How to Better Secure Your AWS, Azure, and Google Cloud Environments

May 10, 2022 3:00 PM4:00 PM EST

Request The Full Recording

Key Discussion Takeaways

The cloud is the future of workplace data. So, how do you better manage workloads and ensure that all of your cloud environments are secure?

Through the Orca Security platform, one company was able to gain full visibility, resolve 83% of risks, and improve solutions in their cloud platform. With the ability to integrate workflows and operate in just minutes, Orca’s unified platform helped the company prioritize and reduce risk, establishing a safe environment for all of its data stored in the cloud.

In this virtual event, Greg Irwin is joined by Deborah Galea, Director of Product Marketing at Orca Security, to talk about how Orca’s platform can help you secure cloud environments. Deborah shares client success stories, explains why the agentless approach is preferable, and discusses how their platform works in conjunction with other cloud proxy servers.

Here’s a glimpse of what you’ll learn:

 

  • Deborah Galea shares how one Orca Security customer reduced risk using their agentless platform
  • How long does it take to deploy Orca’s solutions?
  • The limitations within Orca’s platform
  • How does Orca manage serverless applications?
  • Blind spots that you could miss with an agent-based solution — and how side-scanning can help
  • How Orca works in conjunction with other cloud proxy servers
Request The Full Recording

Event Partners

Orca Security

Orca Security provides instant-on security and compliance for AWS, Azure, and GCP - without the gaps in coverage, alert fatigue, and operational costs of agents. Simplify security operations with a single SaaS-based cloud security platform for workload and data protection, cloud security posture management, vulnerability management, and compliance management.

Guest Speaker

Deborah Galea

Director of Product Marketing at Orca Security

Deborah Galea is the Director of Product Marketing at Orca Security. Orca Security is revolutionizing cloud security through an agentless platform that detects and prioritizes security risks with 100% visibility. Deborah is a marketing professional with more than 20 years of experience marketing B2B software and SaaS solutions. Prior to joining Orca Security, she worked as a marketing consultant and was the Operations and Digital Marketing Manager for Ascend Analytics.

Greg Irwin LinkedIn

Co-Founder, Co-CEO at BWG Strategy LLC

BWG Strategy is a research platform that provides market intelligence through Event Services, Business Development initiatives, and Market Research services. BWG hosts over 1,800 interactive executive strategy sessions (conference calls and in-person forums) annually that allow senior industry professionals across all sectors to debate fundamental business topics with peers, build brand awareness, gather market intelligence, network with customers/suppliers/partners, and pursue business development opportunities.

Event Moderator

Deborah Galea

Director of Product Marketing at Orca Security

Deborah Galea is the Director of Product Marketing at Orca Security. Orca Security is revolutionizing cloud security through an agentless platform that detects and prioritizes security risks with 100% visibility. Deborah is a marketing professional with more than 20 years of experience marketing B2B software and SaaS solutions. Prior to joining Orca Security, she worked as a marketing consultant and was the Operations and Digital Marketing Manager for Ascend Analytics.

Greg Irwin LinkedIn

Co-Founder, Co-CEO at BWG Strategy LLC

BWG Strategy is a research platform that provides market intelligence through Event Services, Business Development initiatives, and Market Research services. BWG hosts over 1,800 interactive executive strategy sessions (conference calls and in-person forums) annually that allow senior industry professionals across all sectors to debate fundamental business topics with peers, build brand awareness, gather market intelligence, network with customers/suppliers/partners, and pursue business development opportunities.

Request the Full Recording

Please enter your information to request a copy of the post-event written summary or recording!

Need help with something else?

Tiffany Serbus-Gustaveson

Senior Digital Strategist at BWG Connect


BWG Connect provides executive strategy & networking sessions that help brands from any industry with their overall business planning and execution.

Senior Digital Strategist Tiffany Serbus-Gustaveson runs the group & connects with dozens of brand executives every week, always for free.


