Orca Security, a leading agentless cloud security platform, enhanced its platform with cloud detection and response (CDR) capabilities to assist businesses in identifying, analyzing, and responding to active attacks.

The Orca Platform uses machine learning and rules-based heuristics to monitor cloud provider logs and threat intelligence feeds. It also offers automatic remediation to stop security risks from spreading across the software development lifecycle (SDLC). In order to defend against cloud assaults, Orca Security’s Cloud Detection & Response capabilities continuously scan the whole cloud attack surface for risks and threats.

Security teams are now able to expedite investigation, triage, and response to threats in the cloud by giving Security Operations Center (SOC) and Incident Response (IR) teams contextualized data on potentially harmful occurrences. In order to immediately identify the threats that demand an immediate response, Orca Security integrates this data with its fully contextualized insights into cloud workloads and setups.

The latest features include:

Detection: Orca constantly scans the cloud for flaws and configuration errors, malware, dangers associated with identity and access management (IAM), lateral movement, exposure of critical data, and more. Additionally, it knows when to alert security professionals and knows when to stop alerting too much about trivial problems, preventing alert fatigue and the possibility of missing important problems.

Investigation: With Orca’s new CDR dashboard, security personnel can rapidly determine whether suspicious activity indicates an attack and whether any of the company’s vital assets are in jeopardy.

Response: By utilizing Orca’s automated processes to effectively avoid assaults, organizations can respond to cloud attacks. Furthermore, Orca offers many ticketing and notification connections with providers like Slack, PagerDuty, ServiceNow, and Jira. It also integrates with SIEM and SOAR systems for quick investigation and remediation (e.g., Splunk, Sumo Logic, IBM Qradar, Torq, and Bringa).

Avi Shua, CEO and Co-founder of Orca Security, said, “With our new Cloud Detection and Response capabilities, we are greatly expanding the scope of the Orca Cloud Security Platform. By leveraging heuristics and anomaly detection capabilities encompassing both workloads and cloud-native activity, organizations can, for the first time, have 100 percent agentless coverage against all kinds of cloud attacks.”