Ahead of RSAC 2026, Orca Security unveils new AI-driven capabilities that help organizations cut through alert noise, accelerate investigations, and focus on the risks that truly impact multi-cloud and AI environments
PORTLAND, Ore.--(BUSINESS WIRE)--Orca Security, the pioneer of agentless cloud security, today announced major enhancements to the Orca Platform, introducing new AI-powered security agents, real-time detection of AI usage across cloud environments, remediation-focused workflows, and code reachability analysis. These innovations enable organizations to move beyond fragmented alerts to faster investigation, clearer prioritization, and measurable risk reduction in the AI-era.
As enterprises accelerate AI adoption and scale across multi-cloud environments, security
teams are inundated with alerts yet lack the context and prioritization needed to distinguish real, business-critical risk from background noise. Research shows that 84% of organizations now run AI workloads in the cloud, and 62% already have vulnerable AI packages in their environments. Orca’s latest innovations extend its unified platform to help teams understand threats faster, focus on truly exploitable vulnerabilities, and take action with confidence.“Security teams don’t need more data. They need to know what actually matters and what to do about it,” said Gil Geron, CEO and co-founder of Orca Security. “These new capabilities are designed to turn complex cloud risk into clear, actionable guidance so teams can make faster decisions and reduce exposure in a measurable way. That shift from information to action is what ultimately improves security outcomes.”
New platform capabilities include:
- Threat Investigation Agent: Orca’s Threat Investigation Agent automatically analyzes risk, correlates signals across the cloud environment, and produces transparent investigation reports with recommended containment actions.
- AppSec Triage Agent: The new AppSec Triage Agent analyzes SAST findings to identify false positives, reduce alert fatigue, and help teams focus on real vulnerabilities.
- Runtime AI Threat Detection: Orca now identifies when workloads, identities, and processes interact with AI models, MCP servers, and third-party AI tools. This enables security teams to understand how AI is being used, detect potential exposure of sensitive data, and implement AI governance based on real runtime activity.
- Orca Missions: Orca groups related findings into Missions—focused remediation initiatives with clear objectives and verification—allowing teams to resolve clusters of risk efficiently and track meaningful improvements in their security posture.
- Code Reachability Analysis: Orca now analyzes whether vulnerable code paths are actually invoked in applications, in addition to identifying vulnerable packages. Combined with Orca’s existing Agentless and Dynamic Reachability Analysis, this provides comprehensive context to help teams prioritize vulnerabilities that are truly exploitable.
These enhancements build on Orca’s agentless-first architecture, which provides deep visibility and risk prioritization across cloud infrastructure, workloads, identities, applications, and now AI systems, without requiring agents.
“Cloud security tools generate an incredible amount of data, but what teams really need is help understanding what to do next,” said Erika Voss, SVP, Chief Security Officer at Blue Yonder. “What stands out about Orca is the way it connects the dots. Instead of spending hours piecing together alerts, our team can see what actually happened, what’s exposed, and where to focus first.”
Orca Security will showcase these new capabilities at RSA Conference 2026 in San Francisco. Attendees can visit Orca at Booth #1035 in the South Hall of Moscone Center to see live demonstrations.
About Orca Security
Orca enables organizations to make cloud security a strategic advantage. With the most comprehensive coverage and visibility across multi-cloud environments, the agentless-first Orca Platform unites teams to eliminate complexities, vulnerabilities and risks. Backed by Temasek, CapitalG, ICONIQ Capital, Redpoint Ventures and others, Orca is trusted by hundreds of organizations, including SAP, Gannett, Autodesk, Lemonade and Digital Turbine. Connect your first account in minutes: https://orca.security or book a personalized demo.
No comments:
Post a Comment