Orca Security Expands Cloud Threat Detection and Response Capabilities to Enable Security Teams to Level Up Speed and Performance of Threat Investigations

Orca-Security

Orca Security, the pioneer of agentless cloud security, announced new enhancements to its Cloud Detection and Response capabilities to expedite threat investigation and response for organizations. The expanded, integrated set of capabilities within the Orca Cloud Security Platform, including an upgraded user experience, enriched insights and new functionalities, empower organizations to accelerate cloud security incident investigation, response and remediation.

According to Orca’s 2023 & 2024 Cloud Security Strategies Report, executives identified unauthorized access and data breaches as their top two cloud security risks. Executives also identified increasing efficiency, scaling security teams and securing supply chains as top objectives in the year ahead, highlighting the increasing need for CDR. Orca’s enhanced CDR capabilities ensure that customers can meet the evolving demands of the modern threat landscape and take advantage of this invaluable yet challenging area of cloud security.

“Inadequate tooling delays investigations and remediations, overwhelming security teams and leaving organizations at risk,” said Gil Geron, CEO & Co-Founder, Orca Security. “Today’s updates to Orca’s CDR capabilities eliminate several pressing issues for security teams hampered by siloed terminology across cloud providers, alert fatigue, a lack of actionable guidance and unified visibility, enabling organizations to catch early-stage attacks and orchestrate rapid responses that neutralize threats.”

Also Read: Abstract Security Announces Launch of Abstract Intelligence Gallery; Putting Threat Intelligence to Work For Security Teams

Cloud-agnostic classification

Orca’s CDR now classifies events based on well-established, cloud-agnostic terminology, providing security teams with a common language across their CDR workflows to boost efficiency and productivity. Previously, security teams were required to know unique naming conventions across several cloud providers to conduct forensic investigations. With Orca’s cloud-agnostic classification, working across multi-cloud environments, onboarding new team members or compensating for skill shortages no longer impedes busy security teams.

Event-driven security dashboard

Orca’s event-driven security dashboard provides security teams with important, actionable, and at-a-glance insights to expedite investigations and response. Unlike over-simplified dashboards that offer minimal insight or actionable guidance, security teams can see Orca Alerts by risk level, assets with detected suspicious activity, events over time, events by geolocation, top event-driven security risks, most active actors, and more, providing the key context needed to quickly diagnose anomalous activity, correlate seemingly unrelated events and findings, and launch investigations to discover answers.

Unified event data stream

Orca’s unified event-driven data stream aggregates logs across all CSPs to provide a comprehensive feed with no gaps in coverage or visibility. Security teams face a constant supply of unique cloud logs across cloud service providers that adds complexity to their work and creates challenges in unifying logs in a central location. With Orca’s unified event data stream, security teams can quickly search and filter the results by using any of Orca’s cloud-agnostic parameters or using SQL queries, eliminating the need to use a third-party database or export logs as a CSV from each CSP.

Event-driven alerts

Security teams are often burdened by alert fatigue and a lack of context for detected risks. Orca’s event-driven alerts are organized based on severity, presenting rich and meaningful data that fully contextualizes the risk, enabling security teams to further expedite their response and remediate the most time-pressing risks without delay.

SOURCE: BusinessWire