Orca Security is First CNAPP to Launch Cloud to Dev Capabilities, Enabling Security Teams to Close the Loop for Faster Remediation of Production Alerts

Orca Cloud Security Platform now automatically traces risks in production environments to the origin code and its developer owner, freeing up precious time for higher-value activities

Orca Security, the pioneer of agentless cloud security, announced first-to-market Cloud to Dev capabilities that automatically trace cloud security risks found in production to the origin code and the developer that owns it. Building upon Orca’s commitment to continuous innovation, Cloud to Dev reduces the effort needed to remediate cloud security issues by an estimated 80% by automatically identifying the source artifact and owner, even down to the exact line of code that is at the root of the identified risk.

 Latest AiThority Interview Insights : AiThority Interview with Malcolm Koh, Director, CX Practice at Zendesk

“Market Guide for Cloud-Native Application Protection Platforms”

In the recently published 2023 Market Guide for Cloud-Native Application Protection Platforms (CNAPPs), Gartner® states that security teams must, “Ensure the right person/team is tasked with remediating an identified risk, by requiring CNAPP offerings to understand ownership and provenance of development artifacts. At a minimum, the CNAPP offering must understand what developer/development team created the artifact, when it was scanned, when it was deployed, and who has since changed or modified it.”¹

Orca is the first CNAPP to link cloud security issues in production environments back to their code origins, significantly accelerating the assignment and remediation of risks. With these new capabilities, Orca greatly reduces the organization’s Mean Time to Resolution (MTTR) and at the same time frees up valuable time for security teams, allowing them to focus on higher-value activities.

Read More about AiThority Interview: AiThority Interview with Jon Zimmerman, Chief Executive Officer at Holon Solutions

“In many conversations with customers, I’ve heard gratitude for the speed and contextualization that Orca delivers in our cloud security platform,” said Gil Geron, CEO of Orca Security. “At the same time, we know that teams still face a significant challenge trying to link risks identified in production to the originating artifact and its owner – a process that can take days, and in larger organizations sometimes even weeks. With our new Cloud to Dev capabilities, we now allow security practitioners to completely bypass this manual work and automatically provide this information for every alert that is created.”

For example, when a vulnerability is detected in a running container, Orca will identify the source code repository and the Dockerfile responsible for adding the vulnerable package, along with the owner. Orca will even pinpoint the line in the Dockerfile responsible for the vulnerability and suggest a fix. This approach provides a much more efficient and effective way to address security incidents, drastically shortening the time that risks can be exploited.

 Latest AiThority Interview Insights : AiThority Interview with Malcolm Koh, Director, CX Practice at Zendesk

 [To share your insights with us, please write to sghosh@martechseries.com]