Orca Security

Use Cases

• Unified Multi‑Cloud Risk Visibility: Security teams use Orca to gain a single, agentless view of risks, misconfigurations, vulnerabilities, malware and exposed data across AWS, Azure, Google Cloud, Oracle Cloud, Alibaba Cloud and Kubernetes without deploying per‑asset agents.

• Cloud Compliance & Audit Readiness: Enterprises rely on Orca to continuously assess their cloud environments against 100+ compliance frameworks and benchmarks (such as CIS, NIST and SOC 2), automatically prioritizing and tracking remediation for failed controls.

• Attack Path Analysis & Prioritization: Orca maps relationships between identities, workloads, networks and data to reveal toxic combinations and end‑to‑end attack paths to “crown jewel” assets, ensuring teams focus on the small set of risks that truly matter.

• DevSecOps & Shift‑Left Security: Development teams connect Orca findings directly into version control, ticketing systems and IDEs so vulnerabilities and misconfigurations discovered in production are traced back to code and CI/CD pipelines for earlier remediation.

• Hybrid & Runtime Threat Detection: With its extended runtime protection for hybrid and private cloud, Orca detects container escapes, privilege escalation, reconnaissance and “living off the land” attacks in real time, including Windows‑specific runtime threats.​

• SaaS, Fintech & Digital‑Native Protection: Cloud‑first companies such as Robinhood, Databricks, Lemonade, BeyondTrust, Unity and others use Orca to replace multiple point tools and achieve complete, agentless visibility and prioritized risk detection across fast‑growing estates.

Customers & Markets

Orca Security primarily serves mid‑to‑large enterprises operating multi‑cloud environments across technology, fintech, financial services, SaaS, e‑commerce and online services. Early hypergrowth saw more than 1,000 percent year‑over‑year expansion in 2020 as organizations such as Robinhood, Databricks, Unity, Live Oak Bank, Lemonade and BeyondTrust selected Orca to replace legacy agent‑based and point solutions.

The platform now protects more than 9 million workloads and over 120,000 code repositories, processing more than 300 petabytes of data daily while serving 60,000+ developers worldwide. Orca reports accelerating international traction, including 140 percent year‑over‑year customer growth in Latin America and 100 percent year‑over‑year customer growth in India, supported by new regional data centers and a partner‑led go‑to‑market motion. This global footprint, combined with strong brand recognition as an agentless‑first CNAPP, positions Orca as a challenger to incumbents such as Palo Alto Networks in the cloud security market.

Research, Partnerships & Innovations

Orca’s R&D centers on agentless‑first cloud visibility, unified CNAPP consolidation and AI‑assisted detection and response. Its patented SideScanning approach reads cloud configuration and block‑storage snapshots directly from cloud provider APIs, delivering deep coverage without deploying traditional agents. Orca is recognized by Gartner as a representative vendor in the 2024 and 2025 Market Guides for CNAPP, highlighting its unified platform covering CSPM, CWPP, CIEM, DSPM, container and API security across major clouds.

In 2025 Orca expanded its CNAPP with runtime protection for hybrid and private clouds using an eBPF‑based sensor, addressing security gaps across mixed public cloud, private cloud and on‑premises environments. The company also acquired Opus, an AI‑driven cloud remediation startup, to add autonomous risk remediation and AI agent capabilities—moving from pure visibility to intelligent, automated response. Strategic partnerships with hyperscalers such as AWS (including AWS Marketplace listings and regional data centers in LATAM and India) further embed Orca into enterprise cloud programs while improving data residency and performance for regional customers. Continuous platform updates add AI assistants for investigations, expanded compliance coverage and deeper DevSecOps integrations, aligning Orca with emerging AI‑driven and hybrid‑cloud security requirements.

Key People

• Gil Geron – CEO & Co‑Founder: Co‑founded Orca Security in 2019 after more than 20 years leading cybersecurity products at Check Point Software Technologies. Previously served as Chief Product Officer from Orca’s inception and became CEO while co‑founder Avi Shua moved to Chief Innovation Officer. Geron focuses on scaling Orca’s global footprint and evolving the CNAPP platform from visibility to prevention and autonomous remediation.

• Avi Shua – Chief Innovation Officer & Co‑Founder: Former Check Point executive who co‑founded Orca Security and served as its initial CEO, driving the development of the patented SideScanning technology and agentless‑first architecture. Now leads long‑term innovation and product vision as Chief Innovation Officer and board member.

• Liran Antebi – Chief Architect & Co‑Founder: Co‑founder and Chief Architect responsible for Orca’s core platform design and scalable data processing engine that underpins SideScanning and unified risk modeling.

• Raf Chiodo – Chief Revenue Officer: Oversees global sales and go‑to‑market strategy, driving enterprise adoption across North America, EMEA, LATAM and APAC.​

• Gera Dorfman – Chief Product Officer: Leads product management and user experience for the Orca Cloud Security Platform and CNAPP capabilities, ensuring alignment with modern cloud security and DevSecOps requirements.

• Oded Edri – Chief Financial Officer: Manages Orca’s financial strategy, overseeing funding utilization (approximately 782 million dollars raised across five rounds) and global growth investments.

• Raul Galante – Chief Information Security Officer: Responsible for Orca’s internal security posture, compliance programs and alignment with best‑practice cloud security frameworks.