Orca Platform enhancements use AI to cut cloud alert noise

Orca Security has announced major enhancements to the Orca Platform, introducing new AI-powered security agents, real-time detection of AI usage across cloud environments, remediation-focused workflows, and code reachability analysis. These innovations enable organizations to move beyond fragmented alerts toward faster investigation, clearer prioritization, and measurable risk reduction.

As enterprises accelerate AI adoption and scale across multi-cloud environments, security teams are inundated with alerts yet lack the context and prioritization needed to distinguish real, business-critical risk from background noise. Research shows that 84% of organizations now run AI workloads in the cloud, and 62% already have vulnerable AI packages in their environments. Orca’s latest innovations extend its unified platform to help teams understand threats faster, focus on truly exploitable vulnerabilities, and take action with confidence.

“Security teams don’t need more data. They need to know what actually matters and what to do about it,” said Gil Geron, CEO of Orca Security. “These new capabilities are designed to turn complex cloud risk into clear, actionable guidance so teams can make faster decisions and reduce exposure in a measurable way. That shift from information to action is what ultimately improves security outcomes.”

New platform capabilities include:

• Threat Investigation Agent: Orca’s Threat Investigation Agent automatically analyzes risk, correlates signals across the cloud environment, and produces transparent investigation reports with recommended containment actions.
• AppSec Triage Agent: The new AppSec Triage Agent analyzes SAST findings to identify false positives, reduce alert fatigue, and help teams focus on real vulnerabilities.
• Runtime AI threat detection: Orca now identifies when workloads, identities, and processes interact with AI models, MCP servers, and third-party AI tools. This enables security teams to understand how AI is being used, detect potential exposure of sensitive data, and implement AI governance based on real runtime activity.
• Orca Missions: Orca groups related findings into Missions—focused remediation initiatives with clear objectives and verification—allowing teams to resolve clusters of risk efficiently and track meaningful improvements in their security posture.
• Code Reachability Analysis: Orca now analyzes whether vulnerable code paths are actually invoked in applications, in addition to identifying vulnerable packages. Combined with Orca’s existing Agentless and Dynamic Reachability Analysis, this provides comprehensive context to help teams prioritize vulnerabilities that are truly exploitable.

These enhancements build on Orca’s agentless-first architecture, which provides visibility and risk prioritization across cloud infrastructure, workloads, identities, applications, and now AI systems, without requiring agents.

“Cloud security tools generate an incredible amount of data, but what teams really need is help understanding what to do next,” said Erika Voss, SVP, Chief Security Officer at Blue Yonder. “What stands out about Orca is the way it connects the dots. Instead of spending hours piecing together alerts, our team can see what actually happened, what’s exposed, and where to focus first.”

from Help Net Security https://ift.tt/rEL3kpV

Related Items