Schedule a free consultation call

Discussion Transcription

Greg Irwin  0:18  

I'm Greg Irwin over at BWG, here with Deborah Galea. And we're going to be talking about cloud security. Let me just give the basic intro here. And you know, you'll get a handle of it here. Before long. We've been hosting this series with Orca Security now for the year. And it's been fantastic. It's definitely one of the key topics, that we're finding the community interested in terms of how to better manage all these workloads that have moved to the cloud, will do a quick intro, but it's not going to be a real overview of Orca Security, per se. We'll do a little bit of that with Deborah. But then we're gonna go around the group and talk about kind of the practical steps and actions that you all are, are taking lessons learned, recommendations, questions that you've got in terms of securing your environment, it's definitely always interesting and useful to hear from, from each other. So as we go around the group, I'm going to, I'm going to invite people in to share stories. And it might be a really tactical story, or it might be a very in depth story, your choice. But it's it's much more fun when everyone participants. And what I ask is that we should walk away today, with everybody making, make a goal, make a an ad, make an effort to connect with one person and across this grid, one, one new person, make one new relationship, you can go over LinkedIn, the easiest way, or if you if you want, you can come back to Jake or me. And we'll be happy to make make introductions on your behalf. Don't blast everyone knows sales pitches across everyone. But please make an effort to make one new contact across the screen. We use the chat throughout this. And it's incredibly productive as as a feed. So while while someone's telling their story on the sidebar, people can add in their own comments, ask questions, and make sure that we guide the conversation to the things that you all care about. You're all sharing some time with us, let's make sure that we make good use of that. So please be proactive, be involved in this session will be I promise much more valuable to you. Lastly, video. Video is great. If you have it, and you can turn it on. Please do it all improve your engagement, it'll improve the overall experience. If you have kids in the background, cats walking across the keyboard and all that stuff. Fine. Of course we get it. But if you're able to turn it on, please do. Alright, without much further ado, Deborah. Let's get into it. Please introduce yourself to to our to our grid today.

Deborah Galea  3:29  

Okay, so well first of all, Greg, very happy to be here and to meet all of you. So my name is Deborah Galea. I am a Director of Product Marketing at Orca Security. I'm based in Boulder, Colorado. But based on my accent, you can probably hear that I'm not from the US originally, originally from the Netherlands. I've been in cybersecurity more than 20 years now started with anti spam antivirus. I co founded an email security company for Microsoft Exchange Server was and that was acquired in 2014. And I joined Orca Security now a little over a year ago.

Greg Irwin  4:25  

How cool. What do you do at Orca?

Deborah Galea  4:29  

So I in product marketing. So basically I help to you know, tell the story of how our product helps solve business challenges and how we can help improve security in the cloud.

Greg Irwin  4:51  

Awesome. All right, you know, no full sales pitch here. But I think in fairness, what does it Orca Security do? How do you Are you?

Deborah Galea  5:02  

Okay, well, basically, we're a cloud security and compliance platform for AWS, Azure and Google Cloud. And we basically check for risk across the workload and configurations level. So our platform can check for malware vulnerabilities misconfigurations, Iam risk, lateral movement risk, and we also detect sensitive data at risk. And the thing that actually makes Orca different is that we can do all that without single agents. So we are agentless platform.

Greg Irwin  5:50  

How mature Are you? So you're not you're not Palo Alto or Cisco. But give us a sense of, you know, a large deployment in terms of scale and scope of what your your system is able to do.

Deborah Galea  6:07  

Well, we have got 10s of 1000s of workloads and efforts that we are scanning. We started in 2019. And we, we are very quickly growing. So from last year, we were about 50 employees. Now we are 350 employees. So that gives you an idea how fast we are growing. And of course we are scaling we are our customers are growing, we're getting bigger customers. And we also really, what's very exciting about Orca is that we are really expanding the capabilities of our platform. And it's going really fast. So I don't

Greg Irwin  7:02  

have insurance not not the full pitch, but you guys on unicorn, I know you raise like half a billion dollars. And yes, you're doing you're doing something right? For sure. Yes. All right. What I'd like to do is, I'd like you to tell a story of one customer, if you can share their name great. If not, that's fine. We care, I care more about the basics of how the deployment was like what the scope of it was. And really, really how it's worked. So I want to I want to ask a little bit about how the reporting is being used, and how it actually improves the risk posture of the business. And while we do that, I'm going to ask everybody else, let's, let's get involved. So please, in the chat, I would like everybody to do this layer and to hear one thing, one topic that you'd like to hear about, if not from Deborah, than from one of your peers. And let's make sure we understand where the concerns are. It could be around certain types of work workloads, it could be serverless, it could be Google, it could be anything. But I'd like to see you all share with us the one thing that you'd like to hear about from Deborah or others. So please drop that right into the chat as we go. Or Deborah, let's get at it. Tell us about one customer story, please.

