Orca Security Launches Cloud Forensics and Incident Response Service for Rapid Cloud Incident Investigation

Orca Security, a leader in agentless cloud security, has unveiled new features and services aimed at improving the speed and efficiency of investigating and responding to attacks on cloud-native infrastructure. In collaboration with ModePUSH, Orca now provides cloud digital forensics and incident response services, enabling organizations to swiftly triage, investigate, and resolve security incidents using insights from the Orca Cloud Native Application Protection Platform.

 

As cloud environments grow increasingly complex with the use of multiple cloud service providers and advanced features, vulnerabilities become more prevalent. According to Orca’s latest report, 81% of organizations have public-facing assets with open ports, and 82% have exposed Kubernetes API servers, highlighting significant security concerns.

 

Gil Geron, CEO and co-founder of Orca Security, stresses the importance of comprehensive visibility into cloud risks. He explains that as organizations embrace more advanced cloud services, the complexity of their environments increases, providing attackers with more entry points. Orca’s goal is to strengthen cloud security by offering in-depth visibility into risk factors. The platform upgrades and partnership with ModePUSH aim to help organizations quickly identify and address breaches across their cloud infrastructure and application layers.

 

The Orca Cloud Native Application Protection Platform now integrates Cloud Detection and Response (CDR) capabilities, combining SideScanning snapshots with cloud provider audit logs and third-party agents to detect suspicious activities and advanced threats. A standout feature is forensic snapshots, which allow security and incident response teams to quickly generate forensic images of workloads, eliminating the need for external processes or additional teams and streamlining incident response.

 

Handling incidents across various systems and services can be challenging, but with Orca’s platform, teams can efficiently gather forensic snapshots and manage incidents directly within the Orca Cloud Security Platform, bypassing the need for manual snapshotting of individual assets. The partnership with ModePUSH, a respected cybersecurity consulting firm, enhances this capability by providing detailed analysis of Orca’s data.

 

Ben Harel, Co-Founder of ModePUSH, emphasizes the critical need for effective cloud security and visibility. He explains that this partnership allows ModePUSH to deliver enhanced data and cloud telemetry to security and incident response teams, improving their ability to efficiently investigate and respond to breaches.