Orca Security Announces Cloud to Dev Capabilities
April 05, 2023

Orca Security announced Cloud to Dev capabilities that automatically trace cloud security risks found in production to the origin code and the developer that owns it.

Building upon Orca’s commitment to continuous innovation, Cloud to Dev reduces the effort needed to remediate cloud security issues by an estimated 80% by automatically identifying the source artifact and owner, even down to the exact line of code that is at the root of the identified risk.

Orca has linked cloud security issues in production environments back to their code origins, significantly accelerating the assignment and remediation of risks. With these new capabilities, Orca greatly reduces the organization’s Mean Time to Resolution (MTTR) and at the same time frees up valuable time for security teams, allowing them to focus on higher-value activities.

“In many conversations with customers, I’ve heard gratitude for the speed and contextualization that Orca delivers in our cloud security platform,” said Gil Geron, CEO of Orca Security. “At the same time, we know that teams still face a significant challenge trying to link risks identified in production to the originating artifact and its owner - a process that can take days, and in larger organizations sometimes even weeks. With our new Cloud to Dev capabilities, we now allow security practitioners to completely bypass this manual work and automatically provide this information for every alert that is created.”

For example, when a vulnerability is detected in a running container, Orca will identify the source code repository and the Dockerfile responsible for adding the vulnerable package, along with the owner. Orca will even pinpoint the line in the Dockerfile responsible for the vulnerability and suggest a fix. This approach provides a much more efficient and effective way to address security incidents, drastically shortening the time that risks can be exploited.

Share this

Industry News

April 03, 2025

StackGen has partnered with Google Cloud Platform (GCP) to bring its platform to the Google Cloud Marketplace.

April 03, 2025

Tricentis announced its spring release of new cloud capabilities for the company’s AI-powered, model-based test automation solution, Tricentis Tosca.

April 03, 2025

Lucid Software has acquired airfocus, an AI-powered product management and roadmapping platform designed to help teams prioritize and build the right products faster.

April 03, 2025

AutonomyAI announced its launch from stealth with $4 million in pre-seed funding.

April 02, 2025

Kong announced the launch of the latest version of Kong AI Gateway, which introduces new features to provide the AI security and governance guardrails needed to make GenAI and Agentic AI production-ready.

April 02, 2025

Traefik Labs announced significant enhancements to its AI Gateway platform along with new developer tools designed to streamline enterprise AI adoption and API development.

April 02, 2025

Zencoder released its next-generation AI coding and unit testing agents, designed to accelerate software development for professional engineers.

April 02, 2025

Windsurf (formerly Codeium) and Netlify announced a new technology partnership that brings seamless, one-click deployment directly into the developer's integrated development environment (IDE.)

April 02, 2025

Opsera raised $20M in Series B funding.

April 02, 2025

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, is making significant updates to its certification offerings.

April 01, 2025

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the Golden Kubestronaut program, a distinguished recognition for professionals who have demonstrated the highest level of expertise in Kubernetes, cloud native technologies, and Linux administration.

April 01, 2025

Red Hat announced new capabilities and enhancements for Red Hat Developer Hub, Red Hat’s enterprise-grade internal developer portal based on the Backstage project.

April 01, 2025

Platform9 announced that Private Cloud Director Community Edition is generally available.

March 31, 2025

Sonatype expanded support for software development in Rust via the Cargo registry to the entire Sonatype product suite.

March 31, 2025

CloudBolt Software announced its acquisition of StormForge, a provider of machine learning-powered Kubernetes resource optimization.