Deborah Galea  8:28  

So yeah, we I'm happy to say that we can share the customer name in this case. This is about an insurance provider called lemonade. I don't know if you've heard of them. They are probably newer, newer player in the market. All their businesses online. So they're very tech heavy. And they have all their assets in the cloud. So they're very cloud forward. And they sell the currency so Jonathan enjoined lemonade in 2020. And when he joined, he realised there was a big problem because they had most of their assets in AWS, but they did not have full visibility. And so they started to evaluate several solutions. Orca was one of them. lacework Paulo Prisma. But, of course the other two are based on agents. And they quickly realised that with agents you can't get 100% visibility. Actually, we even find is more closer to 50% of visibility. Because sometimes because of shadow IT security doesn't even know that These assets have been spun up. But even if security knows they may not even have had time to instal an agent, or sometimes older OSS don't support agents. So they on that, in that sense, they immediately liked Orca. Also, because it's agentless, the DevOps team, the DevOps team. You know, they're not that keen on having to instal agents, they have a performance hit. So Orca was ahead in the race on that aspect. But there was another important aspect. They found that, for instance, lacework, they provided a lot of alerts. So many, in fact, that they just became totally overwhelmed. And I didn't know where to start. And this is I think we're at work a really provided benefit. Because with Orca, you really also get this risk, prioritization and Orca can, because it has this insight into the context, it can show you which risks are the most important. Right? So and that's how it really helped LEM need to see like, what are the top five malware risks? What are the top five vulnerabilities? We, you know, we're going to focus on fixing those didn't overwhelm the team.

Greg Irwin  11:36  

So tell us a little bit about what you found?

Deborah Galea  11:39  

Well, yeah, they found, you know, lots of risks, some more critical than others. They and after using Oracle, they say that they were able to reduce the number of risks, open risks to 1/6 of the original size. So you know, about 83 potential risks, they were able to resolve that left them with about 20%. And, you know, that's ongoing, of course, there are new risks coming up. But now it's a much more manageable level, smaller amount of risks that they can keep on monitoring, and they don't feel overwhelmed by and of course, their their cloud environment is much more secure. If you think that they were able to reduce the risk by 80%. After having deployed Orca, how long does it take to deploy? It actually takes we say 30 minutes, but it could actually repeat them. And it's, it's just a matter of plugging in your account details. your cloud provider account details. Orca connects to your account, and it will immediately start scanning. And within a couple of hours, you will already see the risks that Oracle found.

Greg Irwin  13:12  

While third, 30 minutes and then but how it doesn't take much of an operational change in terms of giving this to the risk team. And then being able to make use of the information in terms of where it fits into somebody's processing workflow.

Deborah Galea  13:30  

It can actually integrate with workflows. So it integrates with Jireh. With ServiceNow. You can use pager duty, Slack, whatever you are using. We have a lot of third party integrations we have over 40, I think. And so any type of workflows you're using, we can fit in

Greg Irwin  13:58  

with that. All right, very good. Deborah, it's pretty straightforward. What are some of the difficult things? What what makes? What are some of the challenges? I mean, you make it sound very easy. You turn it on in 10 minutes, you've got it. It fits into your workflows and you solve 80% of risk that you didn't know you had. Sounds good. What are some of the environments or situations where it's not so straightforward, where some extra time is needed, where some thought, you know, what, what, you know, tell us about some of the real world complexity.

Deborah Galea  14:35  

Well, currently, origami supports the three cloud platform, the three largest cloud platform providers, we are adding more about. So that is the restriction. One other restriction is that we only support departments. So excuse me. That's my dog barking Okay. We already support public clouds. So we do not support on premise or hybrid. Yeah. Yeah. So that is a limitation of the platform?

