Software October 5, 2021

Securing the Next Big Attack Surface: Our Investment in Orca

Written By

The transition to the cloud is happening at an unprecedented rate across all industries and, as the number of cloud workloads continues to skyrocket, companies face a new set of risks that security teams need to manage. Workloads are constantly changing, and cloud assets can be spun-up and torn-down on demand, making them difficult to track and manage. With cloud, enterprises no longer own or manage their infrastructure, making it even more difficult for teams to get deep visibility into their stack.

Today, companies often cobble together legacy agent-based or network scanning solutions to find cloud misconfigurations, malware, overly permissive roles, and exposed data. These tools are intrusive, architected for the on-prem world and struggle to capture the full picture.

Understanding your cloud infrastructure is fundamental for security hygiene, yet incumbent cloud security solutions haven’t kept up with the rapid migration underway.

Orca’s Solution

Orca has built the go-to solution for cloud security. With their proprietary SideScanning technology, Orca can deliver deep visibility into cloud workloads without requiring agents or network scans. This is a huge leap forward compared to agent-based solutions which naturally have coverage gaps, cause alert fatigue, and come with high operational costs in the cloud. SideScanning covers all sorts of workloads – VMs, containers, and serverless.

Orca gathers rich information about what’s happening in the cloud environment to identify vulnerabilities, misconfigurations, malware, and other risk factors. Orca not only identifies these issues but also prioritizes them based on their expected ‘blast radius.’

CISOs we spoke with love Orca and view it is one of their most important and easiest to use security tools. The product philosophy at Orca lines up perfectly with what security teams care about: highly relevant & actionable alerts, deep visibility into critical attack vectors, and immediate time to value. It’s no surprise that leading companies like Robinhood, Databricks, News Corp, NCR, and Autodesk are customers.


We believe the cloud is the next big attack surface and one of the few white spaces in security. Orca is poised to become the leader in this core category.

Stripes Invests in Orca's $550M Series C

We’re excited to partner with Orca as they transform cloud security. The cloud is the next critical attack surface and cloud security can have an impact on the order of endpoint and network scanning. It’s one of the few white spaces in security and Orca is poised to become the category leader.

More security teams are realizing that tools built for the on-prem world are struggling to be successful in their cloud infrastructure and the glowing feedback we heard from CISOs about Orca reflects the genuine product love that’s the foundation of every Stripes partnership.

At Stripes, we believe that maintaining good security hygiene is one of the most important things a company can do to reduce risk. With that in mind, we partnered with Axonius to give teams a complete view of their IT assets, and we’re now excited to help them gain a complete view of their cloud workloads with Orca.

Coming from Check Point as its Chief Technologist, Avi (CEO & Co-Founder) is deeply product-oriented and committed to realizing the team’s broad vision for Orca. We were instantly impressed with his clear view of how security leaders should address cloud security, and it’s been a joy to see the team quicky execute on that mission.

We’re thrilled to be working alongside Orca and couldn’t be more excited about the road ahead!