Leader in agentless cloud security, Orca Security, recently announced brand new Cloud to Dev capabilities that automatically trace cloud security risks discovered in production to the source of its origin and the developer that owns the code. Cloud to Dev builds on Orca’s commitment to continuous innovation by reducing about 80% of the effort that goes into remediating cloud security risks, by automatically identifying the source artifact and owner, down to the very line of code that is responsible for the vulnerability.
This release makes Orca the first Cloud-Native Application Protection Platform (CNAPP) to link cloud security issues in production environments back to their code origins. Enterprises adopting the new capabilities can significantly speed up the process of assigning and remediating risks, which minimizes their Mean Time to Resolution (MTTR) and frees up their security teams to devote time to higher-value activities.
“In many conversations with customers, I’ve heard gratitude for the speed and contextualization that Orca delivers in our cloud security platform,” says Gil Geron, CEO of Orca Security. “At the same time, we know that teams still face a significant challenge trying to link risks identified in production to the originating artifact and its owner – a process that can take days, and in larger organizations sometimes even weeks. With our new Cloud to Dev capabilities, we now allow security practitioners to completely bypass this manual work and automatically provide this information for every alert that is created.”
For instance, when a vulnerability is identified in a running container, Orca will trace the source code repository and Dockerfile that added the vulnerable package as well as the owner of the code. Orca will then identify the line of code in the Dockerfile that caused the vulnerability and recommend a fix. Cloud to Dev offers enterprises an effective and efficient way to tackle security threats, reducing the window during which risks can be exploited.