Orca Security Launches Cloud Digital Forensics and Incident Response Service to Empower Rapid Investigation of Cloud Incidents

Orca Security Launches Cloud Digital Forensics and Incident Response Service to Empower Rapid Investigation of Cloud Incidents

May 3, 2024 Off By David

Orca Security announced significant new capabilities and services that enable rapid investigation and response to cloud-native infrastructure attacks. With the general availability of cloud digital forensics and incident response services through a new partnership with ModePUSH, organizations can now triage, investigate, and respond to security incidents using intelligence from the Orca Cloud Native Application Protection Platform.

Cloud-native organizations need to secure a wide-ranging cloud attack surface spanning cloud infrastructure, data, storage, workloads, applications, and APIs. With the fast-paced and ephemeral nature of cloud environments, attackers have many opportunities to probe and exploit insecure resources and access sensitive information. According to the Orca Security 2024 State of Cloud Security report, 81% of organizations have public-facing neglected assets with open ports, while 82% have a Kubernetes API server that is publicly accessible.

“More organizations not only use multiple cloud service providers but also more advanced capabilities from each provider, which make cloud estates more complex than ever,” said Gil Geron, CEO and co-founder at Orca Security. “Our mission is to provide cloud security teams with unmatched visibility into a chain of risk factors to improve their cloud security posture. With our latest platform enhancements and partnership with ModePUSH, we can now help organizations quickly understand breaches or compromises across their cloud control plane and application layers.”

The Orca Cloud Native Application Protection Platform delivers integrated Cloud Detection and Response (CDR) capabilities that combine data from SideScanning snapshots with cloud provider audit logs and third-party agents to detect suspicious activity, potential compromises, or advanced threats. The platform’s forensic snapshots feature allows security and incident response teams to quickly generate usable forensic images of workloads without having to engage with other teams or external processes.

Responding to incidents that span a variety of systems and services is a significant challenge. With Orca during an incident, teams can quickly and simply gather the necessary forensic snapshots while triaging the incident in the Orca Cloud Security Platform. This avoids the discovery and manual snapshotting that would be required for each of an asset’s storage areas. By partnering with ModePUSH, a leading cybersecurity consulting firm, organizations who need to investigate cloud attacks can quickly benefit from analysis of data provided by Orca.

“At ModePUSH, we recognize the dynamic and sprawling attack surface of cloud environments. In partnering with Orca Security, a leader in cloud security and visibility, we can now rapidly aid security and incident response teams with better visibility, data, and cloud telemetry than ever before when called to investigate breaches,” said Ben Harel, Co-Founder at ModePUSH.