DEVOPSdigest

Orca Security announced the launch of new comprehensive Data Security Posture Management (DSPM) capabilities as part of the Orca Cloud Security Platform.

Building upon its comprehensive approach to cloud security, the new offering significantly expands on Orca’s existing capabilities and provides enhanced data discovery and management that enables organizations to identify, prioritize, and mitigate sensitive data at risk across multi-cloud estates, including shadow data and misplaced data that organizations may not have been aware of.

With its new DSPM capabilities, Orca now continuously detects sensitive data at risk in managed and self-hosted cloud data stores, as well as in files on virtual machines, containers and cloud storage buckets across multi-cloud environments. These enhancements enable organizations to take preventive steps to reduce the data attack surface and triage anomalous data-related events across their cloud estates, including AWS, Azure, Google Cloud, and Alibaba Cloud, from a single comprehensive cloud platform - without requiring any additional tools.

“Ever since its initial release in 2019, the Orca Cloud Security Platform has included core data security capabilities,” said Avi Shua, CEO and co-founder of Orca Security. "With this latest Data Security Posture Management launch, we have greatly expanded our DSPM offering to provide security teams with full visibility into what data they have, where it resides, the attack vectors that lead to it, and any suspicious events and behaviors that need attention. With this latest addition, Orca is continuing to deliver on our promise to provide the most comprehensive cloud security solution from a single, unified platform.”

Orca combines data intelligence with other cloud risks – including vulnerabilities, malware, misconfigurations, lateral movement risks, identity and access risks, and API risks.

Leveraging Orca’s patented, agentless SideScanning™ technology, the platform identifies, classifies, and alerts to sensitive data at risk across the entire cloud environment, including shadow data and misplaced data that organizations may not have been aware of, allowing Orca to highlight how indirect, as well as direct risks, can lead to exposed sensitive data.

Orca combines its comprehensive cloud risk insights to apply Attack Path Analysis and identify opportunities for attackers to combine different weaknesses in the cloud environment to expose sensitive data, such as PII, PHI, and PCI data. Each attack path is automatically scored based on a number of criteria, including exploitability, severity, and business impact, allowing security teams to focus on remediating the risks that pose the greatest danger to the organization’s sensitive data, while reducing alert fatigue and preventing potentially damaging data breaches.

Orca is releasing its DSPM capabilities in public beta today.