Orca Security, founded last year by a group of former Check Point executives and architects, today announced a $20 million Series A funding round led by GGV Capital with participation from YL Ventures and SVCI (Silicon Valley CISO Investments). The funding will fuel additional company growth to help more worldwide customers gain deeper visibility into AWS, Azure, and GCP at a fraction of the time and operational cost of alternative solutions.
Since its inception, Orca Security has been on an explosive path to solve a fundamental challenge—to provide frictionless cloud security with the breadth and depth to quickly analyze all cloud assets for risks. The company has created the first and only cloud security solution that can find vulnerabilities, malware, misconfigurations, leaked and weak passwords, lateral movement risk, and high-risk data without agents or per asset integrations, literally within minutes.
This unique ability is achieved using Orca Security’s patent pending SideScanning™ technology, which is based on reading the workloads’ run time block storage out of band, and cross-referencing this with cloud context pulled directly from the cloud vendors’ APIs. Furthermore, unlike point solutions that work in silos, Orca treats a customer’s cloud estate as an interconnected web of assets, prioritizing risk based on environmental context. This cuts through thousands of security alerts to reveal the critical few that matter, along with their precise path to remediation.
“Organizations expect to have rapid cloud growth while maintaining security. This cannot be achieved by playing whack-a-mole with per-asset agent deployments,” said Avi Shua, CEO and co-founder of Orca Security, and former Chief Technologist at Check Point Software Technologies. “You can’t continue to iterate on tools designed for on-prem environments and expect to win the coverage game in the cloud. You lose both agility and security. Orca Security has developed an entirely new way of helping organizations identify, understand, and prioritize cloud security issues—without slowing their innovation or worrying about the thoroughness of their coverage.”
While network scanners and agent-based security tools have existed for decades, they incur huge operational costs, yet leave the organization vulnerable to breaches by only offering partial visibility. Orca Security provides a new agentless way of deeply analyzing an organization’s entire cloud infrastructure to solve these challenges.
“These days, any cloud security solution that requires agents, libraries or costly and complex integrations should be out of the question,” said Ian Amit, Chief Security Officer for Cimpress. “In contrast, Orca Security provides a comprehensive security perspective that doesn’t require material changes to the cloud environment, but still identifies all issues across the entire stack – OS, applications, and services.”
Investing in a Better Way to Find Cloud Security Risks
With the latest Series A round, in addition to $6.5 million in seed funding, Orca Security is making a substantial investment in talent, go-to-market growth, and research and development. The company plans to double its team and total business by the end of 2020. New hiring will be divided between its U.S. and Israel offices.
The Series A funding round is being led by GGV Capital, a global venture capital firm that invests in companies shaping digital transformations around the world. Glenn Solomon, Managing Partner, GGV Capital will also join the board of directors. The funding also includes participating investments from YL Ventures, a global VC firm exclusively focused on seed-stage Israeli cybersecurity investments, which led the seed round, and SVCI (Silicon Valley CISO Investments), a new angel syndicate of more than 40 prominent CISOs who pool their own funds to invest in security companies with revolutionary technologies, solving the most pressing challenges in the industry.
“It’s exciting to see Orca tackle the cloud frontier with an innovative approach that dramatically improves visibility while reducing operational costs. We’ve been impressed with Avi and the team’s ability to build for modern-day security leaders, as evident in SVCI’s remarkable response to Orca. The excitement of the group was incredible and validates what value Orca provides to security leaders who are facing complex security issues at scale,” said Oren Yunger, investor, GGV Capital.
Orca Security Announcement Resources
CEO’s blog on Orca Security’s founding story and $20M raise
Orca Security testimonials and case studies
Hacking Cloud Visibility with Rishi Tripathi, SVP & Chief Information Security Officer, NBA
How to See AWS Workload-Level Risks Without Agents: Modern AWS Security Best Practices. This CSA CloudBytes webinar features Aaron Brown, Cloud Security Engineer, Sisense, and Sounil Yu, Former Chief Security Scientist, Bank of America.
For more information, visit orca.security.
Additional Supporting Quotes
“Orca’s made amazing progress and such an impact on the industry in such a short period of time. In just under 14 months, this all-star team has managed to build a core disruptive product that speaks directly to security executives, gaining a massive customer base in the process and the market confidence to secure this funding round.”
Managing Partner and seed round leader
“In a software-driven world that is moving faster than ever before, it’s extremely difficult for security teams to properly discover and protect every cloud asset. Orca Security’s novel approach provides unparalleled visibility into these assets, and brings this power back to the CISO without slowing down engineering.”
Orca Security Board Member
“What I like most about Orca Security is that you get very deep results with only a small investment in time. You get value on day one.”
“Competing solutions are either agent-driven, which can’t keep pace with how engineers build in the cloud, or they’re metadata-driven, which provide limited visibility. Orca Security gives you the visibility of multiple tools in one, saving you time, effort, and money.”
“Within minutes, we gained full visibility into our AWS account. Before Orca, I had zero visibility. Now, I see everything I need to see. Plus, we now have a single tool that does it all.”
“The most impressive thing about Orca Security is being able to see results so quickly across 100% of our cloud assets.”
Chief Security Officer
About Orca Security
Orca Security is the cloud security innovation leader, providing deeper visibility into AWS, Azure, and GCP without the operational costs of agents. With Orca Security, there are no overlooked assets, no DevOps headaches, and no performance hits on live environments.
Unlike legacy tools that operate in silos, Orca treats your cloud as an interconnected web of assets, prioritizing risk based on environmental context. This cuts through thousands of security alerts to give you the critical few that matter, along with their precise path to remediation.
Delivered as SaaS, Orca Security’s patent-pending, SideScanning™ technology reads your cloud configuration and workloads’ runtime block storage out-of-band, detecting vulnerabilities, malware, misconfigurations, lateral movement risk, weak and leaked passwords, and high-risk data such as PII. Connect your first cloud account in minutes and see for yourself. Learn more at orca.security