Orca Security

"Curiosity is the most important thing." - Bar Kaduri, our Head of Research, explains what drives the Orca Research Pod. In this video, Bar breaks down exactly what the Research Pod does and how we're working to keep your cloud environments secure. Our threat researchers constantly explore new ways the cloud could be attacked, so we can help you defend against them first. Plus, you might notice our Research Pod page has gotten a new refresh! 👀 The new design makes it easier to explore our latest findings and dig deeper into the data that matters to your organization. Take a look here: https://lnkd.in/gtnJWrNq

🚨 #s1ngularity 𝗦𝘂𝗽𝗽𝗹𝘆 𝗖𝗵𝗮𝗶𝗻 𝗔𝘁𝘁𝗮𝗰𝗸 The Orca Research Pod just reported a supply chain attack targeting Nx (a popular build tool). Malicious package versions were published to npm, silently stealing sensitive developer assets like GitHub tokens, SSH keys, npm credentials, and even crypto wallets. This marks the first known supply chain attack to actively search for installed LLM tools on developer machines in order to extract more secrets from the victim. With exposed secrets discovered on GitHub by attackers in under 2 minutes, this represents a major evolution in how threat actors are targeting the software supply chain. Roi Nisimi has the full technical breakdown, impact analysis, and how Orca in our latest blog. ⤵ https://lnkd.in/g3_NeYWh #s1ngularity #nx #OrcaSecurity

Your cloud environment is only as secure as its weakest credential. Without the right protection, a single exposed password can give attackers direct access to critical assets, bypassing all your perimeter defenses. It's not IF your passwords will be leaked, it's WHEN. That's why we built multi-layered security into the Orca Platform:  • Check credentials using multiple techniques  • Get prioritized alerts automatically with fast and easy remediation options  • Block secrets from reaching production Learn how Orca helps detect, remediate, and prevent leaked passwords before attackers find them. Read the full breakdown in our latest blog:  https://lnkd.in/gYqXwQes

You can’t fix everything—but you can fix what matters. From the 2025 Gartner® CNAPP Market Guide: “Since risk-free applications are impossible, information security must prioritize risk findings according to business context, identifying the root cause and enabling developers to focus first on the highest risk findings with the highest confidence of potential business impact.” We couldn’t agree more. In our latest blog, we highlight why smarter risk prioritization is one of the most important takeaways from this year’s report—and how CNAPP makes it possible. Read the full list 👇 https://lnkd.in/gir7F9UZ #OrcaSecurity #CNAPP #Gartner

🚨 𝗭𝗲𝗿𝗼-𝗱𝗮𝘆 𝘃𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝗶𝗲𝘀 𝗱𝗼𝗻'𝘁 𝘄𝗮𝗶𝘁. 𝗪𝗵𝘆 𝘀𝗵𝗼𝘂𝗹𝗱 𝘆𝗼𝘂? When new CVEs hit the headlines, every second counts in understanding your exposure. Watch Tim Chase, our Principal Technology Evangelist, demonstrate how Orca's "From the News" feature turns vulnerability management from reactive scrambling into proactive protection. ✅ Instant visibility into where you're impacted  ✅ Pre-built queries that pinpoint exact locations ✅ Smart risk scoring based on external exposure  ✅ Tailored remediation steps for your preferred tools Start getting ahead of the threats that matter most to YOUR environment. Watch the video, then book a demo to see it in action ⬇️ https://lnkd.in/gkVZ9h4N

We suggest taking an agentless-first approach to securing SAP migrations in motion. Take a look at the ebook to learn how Orca partners with AWS to protect your SAP cloud journey. #AWSPartners

Secure your SAP cloud journey. 🔒☁️💡 https://go.aws/3JCHA7S Strengthen security at every stage of your SAP migration to #AWS. Download our latest ebook to learn how #AWSPartners help protect your cloud journey. CrowdStrike | Fortinet | Orca Security | Palo Alto Networks | Splunk | Trend Micro | Zscaler

Cloud-native security isn’t just about better tooling, it’s about better teamwork. As highlighted in the 2025 Gartner® Market Guide for CNAPPs: “CNAPP offerings are essentially bringing three previously siloed groups closer together by consolidating the application development teams, cloud architectural and configuration teams, and security operations teams.” We agree. That’s why one of our top 6 takeaways is this: CNAPP adoption is as much about cross-functional collaboration as it is about features. See what else made the list 👇 https://lnkd.in/gir7F9UZ #OrcaSecurity #CNAPP #Gartner

🔍 JUST RELEASED: The 10 Most Popular AI Models of 2025 84% of organizations now use AI in the cloud, a massive jump from last year. But not all AI models are created equal, so it's worth analyzing the most popular AI models organizations are using to see which ones are actually winning. GPT-4o leads the pack, but here's what surprised us most: embedding models are quietly powering enterprise AI at massive scale. Our Research Pod analyzed billions of cloud assets to reveal which models are most popular in production environments. The rankings reveal OpenAI's stronghold and the growing importance of specialized embedding technology. Bar Kaduri, Shir Sadon and Todd Stansfield explain the complete top 10 and what it means for your AI strategy 👇 https://lnkd.in/gb7jwDhK Plus, you might notice our Research Pod page has gotten a refresh! The new design makes it easier to explore our latest findings and dig deeper into the data that matters to your organization.

Our research team just finished analyzing thousands of cloud environments, and what we discovered will change how you think about cloud security forever. Join Orca experts Bar Kaduri, Head of Research, and Shir Sadon, Cloud Security Researcher, on August 19th, 11:00am CDT, for "AI, NHIs, and the New Risk Frontier: Unpacking the 2025 State of Cloud Security" – an eye-opening deep dive into the brutal realities we uncovered. We'll reveal AI threats operating beyond all predictions, the massive identity crisis silently gutting infrastructures worldwide, and how traditional risks have mutated into something unrecognizable. ↘ Register now: https://lnkd.in/gybumNvy Plus, join our lead researchers anything in our live AMA tomorrow from 8:00am CDT to 11:00am CDT. Drop your burning cloud security questions and get direct answers from the experts who compiled the data. ↘ Join the AMA: https://lnkd.in/gR8JF_zU