Orca Security Launches Cloud Digital Forensics and Incident Response Service to Empower Rapid Investigation of Cloud Incidents

Orca Security, the leader in agentless cloud security, today announced significant new capabilities and services that enable rapid investigation and response to cloud-native infrastructure attacks. With the general availability of cloud digital forensics and incident response services through a new partnership with ModePUSH, organizations can now triage, investigate, and respond to security incidents using intelligence from the Orca Cloud Native Application Protection Platform.

Cloud-native organizations need to secure a wide-ranging cloud attack surface spanning cloud infrastructure, data, storage, workloads, applications, and APIs. With the fast-paced and ephemeral nature of cloud environments, attackers have many opportunities to probe and exploit insecure resources and access sensitive information. According to the Orca Security 2024 State of Cloud Security report, 81% of organizations have public-facing neglected assets with open ports, while 82% have a Kubernetes API server that is publicly accessible.

"More organizations not only use multiple cloud service providers but also more advanced capabilities from each provider, which make cloud estates more complex than ever," said Gil Geron, CEO and co-founder at Orca Security. "Our mission is to provide cloud security teams with unmatched visibility into a chain of risk factors to improve their cloud security posture. With our latest platform enhancements and partnership with ModePUSH, we can now help organizations quickly understand breaches or compromises across their cloud control plane and application layers."

The Orca Cloud Native Application Protection Platform delivers integrated Cloud Detection and Response (CDR) capabilities that combine data from SideScanning snapshots with cloud provider audit logs and third-party agents to detect suspicious activity, potential compromises, or advanced threats. The platform's forensic snapshots feature allows security and incident response teams to quickly generate usable forensic images of workloads without having to engage with other teams or external processes.

Responding to incidents that span a variety of systems and services is a significant challenge. With Orca during an incident, teams can quickly and simply gather the necessary forensic snapshots while triaging the incident in the Orca Cloud Security Platform. This avoids the discovery and manual snapshotting that would be required for each of an asset's storage areas. By partnering with ModePUSH, a leading cybersecurity consulting firm, organizations who need to investigate cloud attacks can quickly benefit from analysis of data provided by Orca.

"At ModePUSH, we recognize the dynamic and sprawling attack surface of cloud environments. In partnering with Orca Security, a leader in cloud security and visibility, we can now rapidly aid security and incident response teams with better visibility, data, and cloud telemetry than ever before when called to investigate breaches," said Ben Harel, Co-Founder at ModePUSH.

For more information on Orca Security's cloud forensics capabilities, please view this webpage.

About Orca Security

Orca Security is the pioneer of agentless cloud security that is trusted by hundreds of enterprises globally. Orca makes cloud security possible for enterprises moving to and scaling in the cloud with its patented SideScanningtm technology and Unified Data Model. The Orca Cloud Security Platform delivers the world's most comprehensive coverage and visibility of all risks across the cloud. With continuous first-to-market innovations and expertise, the Orca Platform ensures security teams quickly identify and remediate risks to keep their businesses secure. Connect your first account in minutes: https://orca.security or take the free cloud risk assessment.