Orca Security Extends Side Scanning to Additional Cloud Services
Orca Security today announced it has extended the reach of its “side-scanning” services to discover cybersecurity issues that might arise from reliance on trusted cloud services such as continuous integration/continuous delivery (CI/CD) platforms and document repositories.
Company CEO Avi Shua said many IT organizations assume third-party cloud services are secure. However, it turns out most of them are just as prone to misconfiguration issues as any other public cloud service.
The Orca Security Platform enables cybersecurity teams to discover these issues via side-scanning technology that examines block storage out of band via a software-as-a-service (SaaS) platform managed by Orca. That platform then cross-references with the application programming interfaces (APIs) exposed by the cloud service providers to surface cloud security issues.
Shua said misconfiguration issues generally arise when developers adjust access control lists to enable communications between third-party tools. Too often developers inadvertently leave one or more services open to the public internet without realizing it. Unfortunately, because third-party cloud services are trusted, most cybersecurity teams whitelist those services. Cybercriminals, in the meantime, have become more adept at scanning for misconfigured cloud services.
The Orca Security Platform provides cybersecurity teams with a way to discover these issues without having to deploy agent software that would otherwise disrupt application development, he said.
It’s unclear how pervasive a problem misconfigured cloud services have become. However, there have been incidents in which cybercriminals employ CI/CD platforms such as Bitbucket or document repositories such as Google Drive to distribute malware. The challenge cybersecurity teams face is finding a way to make sure platforms they don’t directly control are actually secure.
Fresh off raising an additional $20 million in funding, Orca Security is trying to pioneer an approach to cloud security that doesn’t depend on organizations installing agent software on every platform. Before too long, each instance of agent software becomes yet another software deployment project that needs to be updated and maintained. As organizations rely more on cloud services, managing agent software simply becomes too unwieldy. It’s much easier to focus cybersecurity efforts on the ingress and egress points within a cloud service, Shua added.
In fact, one of the reasons cybersecurity teams often try to dissuade organizations from employing cloud services is the difficulty they often encounter when managing agent software on each platform. If that requirement is eliminated or reduced, the fewer reasons cybersecurity teams have to object to adopting yet another cloud service.
In the wake of the COVID-19 pandemic, more organizations will be relying on cloud services more than ever. The cloud security concern is that there are too many services being employed in which a series of innocuous mistakes can lead to a catastrophic cybersecurity event. There’s no way cybersecurity teams within most organizations are going to be able to dictate how and when cloud services are employed. The next best thing, then, is to identify what services are being employed and then make sure those services are securely configured. Otherwise, it’s not so much a question of if there will be a cloud security issue as much as when.
