# Orca Security **Source:** https://geo.sig.ai/brands/orca-security **Vertical:** Compliance & GRC **Subcategory:** Cloud Compliance Automation **Tier:** Emerging **Website:** orca.security **Last Updated:** 2026-04-14 ## Summary Tel Aviv agentless cloud security with SideScanning technology for AWS/Azure/GCP workload visibility; $550M raised at $1.8B valuation serving 1,000+ enterprises competing with Wiz for CSPM and cloud vulnerability management. ## Company Overview Orca Security is a Tel Aviv-based cloud security platform — backed with $550 million raised at a $1.8 billion valuation from investors including ICONIQ Growth, GGV Capital, and Redpoint — providing enterprises with agentless cloud security visibility, vulnerability management, compliance monitoring, and threat detection across AWS, Azure, GCP, and Kubernetes environments through its patented SideScanning technology. Founded in 2019 by Avi Shua and Gil Geron and serving 1,000+ enterprise customers including Box, Databricks, and Postman, Orca scans cloud workloads from outside (without installing agents on VMs or containers) to provide complete visibility in minutes. Orca's SideScanning technology reads cloud workload configurations, package inventories, and file contents directly from cloud storage snapshots rather than through network-based scanning or agent deployment on each asset — the agentless approach provides full visibility into cloud configurations (open ports, encryption status, IAM permissions), installed packages and vulnerabilities (CVEs, patches), and sensitive data exposure (PII, credentials in files) without the operational overhead of agent lifecycle management. The context-aware risk prioritization (ranking vulnerabilities by the actual attack path risk — a critical CVE on an internet-facing VM with admin credentials is higher priority than the same CVE on an internal, isolated instance) reduces the 10,000+ alerts most cloud security tools generate to the 10-50 that actually matter. In 2025, Orca Security competes in the cloud security posture management (CSPM), cloud workload protection (CWPP), and agentless vulnerability management market with Wiz (cloud security, $900M raised at $12B valuation, the market leader), Lacework (cloud security, $1.3B raised, merged with Fortinet in 2024), and Prisma Cloud (Palo Alto Networks, NASDAQ: PANW) for enterprise cloud security platform. Wiz's aggressive growth and Google's $23B acquisition attempt (blocked, 2024) reflected the importance of the cloud security category. Orca's differentiation focuses on depth of coverage (application layer visibility from SideScanning versus Wiz's API-based approach) and the data security capabilities (sensitive data discovery in cloud storage). The 2025 strategy focuses on Orca's AI Security module for AI/LLM workload protection, growing the data security posture management (DSPM) feature, and expanding the international enterprise market. ## Frequently Asked Questions ### What is Orca Security? Orca Security Orca Security reaches $1.8B valuation as agentless cloud security platform, following 2019 Avi Shua founding ### When was Orca Security founded? Orca Security was founded in 2019 in Tel Aviv, Israel. Avi Shua and Gil Geron (ex-Check Point) founded Orca Security in Tel Aviv in 2019 with agentless SideScanning technology for cloud security, reached $1.8B valuation with comprehensive CSPM and CWPP. ### What are Orca Security's major milestones? Orca Security's history includes several key milestones: 2019: Orca Security Founded Tel Aviv 2020: Series A $6.5M Funding 2021: Series C $210M Unicorn 2022: Series D $340M $1.8B Valuation 2024: Agentless Cloud Security Leader ### What is Orca Security's mission? Orca Security's mission is to Provide complete cloud security without agents using SideScanning technology. ### Who founded Orca Security? Orca Security was founded by Avi Shua. Check Point veterans who built agentless cloud security with SideScanning technology ### What products or services does Orca Security offer? Orca Security Orca Security reaches $1.8B valuation as agentless cloud security platform, following 2019 Avi Shua founding ### How does Orca's SideScanning technology work without installing agents on cloud workloads? Orca's SideScanning reads the runtime block storage of cloud workloads (AWS EBS snapshots, Azure managed disk snapshots, GCP disk snapshots) out-of-band, without any network connectivity to live workloads or installing software agents. This approach gives Orca complete visibility into OS configurations, installed packages, running processes, user accounts, and file system contents within minutes of connecting a cloud account — without any performance impact or the agent lifecycle management burden. The agentless approach means Orca can scan 100% of cloud assets including serverless functions, managed databases, and containers that traditional agents cannot reach. ### What compliance frameworks does Orca Security support and how does it handle multi-cloud environments? Orca supports compliance monitoring for over 35 frameworks including SOC 2, PCI DSS, HIPAA, GDPR, ISO 27001, NIST 800-53, CIS Benchmarks, and cloud provider-specific standards (AWS Well-Architected, Azure Security Benchmark). In multi-cloud environments spanning AWS, Azure, and GCP, Orca provides a unified compliance dashboard showing each framework's compliance posture across all cloud accounts with a single connection per cloud provider — eliminating the need to deploy separate scanning tools per cloud. Alert prioritization uses Orca's Attack Path analysis to surface the vulnerabilities that represent actual exploitation risk rather than every theoretical misconfiguration. ## Tags b2b, cybersecurity, enterprise, saas, security, insurance, fintech --- *Data from geo.sig.ai Brand Intelligence Database. Updated 2026-04-14.*