Orca Security expands partnership with Google Cloud to secure enterprise cloud estates

Agentless cloud security company Orca Security today announced an expanded partnership with Google Cloud. The partnership seeks to bolster the security of cloud workloads, data and users. By integrating the Orca Cloud Security platform with Google security products such as Google Chronicle, Security Command Center and VirusTotal, the companies aim to safeguard multi-cloud development and runtime environments. 

The company claims it is the first third-party security solution to integrate VirusTotal API v3, which was released earlier this year.

“Our latest differentiator features deep integrations with Google Cloud’s security solutions,” Orca Security CEO Gil Geron told VentureBeat. “These ensure that Google Cloud and Orca customers benefit from best-in-class security telemetry across the cloud.”

Comprehensive cloud security

Orca Security views this partnership as a significant advancement in cloud security because it provides organizations with essential tools to enhance visibility and achieve comprehensive security for their cloud environments.

According to the company, the integration with Google Chronicle, Security Command Center and VirusTotal offers several advantages for its customers because it allows them to leverage Google Cloud’s robust security services. 

Through Chronicle and Security Command Center, customers will be able transmit cloud security telemetry to endpoint solutions, thereby consolidating the data provided to Google’s customers. 

Regarding VirusTotal, Orca is strengthening its malware capabilities by incorporating the platform’s robust data. This integration will help ensure a broader coverage and deeper telemetry for malware data, enhancing overall enterprise security.

Improved threat visibility through dynamic integrations

Orca said it utilizes the latest Google Cloud API updates to introduce advanced features and capabilities. The company said that these functionalities surpass the scope of merely identifying security risks and preventing attacks like denial-of-service and ransomware. 

The tool can uncover idle, paused and stopped workloads, as well as orphaned applications and endpoints that necessitate consolidation or decommissioning.

“One of the main architecture components of the Orca Cloud Security Platform is our unified data model that brings together all of an organization’s cloud telemetry spanning cloud infrastructure, workloads, data, identities, APIs and more into a single location,” Orca Security CIO Avi Shua told VentureBeat. 

Shua highlighted the significance of consolidating an organization’s cloud insights into a unified data model. This approach empowers security teams to gain context and risk prioritization for their cloud-native applications.

Benefits of attack path analysis

Furthermore, users can now leverage the platform’s Attack Path analysis feature, which consolidates multiple individual risks into an interactive dashboard. 

The feature will enable security teams to understand the impact of a workload vulnerability, encompassing aspects such as an overprivileged user and an exposed storage bucket containing sensitive personally identifiable information (PII). By understanding this chain of vulnerabilities, organizations can assess the risk they face.

“Orca’s malware detection, using both hash-based and heuristic approaches, gives you confidence in findings,” Shua added. “VirusTotal integration allows your analysts and IR teams to quickly find and consume additional intelligence on the malware that Orca found. This helps to understand what the suspected malware is and how it may connect to a larger threat.”

What’s next for Orca Security?

Orca said it is currently committed to strengthening its team supporting the Google Cloud partnership across product development and go-to-market efforts.

“From this deeper partnership, security leaders can ensure that their teams are always solving the issues that matter most,” said Geron. “By integrating security across the application lifecycle, organizations can unify development, DevOps and security teams to deploy the most secure software possible and improve the security of their cloud-native applications.”

In addition to the core integrations, Orca is actively exploring the incorporation of the Mandiant Threat Intel feed to provide enhanced context for attack paths and findings. 

The company said it is also collaborating with Google Cloud partner SADA to expand the Orca Cloud Camp. This collaboration will showcase the distinct combination of Orca, SADA and Google and will be unveiled at the upcoming Google Next event.