Greg Irwin  15:18  

Yeah. Do you get that requests from clients to basically extend the same kind of scanning down to their, their own, you know, to their own data centres? Or to a manage this?

Deborah Galea  15:30  

We do get that question. You know, our answer is mainly Well, you know, we see the future is the cloud. So most companies are moving everything to the cloud. So at some point, there is only going to be cloud. Yeah, it'll take a while, but that's where it's gonna go. And so that's why we are focusing basically on that area mainly. The only thing is with Orca does not put policy. So it doesn't actually change anything we are only detecting. So our platform will detect if the, you know, something is not conforming with your policies. And those policies will be the same across any cloud provider. So that is actually the big benefit of having Orca. Because you don't have to deal with separate tools per cloud provider, you won't have to, you know, make sure that the policies are aligned, which is, you know, if products are different, that's a huge lesson not so easy to do it. So it's pretty complex. And Orca really reduces that because you can just set one policy and it will be the same policy across

Greg Irwin  17:01  

all three platforms. And Orca actually

Deborah Galea  17:08  

has controls already in in the product, you can also create your own. So for instance, there are lots of compliance checks as well. And CIS benchmarks are already pre configured, you can just random or maybe you want to change them, or you want to make your own policies, that's possible. But a lot of it is already plug and play. You know, there

Greg Irwin  17:34  

was a question earlier, Deborah on serverless. How does, how do you do and with serverless applications? And serverless services? Especially? Not applications? Yeah. How do you how do you manage? Yeah, actually, well,

Deborah Galea  17:49  

Orca, it's all the same, it can be Vm, it can be serverless can be container Kubernetes doesn't matter, it's just going to scan everything and look for risks inside those applications, whatever way they are running, basically. That's such a good point. Because that is actually in the work. Orca actually, in a couple of months, and we know that this is a huge issue, API security. You know, the use of API's is just a huge, you know, been expanding a lot. And yeah, so that's something we are definitely working on. And we will be integrating into the platform. So it will be awesome. Also discovery. So firstly, you know, which API's are you actually using. And then there will be it will not be prevention, it will be more detection. So perhaps we know, well, there's an API and we know there's a problem, there's a vulnerability or something, we would then send an alert and say, Look, this, you know, fix this or do something about it. So that's more how it works more like monitoring service. I think like you said, it depends who you talk to, but ya know, definitely. You do get the depths. Definitely with Orca you do. And probably the best way to see that is just to like, experience it yourself because then you'll see how deeply we go, we actually have a lot of details we can drill down. And you know, you can go down to the  deepest level. And when you said, lacework and Palo Alto use the same API's, yes. But that is on the cloud misconfigurations level or cloud an IAM risk, but not the workload, because that is where you need the agent. And that's where we are agentless. Because a lot of vendors do claim that they're agentless. But that's because they just they don't look at workloads, they only look at figurations. So by looking at the workload, you can look at the vulnerability to malware, you know, you'll get a lot more insight than only looking at configurations. And but I can give you one example, actually just in the news a couple of days ago, where this was discovered by Mandiant, and they found a botnet in an environment have been there for 18 months. And the reason that they have no idea it was there is because they were using an agent based security solution. But they couldn't install their agents, because it was an uncommon Linux OS that they were using. So it was completely not secured. And that's a huge blind spot. And unfortunately, someone found it and they took advantage of it. So and really, with agents, we know it's much more than, you know, it's definitely going to be about 50%, that you're going to be missing. And you're just crossing your fingers and hoping that an attacker is not going to find those vulnerable VMs or instances. So I think the thing is that we don't use API's for that we, we actually scan the workload runtime block storage. So we use API's to get all the configuration information. But when we do workload scanning, we scan, we use our proprietary technology called side scanning, that's what enables us to be an agentless cloud workload protection platform, because all cloud security posture management solutions are agentless. They're all agentless. But the difference is that we are also securing cloud workloads. And instead of installing an agent, we actually scan the wrong data and workloads run time block storage. We do that out of band, you there. It's read only, and there's absolutely no performance impact, which is not the case with agents, because of course, they're not having performance impact. So we're not using API's. If we use only API's, no, you're right, we would not get we would miss Miss maybe half of what our platform finds. So that's that's how we do the workload workload, deep scanning. Deborah, there

Greg Irwin  23:30  

are a couple points I'm going to pick up here from Austin. First, just visibility. I mean, in terms of not not so much for configurations, but just recognising what assets you've got. How much of the To what extent is Orca being used or is able to provide just a sense of overall visibility of your environment?

