Home > News > featured news > Orca Announces New Capabilities to Optimize Cloud Security and Cost

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Orca Announces New Capabilities to Optimize Cloud Security and Cost

Orca Security | February 17, 2023 | Read time : 04:00 min

Orca Announces New Capabilities to Optimize Cloud Security and Cost

On February 16, 2023, Orca Security, a pioneer in agentless cloud security, announced that the Orca Cloud Security Platform now includes a cloud cost optimization framework, which assists organizations in reducing unnecessary cloud consumption and optimizing cloud costs while providing unrivaled security with the deepest and broadest visibility.

By using its proprietary SideScanning™ technology, Orca is now applying unparalleled insights into cloud environments, thereby allowing organizations to track and manage cloud spend. Unlike other cloud cost management tools, Orca's platform has the ability to identify more opportunities for cloud cost savings by having a deeper understanding of cloud workloads and their operations.

Despite considering cost efficiency a motivator for cloud adoption, several organizations are experiencing high expenses in their monthly cloud bills, mainly due to underutilization and forgotten cloud infrastructure resources. The 2022 State of the Cloud Report by Flexera indicates that organizations lose up to 32% of their monthly cloud expenses.

Orca's Cloud Cost Optimization feature addresses the problem of wasteful cloud spending by continuously aggregating relevant alerts about unnecessary cloud infrastructure spending across all supported cloud service providers. These providers include Microsoft Azure, Amazon Web Services, Google Cloud, and Alibaba Cloud. In addition, the Orca platform simplifies the cost optimization process by categorizing alerts based on cloud infrastructure that is causing excessive spending, such as virtual machines, databases, keys, and load balancers, making deallocation quick and easy for organizations.

Even though Stopped VMs on Google Cloud and AWS and deallocated VMs on Azure do not incur charges, many organizations are unaware that they still incur costs for the resources associated with those VMs until they are deleted. Orca assists organizations in recognizing resources attached to stopped or deallocated VMs to avoid incurring undesired charges, including Elastic IP addresses and EBS volumes on AWS, OS and data storage disks on Azure, and persistent disks and external IP addresses on Google Cloud.

About Orca Security

Founded in 2019, Orca Security is a leading global firm that provides agentless cloud security solutions to hundreds of enterprises. Its Cloud Security Platform can detect, prioritize, and fix security risks and compliance issues across cloud environments such as Azure, AWS, Google Cloud, and Kubernetes. The company's patented SideScanning™ technology and Unified Data Model make security possible for organizations moving to and scaling in the cloud and enable them to secure their cloud infrastructure while providing comprehensive coverage and visibility of all risks. With continuous first-to-market innovations, the Orca Platform ensures security teams can quickly identify and remediate risks, keeping businesses secure.

Spotlight

Navigating the Changing Cyber Landscape in Australia

Those high profile data breaches led to a swift response from the Government with the penalties for serious or repeated privacy breaches increased from $2.22 million to a minimum of $50 million at the end of December. Since then, the Government has released the Privacy Act Review Report and the 2023-2030 Australian Cyber Security Strategy that signpost a significant shift for Australia’s cyber landscape. Critical infrastructure; personal information; cyber security; dealing with ransomware attacks – all are likely to be shaken up.

More featured news

Spotlight

Navigating the Changing Cyber Landscape in Australia

Those high profile data breaches led to a swift response from the Government with the penalties for serious or repeated privacy breaches increased from $2.22 million to a minimum of $50 million at the end of December. Since then, the Government has released the Privacy Act Review Report and the 2023-2030 Australian Cyber Security Strategy that signpost a significant shift for Australia’s cyber landscape. Critical infrastructure; personal information; cyber security; dealing with ransomware attacks – all are likely to be shaken up.

Related News

DATA SECURITY, SOFTWARE SECURITY

Virtru Joins NIST NCCoE Data Security Consortium

Virtru | March 03, 2023

On March 2, 2023, Virtru, a prominent figure in data-centric security and privacy, announced its involvement in NIST's National Cybersecurity Center of Excellence (NCCoE) Data Classification Practices: Facilitating Data-Centric Security Management initiative. As part of a team of global technology leaders, Virtru will collaborate with NIST to develop recommended data classification and data-centric security practices, which will protect data while supporting business practices and transactions. The goal of this collaborative effort is to promote data-centric security on a larger scale. As systems become more mobile, dispersed and shared across different environments and stewardship, traditional network-centric security measures are increasingly ineffective at protecting information. Data-centric security aims to safeguard data at the object level by securing it directly rather than simply securing the systems and networks that store and transmit it. Organizations employing this approach can identify their data, its characteristics, and the security and privacy requirements needed to control and protect it fully. Virtru has a long-standing history of partnering with the public- and private-sector organizations to achieve data-centric security, serving the federal intelligence community, the largest financial institutions globally, and over 8,000 organizations worldwide. Virtru's technology enables organizations to enforce policy, encryption and access controls directly to data being transmitted via files, emails and SaaS applications while allowing organizations to manage their encryption keys for complete control and data sovereignty. Virtru's Chief Technology Officer, Will Ackerly, commented, "Data-centric security is central to everything we do at Virtru," He further emphasized, "Our goal is to enable the mission — that means moving data freely, but securely. Being a member of NIST's NCCoE Data Classification project is a manifestation of more than a decade of hard work. By tagging data appropriately, we can help ensure public- and private-sector organizations can trust that their data will be used and shared appropriately, just as the data creator intended. This is vital to the future of collaboration." (Source – Globe Newswire) About Virtru Virtru is a leading data security and privacy solutions provider. With end-to-end encryption for major data-sharing platforms like Microsoft and Google, it helps customers take charge of their data wherever it is shared. It empowers organizations to keep control of their data by ensuring that it is protected everywhere it is stored and shared. The company is trusted by over 8,000 customers worldwide and is dedicated to safeguarding their sensitive data according to the highest security standards. Its Trusted Data Format (TDF) is an industry standard that provides persistent data protection through encryption technology for data shared via email, collaboration tools, cloud environments, and enterprise SaaS applications.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Cloudflare Equips Organizations with the Zero Trust Security They Need to Safely Use Generative AI

Businesswire | May 16, 2023

Cloudflare, Inc. (NYSE: NET), the security, performance, and reliability company helping to build a better Internet, today extended its single-vendor SASE platform, Cloudflare One, to generative artificial intelligence (AI) services. Cloudflare One for AI, a suite of Zero Trust security controls, will enable enterprises to safely and securely use the latest generative AI tools without putting intellectual property and customer data at risk. With every transformative step forward in technology, from mobile phones to cloud computing, there are new security threats that rise to the surface. Major companies have banned the use of popular generative AI chat apps because of sensitive data leaks, and Italy instituted a temporary ban on generative AI tools for inadequate user data protections. According to a KPMG survey on generative AI, AI is expected to have an enormous impact on business, but the majority of US executives surveyed are years away from implementing it; cyber security (81%) and data privacy (78%) are the most top of mind concerns for leaders. CISOs and CIOs need to strike a balance between enabling transformative innovation through AI and still maintaining compliance with data privacy regulations. Whether it’s an employee experimenting with AI, or a company initiative, once proprietary data is exposed to AI, there is no way to reverse it. "AI holds incredible promise, but without proper guardrails it can create significant risks for businesses. It is far too easy, by default, to upload sensitive internal or customer data to AI tools. Once the data is used for training AI, it is virtually impossible to get it out," explained Matthew Prince, co-founder and CEO of Cloudflare. "If you were going to let a class of university students rummage around in your internal data, you'd of course put clear rules in place on what data they can access and how it can be used in their education. Cloudflare's Zero Trust products are the first to provide the guard rails for AI tools, so businesses can take advantage of the opportunity AI unlocks while ensuring only the data you want to expose gets shared." Cloudflare One for AI provides a simple, fast, and secure way for companies to safely build using the latest generative AI technologies, without compromising security or performance. With Cloudflare One, companies can gain visibility into and measure AI tool usage, prevent data loss, and manage integrations: Cloudflare Gateway helps companies observe how many employees are experimenting with AI services, and adds context when planning for budgets and enterprise licensing. Service tokens give administrators a clear log of API requests, control over the specific services that can access AI training data, and the ability to revoke tokens with a single click when building ChatGPT plugins for internal and external use. Cloudflare Tunnel provides an encrypted, outbound-only connection to Cloudflare’s network. Every request will be checked against the access rules configured for services protected by Cloudflare One or when teams are ready to allow an AI service to connect to their infrastructure. Cloudflare’s Data Loss Prevention (DLP) service provides a safeguard to close the human gap in how employees may share data. Simple pre-configured options can check for data that looks like social security numbers or credit card numbers, and custom scans can look for patterns based on data configurations for a specific team. More granular rules can even allow select users to experiment with projects containing sensitive data, with stronger limitations on the majority of teams and employees.Cloudflare's cloud access security broker (CASB) service gives comprehensive visibility and control over SaaS apps. Soon, Cloudflare CASB will be able to scan the AI tools that your team uses to detect misconfiguration and misuse. Generative AI is an exciting technology with the promise to transform how we work. As this technology evolves and new tools and plugins are developed, Cloudflare’s platform approach to security will ensure that enterprises everywhere can embrace these productivity enhancements without creating bottlenecks and ensure compliance with the latest regulations. About Cloudflare Cloudflare, Inc. (www.cloudflare.com / @cloudflare) is on a mission to help build a better Internet. Cloudflare’s suite of products protect and accelerate any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare have all web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was awarded by Reuters Events for Global Responsible Business in 2020, named to Fast Company's Most Innovative Companies in 2021, and ranked among Newsweek's Top 100 Most Loved Workplaces in 2022.

Read More

DATA SECURITY, SOFTWARE SECURITY, WEB SECURITY TOOLS

Interos Enhances Industry-First Operational Resilience Score

Interos Inc | March 10, 2023

On March 9, 2023, Interos, one of the leading operational resilience companies creating the world's strongest, safest, and most secure supply chains, announced the introduction of its upgraded cyber risk factor, a part of its i-ScoreTM measurement of operational resilience. The Interos i-Score is the first of its kind resilience score that assesses the health of extended supply chains against multiple risk factors, such as restriction, financial, geopolitical, operations/catastrophe, ESG, and cyber. The i-Score update includes an innovative cyber behavior model to detect potentially harmful cyber activity irrespective of public disclosure, commercial cyber ratings, threat assessment (Mitre ATT&CK®), vulnerability information (CVEs), regulatory compliance, cyber events, and operating country issues into a single score. This advancement directs cyber risk and procurement managers to their multi-tiered vendors most exposed to ransomware, breaches, data leakage, and other cyber-attacks carried out by malicious attackers who target suppliers concealed in the extended global supply chain. Interos's 2022 Resilience study of 1,500 cybersecurity and procurement leaders found that cyber incidents cause supply chain disruptions that cost businesses $37M each year. Andrea Little Limbago, SVP, Research & Analysis, Interos, said, "This is another crucial step forward in helping organizations achieve operational resilience." She further mentioned, "We've added new, proprietary models that integrate and assess data on cloud-based risk exposure, evaluate anomalous cyber behavior, measure regulatory compliance risks and more. It's designed to deliver better and faster information to CPOs partnering with CISOs — who are increasingly being held accountable for collective cyber resilience — to respond to more frequent and severe supply chain cyberattacks, with enhanced monitoring of vendors and third-party service providers." (Source – Cision PR Newswire) About Interos Inc Founded in 2005, Interos is one of the leading operational resilience companies. The company's first-of-its-kind scoring and relationship discovery technologies automate evaluation, detection, and response to risks. As the only operational resilience platform in the world, it protects customers from unethical labor, regulatory violations, cyberattacks, disasters, bankruptcy, and other supplier vulnerabilities. Interos is based in Washington, DC, and has clients all over the world, including NASA, the U.S. Department of Defense, and a number of Global Fortune 500 companies.

Read More

DATA SECURITY, SOFTWARE SECURITY

Virtru Joins NIST NCCoE Data Security Consortium

Virtru | March 03, 2023

On March 2, 2023, Virtru, a prominent figure in data-centric security and privacy, announced its involvement in NIST's National Cybersecurity Center of Excellence (NCCoE) Data Classification Practices: Facilitating Data-Centric Security Management initiative. As part of a team of global technology leaders, Virtru will collaborate with NIST to develop recommended data classification and data-centric security practices, which will protect data while supporting business practices and transactions. The goal of this collaborative effort is to promote data-centric security on a larger scale. As systems become more mobile, dispersed and shared across different environments and stewardship, traditional network-centric security measures are increasingly ineffective at protecting information. Data-centric security aims to safeguard data at the object level by securing it directly rather than simply securing the systems and networks that store and transmit it. Organizations employing this approach can identify their data, its characteristics, and the security and privacy requirements needed to control and protect it fully. Virtru has a long-standing history of partnering with the public- and private-sector organizations to achieve data-centric security, serving the federal intelligence community, the largest financial institutions globally, and over 8,000 organizations worldwide. Virtru's technology enables organizations to enforce policy, encryption and access controls directly to data being transmitted via files, emails and SaaS applications while allowing organizations to manage their encryption keys for complete control and data sovereignty. Virtru's Chief Technology Officer, Will Ackerly, commented, "Data-centric security is central to everything we do at Virtru," He further emphasized, "Our goal is to enable the mission — that means moving data freely, but securely. Being a member of NIST's NCCoE Data Classification project is a manifestation of more than a decade of hard work. By tagging data appropriately, we can help ensure public- and private-sector organizations can trust that their data will be used and shared appropriately, just as the data creator intended. This is vital to the future of collaboration." (Source – Globe Newswire) About Virtru Virtru is a leading data security and privacy solutions provider. With end-to-end encryption for major data-sharing platforms like Microsoft and Google, it helps customers take charge of their data wherever it is shared. It empowers organizations to keep control of their data by ensuring that it is protected everywhere it is stored and shared. The company is trusted by over 8,000 customers worldwide and is dedicated to safeguarding their sensitive data according to the highest security standards. Its Trusted Data Format (TDF) is an industry standard that provides persistent data protection through encryption technology for data shared via email, collaboration tools, cloud environments, and enterprise SaaS applications.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Cloudflare Equips Organizations with the Zero Trust Security They Need to Safely Use Generative AI

Businesswire | May 16, 2023

Cloudflare, Inc. (NYSE: NET), the security, performance, and reliability company helping to build a better Internet, today extended its single-vendor SASE platform, Cloudflare One, to generative artificial intelligence (AI) services. Cloudflare One for AI, a suite of Zero Trust security controls, will enable enterprises to safely and securely use the latest generative AI tools without putting intellectual property and customer data at risk. With every transformative step forward in technology, from mobile phones to cloud computing, there are new security threats that rise to the surface. Major companies have banned the use of popular generative AI chat apps because of sensitive data leaks, and Italy instituted a temporary ban on generative AI tools for inadequate user data protections. According to a KPMG survey on generative AI, AI is expected to have an enormous impact on business, but the majority of US executives surveyed are years away from implementing it; cyber security (81%) and data privacy (78%) are the most top of mind concerns for leaders. CISOs and CIOs need to strike a balance between enabling transformative innovation through AI and still maintaining compliance with data privacy regulations. Whether it’s an employee experimenting with AI, or a company initiative, once proprietary data is exposed to AI, there is no way to reverse it. "AI holds incredible promise, but without proper guardrails it can create significant risks for businesses. It is far too easy, by default, to upload sensitive internal or customer data to AI tools. Once the data is used for training AI, it is virtually impossible to get it out," explained Matthew Prince, co-founder and CEO of Cloudflare. "If you were going to let a class of university students rummage around in your internal data, you'd of course put clear rules in place on what data they can access and how it can be used in their education. Cloudflare's Zero Trust products are the first to provide the guard rails for AI tools, so businesses can take advantage of the opportunity AI unlocks while ensuring only the data you want to expose gets shared." Cloudflare One for AI provides a simple, fast, and secure way for companies to safely build using the latest generative AI technologies, without compromising security or performance. With Cloudflare One, companies can gain visibility into and measure AI tool usage, prevent data loss, and manage integrations: Cloudflare Gateway helps companies observe how many employees are experimenting with AI services, and adds context when planning for budgets and enterprise licensing. Service tokens give administrators a clear log of API requests, control over the specific services that can access AI training data, and the ability to revoke tokens with a single click when building ChatGPT plugins for internal and external use. Cloudflare Tunnel provides an encrypted, outbound-only connection to Cloudflare’s network. Every request will be checked against the access rules configured for services protected by Cloudflare One or when teams are ready to allow an AI service to connect to their infrastructure. Cloudflare’s Data Loss Prevention (DLP) service provides a safeguard to close the human gap in how employees may share data. Simple pre-configured options can check for data that looks like social security numbers or credit card numbers, and custom scans can look for patterns based on data configurations for a specific team. More granular rules can even allow select users to experiment with projects containing sensitive data, with stronger limitations on the majority of teams and employees.Cloudflare's cloud access security broker (CASB) service gives comprehensive visibility and control over SaaS apps. Soon, Cloudflare CASB will be able to scan the AI tools that your team uses to detect misconfiguration and misuse. Generative AI is an exciting technology with the promise to transform how we work. As this technology evolves and new tools and plugins are developed, Cloudflare’s platform approach to security will ensure that enterprises everywhere can embrace these productivity enhancements without creating bottlenecks and ensure compliance with the latest regulations. About Cloudflare Cloudflare, Inc. (www.cloudflare.com / @cloudflare) is on a mission to help build a better Internet. Cloudflare’s suite of products protect and accelerate any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare have all web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was awarded by Reuters Events for Global Responsible Business in 2020, named to Fast Company's Most Innovative Companies in 2021, and ranked among Newsweek's Top 100 Most Loved Workplaces in 2022.

Read More

DATA SECURITY, SOFTWARE SECURITY, WEB SECURITY TOOLS

Interos Enhances Industry-First Operational Resilience Score

Interos Inc | March 10, 2023

On March 9, 2023, Interos, one of the leading operational resilience companies creating the world's strongest, safest, and most secure supply chains, announced the introduction of its upgraded cyber risk factor, a part of its i-ScoreTM measurement of operational resilience. The Interos i-Score is the first of its kind resilience score that assesses the health of extended supply chains against multiple risk factors, such as restriction, financial, geopolitical, operations/catastrophe, ESG, and cyber. The i-Score update includes an innovative cyber behavior model to detect potentially harmful cyber activity irrespective of public disclosure, commercial cyber ratings, threat assessment (Mitre ATT&CK®), vulnerability information (CVEs), regulatory compliance, cyber events, and operating country issues into a single score. This advancement directs cyber risk and procurement managers to their multi-tiered vendors most exposed to ransomware, breaches, data leakage, and other cyber-attacks carried out by malicious attackers who target suppliers concealed in the extended global supply chain. Interos's 2022 Resilience study of 1,500 cybersecurity and procurement leaders found that cyber incidents cause supply chain disruptions that cost businesses $37M each year. Andrea Little Limbago, SVP, Research & Analysis, Interos, said, "This is another crucial step forward in helping organizations achieve operational resilience." She further mentioned, "We've added new, proprietary models that integrate and assess data on cloud-based risk exposure, evaluate anomalous cyber behavior, measure regulatory compliance risks and more. It's designed to deliver better and faster information to CPOs partnering with CISOs — who are increasingly being held accountable for collective cyber resilience — to respond to more frequent and severe supply chain cyberattacks, with enhanced monitoring of vendors and third-party service providers." (Source – Cision PR Newswire) About Interos Inc Founded in 2005, Interos is one of the leading operational resilience companies. The company's first-of-its-kind scoring and relationship discovery technologies automate evaluation, detection, and response to risks. As the only operational resilience platform in the world, it protects customers from unethical labor, regulatory violations, cyberattacks, disasters, bankruptcy, and other supplier vulnerabilities. Interos is based in Washington, DC, and has clients all over the world, including NASA, the U.S. Department of Defense, and a number of Global Fortune 500 companies.

Read More

More featured news