Product: SideScanning Technology
Company: Orca Security
Orca Security created SideScanning technology, a patent-pending solution designed to protect cloud-based networks and infrastructures by replacing traditional workload protection programs and legacy vulnerability assessment tools. The agentless solution is simple to deploy and uses read-only access, according to Avi Shua, CEO and co-founder of Orca Security.
"We built a technology, which is patent pending, called SideScanning that enables us to scan cloud environments in a non-invasive way, similar to performing an MRI, by scanning a network and building an image without touching anything," Shua said. "The business value is allowing security teams to have visibility in the environment and identify areas that need to be fixed."
Shua also noted that SideScanning technology can perform a deep scan of an entire cloud estate without leaving any gaps in coverage and without the costly use of agents. This enables network administrators to implement a range of PCI-DSS workload controls such as vulnerability management, malware scanning and file integrity monitoring, he stated.
Shua pointed out that Orca Security is focused on maximizing the three C's: comprehensiveness, coverage and context. Comprehensive coverage provides a thorough, multidimensional view of the cloud environment and its vast interconnected web of assets. Contextual coverage prioritizes risk based on environmental context, replacing generic security alerts and going a step further by pinpointing critical vulnerabilities and providing a precise pathway to remediation, he noted.
Comprehensive, contextual security coverage saves time and money and simplifies compliance, Shua added. In addition to its advanced capabilities and coverage, SideScanning technology documents security capabilities to show regulators how networks identify and protect PII and continuously monitor and detect vulnerabilities, malware, and improperly secured secrets. These capabilities and their documented audit trails help network administrators address PCI-DSS, SOC2, PSD2, and GDPR requirements, Shua stated, adding that SideScanning technology is easy to deploy. When used as a subscription service or within a cloud environment, SideScanning technology ensures sensitive data never leaves an environment, the company stated, adding that both solutions enable users to quickly detect vulnerabilities, malware, misconfigurations, lateral movement risk, weak and leaked passwords, and unsecured PII in cloud environments.
Shua has observed that network security has changed over the past decade. Financial institutions that previously waited a year for a new software feature now expect it next week, yet despite changes, group dynamics have stayed the same, he noted. Developers focus on fixing, developing and changing code and delivering software; security teams are responsible for making sure there are no critical mistakes; by definition friction occurs between these teams, he stated.
"Before you even look at security technology, it's important to understand three different types of communication that I've witnessed in discussions between these teams," Shua said. He summarized the discussions into three main categories as follows:
The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.Prev Next