketbridge for Orca Security orca@ Christine Hinton, Notable Capital chinton@
Business Wire
21-05-2025
- Business
- Business Wire
Orca Integrates with AWS Security Hub to Deliver Unmatched Cloud Risk Visibility
PORTLAND, Ore.--(BUSINESS WIRE)-- Orca Security, the pioneer in agentless cloud security, today announced a new integration with AWS Security Hub, delivering advanced cloud security telemetry and context-rich risk insights directly into AWS's centralized security posture management solution. With this integration, security teams can now access Orca's comprehensive cloud risk intelligence within AWS Security Hub, gaining a complete view of risks across all AWS accounts, workloads, APIs, storage buckets, and databases. Organizations are empowered to improve risk prioritization, accelerate investigations, and streamline remediation by understanding which threats in their cloud estate matter most. 'Cloud security teams are challenged to identify risks and prioritize alerts, while requiring the context to act fast to remediate issues,' said Raf Chiodo, Chief Revenue Officer at Orca Security. 'With Orca's rich telemetry now flowing into AWS Security Hub, our customers gain instant clarity to pinpoint the threats that truly endanger their business and take decisive action—without the noise. We are proud to work closely with AWS to make cloud security easy and drive more efficiencies for our mutual customers.' AWS Security Hub serves as the central system for monitoring the security and compliance posture of AWS environments. It aggregates findings from AWS services such as Amazon GuardDuty, AWS Inspector, and AWS Config—as well as integrated third-party solutions like Orca—into a single, unified dashboard to provide continuous monitoring and centralized visibility. Powered by Orca's patented agentless SideScanning technology, the integration prioritizes risks including vulnerabilities, malware, misconfigurations, and lateral movement—across cloud infrastructure, workloads, applications, data, APIs, identities, and more. AWS users benefit from automated actions and rules pushed directly from the Orca Platform to Security Hub, ensuring security teams have immediate, actionable insights in one place. The integration is the latest in a series of collaborations between Orca and AWS, including support for Amazon Bedrock, Amazon GuardDuty and Amazon Security Lake. Named winner of the 2022 Global AWS Security Partner Award, Orca continues to expand its capabilities to help organizations secure their AWS cloud estates end-to-end. Orca supports over 100 AWS services and is available in AWS Marketplace. About Orca Security Orca enables organizations to make cloud security a strategic advantage. With the most comprehensive coverage and visibility across multi-cloud environments, the agentless-first Orca Platform unites teams to eliminate complexities, vulnerabilities and risks. Backed by Temasek, CapitalG, ICONIQ Capital, Redpoint Ventures and others, Orca is trusted by hundreds of organizations, including SAP, Gannett, Autodesk, Unity, Lemonade and Digital Turbine. Connect your first account in minutes: or book a personalized demo.