Deborah Galea  23:53  

Yeah, so what it does the first thing basically that Orca grabs, when it starts scanning, it creates an asset inventory. So you will have a list of everything in your cloud environment. And it will be continually updated. So if someone does spin up a new VM, it's going to be there it's basically a set it and forget it. Platform. And we have a lot of customers actually who that's the only thing they want at first. They just want I want to know what's in my clan. Yeah. And then but then they start realising Well, Orca can actually do much more weight. We can do this with Orca, we can do that. So that is so important that some customers that's the only reason they come to us at the beginning. Yeah, and they know that you know, there's nothing we're going to miss because everything guaranteed 100% is in that

Greg Irwin  24:55  

list. We're not going to miss anything. Oh, and now the comparison here to Prisma or Zscaler. In terms of cloud proxy, where do you fit in overlap or in conjunction with the cloud proxy?

Deborah Galea  25:16  

What do you mean by cloud proxy?

Greg Irwin  25:18  

A cloud proxy server? If Aasif is running his environment and running traffic through through Palo Alto Prisma. How do you work in conjunction with that kind of a service? Okay,

Deborah Galea  25:32  

so Prisma Prisma cloud that is basically a cloud, it works in the same way as Orca, but then it uses agents. But I think what Steve was mentioning, I think two things. So one is the ability to integrate into existing workflows. So Orca does in integrate with, you know, Jirah, ServiceNow. pager duty Splunk, we have so many integrations so that you can keep on working the same way as you were. But now you have all orcas capabilities as well. And then the second thing I think, that you mentioned was that there's basically an alert overload. And that's what we've also many of these tools have that also lacework is another one where we have heard people say that that's also alert overload. And the reason why Orca can is better at this is because it has this unified platform. We built this from the ground up to look at both workloads and configurations. Now, some other products, by far have started maybe at the workload or started at configuration, then maybe they bolt on another solution, and then they have both, but actually, it's not the same as building it as one platform because you don't have that insight if you don't start from scratch. And that allows Orca to really understand, okay, there's this risk on this machine. Now, is that going to access does that somehow give access to our, what we call Crown Jewels, or I think I heard someone else say golden eggs, critical assets basically. And then, of course, we we will prioritize that if that's the case. But if you have malware maybe or you have a vulnerability of severity 10, but its own shame that is not accessed by the Internet and is actually stopped. But that's not going to we don't want our team to be focusing on that when there's actually another vulnerability may be with a lower severity, but actually that's going to immediately impact your PII, it's going to your sensitive data or otherwise other critical assets, then, Orcawould prioritize those risks so that you can be what we call remediating strategically.

Greg Irwin  28:23  

Yeah. Very good. I think it's been a good check in across the board here. Why don't we wrap up our session? All right, Deborah, I want to thank you and everybody, why don't we will spin the wheel. And but before I do, just reminder, please take take take that seriously in terms of connecting across the group asked here for any intros that are relevant. And of course, you know, the benefit and purpose of of Orca doing this with us is to get their name out. And if you want to learn more about your how they can help your specific environment, please, please connect with them. And we'll be setting up those interests I hate. Thank you all for joining today. Deborah, thank you so much for your time. Thank you. I'm looking forward to seeing everybody in the future. Thank you all.

Read More
Read Less

What is BWG Connect?

BWG Connect provides executive strategy & networking sessions that help brands from any industry with their overall business planning and execution. BWG has built an exclusive network of 125,000+ senior professionals and hosts over 2,000 virtual and in-person networking events on an annual basis.
envelopephone-handsetcrossmenu linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram