Sacra Logo
View PDF
Details
Headquarters
Portland, OR
Website
Home  >  Companies  >  Orca Security
Orca Security
Orca Security is a cybersecurity company specializing in cloud security.

Revenue

$50.00M

2023

Valuation

$1.80B

2023

Funding

$640.00M

2023

Revenue

Sacra estimates Orca Security hit $50M in annual recurring revenue (ARR) in 2023.

Product

Orca Security was founded in 2019 by Avi Shua and Gil Geron, along with six other co-founders who previously held leadership roles at Check Point Security. The founding team leveraged their deep experience in cybersecurity to develop a novel approach to cloud security.

Orca Security found product-market fit as an agentless cloud security platform for enterprises struggling with the complexity of securing their cloud infrastructure. Their key innovation was SideScanning technology, which allows organizations to scan their entire cloud environment without deploying agents or network scanners.

The platform works by connecting to customers' cloud environments through read-only access, then analyzing the block storage of cloud workloads "from the side." This enables Orca to map and assess security risks across AWS, Azure, and Google Cloud environments without impacting performance or requiring complex deployment processes.

Through SideScanning, Orca provides comprehensive visibility into vulnerabilities, malware, misconfigurations, and sensitive data across an organization's cloud estate. Security teams receive contextual alerts based on the actual risk level and business impact, helping them prioritize the most critical issues.

Business Model

Orca Security is a subscription SaaS company that provides cloud security solutions, pricing based on the number of cloud workloads a customer needs to protect across their compute, data, and runtime environments. The company offers two main product tiers: Orca Essential for early-stage organizations focused on core posture management, and Orca Advanced for enterprises requiring deeper risk analysis and detection capabilities.

The company's pricing starts at $50,000 annually for basic workload scanning, scaling up based on organization size and complexity. For AWS environments specifically, monthly pricing ranges from $7,000 for small starter packs to $30,000 for large deployments covering extensive concurrent workloads.

Orca's key differentiator is its patented SideScanning technology, which enables agentless security scanning across multi-cloud environments without requiring installation of software agents or network scanners. This approach dramatically reduces deployment friction compared to traditional security solutions, enabling rapid customer adoption and expansion. The company employs a land-and-expand strategy, starting with basic security posture management before upselling customers to more advanced capabilities like cloud infrastructure entitlements management, Kubernetes security, and secrets management as their cloud footprint grows.

Competition

Orca Security operates in the cloud-native security market, competing primarily against established cybersecurity vendors and emerging cloud security startups.

Legacy security incumbents

Palo Alto Networks leads the traditional security vendors with its Prisma Cloud platform, which bundles CSPM and CNAPP capabilities. These incumbents typically rely on agent-based approaches and have strong existing enterprise relationships. In 2022-2023, several acquired cloud security startups to counter emerging threats - Cisco bought Lightspin, CrowdStrike acquired Bionic, and Palo Alto Networks purchased Dig Security. These incumbents often leverage their scale to offer aggressive pricing, including free CNAPP functionality for 2-year terms to retain customers.

Cloud-native specialists

Wiz emerged as the fastest-growing competitor, reaching $100M ARR in 18 months by focusing on multi-cloud environments. Like Orca, Wiz offers agentless scanning but targets primarily enterprise customers through a top-down sales motion. Lacework provides cloud workload protection with an emphasis on behavioral analytics and anomaly detection.

Platform providers

Major cloud platforms like AWS, Azure, and Google Cloud offer native security tools integrated into their environments. While these solutions provide basic coverage, they typically lack comprehensive visibility across multi-cloud deployments. GitHub and GitLab have also introduced code scanning capabilities that overlap with some vulnerability detection features, though their tools focus primarily on the development pipeline rather than runtime environments.

The market increasingly favors vendors who can provide comprehensive visibility across multi-cloud environments without requiring agent deployment, while consolidation through acquisitions continues to reshape the competitive landscape.

TAM Expansion

Orca Security has tailwinds from the growing importance of cybersecurity in cloud environments and has the opportunity to expand into adjacent markets like cloud security, API security, and enterprise-wide security platforms.

Cloud security expansion

The cloud security market represents a massive growth opportunity, expected to reach $77B by 2026. Orca's agentless scanning technology gives it a significant advantage as enterprises accelerate their cloud migration. The company can expand beyond its core CSPM offering into areas like cloud workload protection (CWPP) and cloud infrastructure entitlements management (CIEM), increasing its share of security spend within existing customers.

New verticals

API security presents another compelling opportunity, with the market projected to exceed $10B by 2032 at a 28% CAGR. Orca can leverage its expertise in cloud-native security to develop developer-first tools for API protection and monitoring. This aligns well with their existing product suite and customer base.

Geographic expansion

With 70% of revenue currently from North America, international markets offer significant growth potential. Orca has already begun expanding its presence in Asia Pacific and Japan, growing its channel partner network 3x in 2022. The company can replicate its successful enterprise-focused sales motion in new regions while adapting to local security requirements and compliance frameworks.

Product bundling

Orca has demonstrated success in expanding revenue through strategic product bundling. When it added Code and Infrastructure-as-Code capabilities to its core offering, the company was able to double subscription prices. Similar opportunities exist as Orca moves into cloud security orchestration and automated remediation capabilities.

Risks

Agentless architecture dependency: Orca's core competitive advantage - its agentless SideScanning technology - relies heavily on cloud providers continuing to allow deep API access to customer environments. If major cloud providers restrict or revoke these privileged access capabilities due to security concerns, it could severely impact Orca's ability to deliver its core value proposition. While the company has strong relationships with cloud providers, this architectural dependency creates meaningful platform risk.

Market positioning conflict: As Orca expands beyond its initial cloud security posture management (CSPM) focus into broader cloud-native application protection (CNAPP), it risks diluting its clear differentiation and entering direct competition with larger incumbents like Palo Alto Networks. Their aggressive expansion could lead to feature bloat and reduced focus on their core technological advantage. The company may struggle to maintain its growth trajectory while competing against vendors who can deeply discount CNAPP features as part of larger security suites.

Enterprise sales transition challenges: Orca's rapid growth has been driven by a product-led motion targeting cloud-native companies. As they push upmarket to justify their $10B+ valuation, they face longer sales cycles and more complex procurement processes with large enterprises. This transition requires significant changes to their go-to-market approach and could impact their historically efficient growth metrics.

News

DISCLAIMERS

This report is for information purposes only and is not to be used or considered as an offer or the solicitation of an offer to sell or to buy or subscribe for securities or other financial instruments. Nothing in this report constitutes investment, legal, accounting or tax advice or a representation that any investment or strategy is suitable or appropriate to your individual circumstances or otherwise constitutes a personal trade recommendation to you.

This research report has been prepared solely by Sacra and should not be considered a product of any person or entity that makes such report available, if any.

Information and opinions presented in the sections of the report were obtained or derived from sources Sacra believes are reliable, but Sacra makes no representation as to their accuracy or completeness. Past performance should not be taken as an indication or guarantee of future performance, and no representation or warranty, express or implied, is made regarding future performance. Information, opinions and estimates contained in this report reflect a determination at its original date of publication by Sacra and are subject to change without notice.

Sacra accepts no liability for loss arising from the use of the material presented in this report, except that this exclusion of liability does not apply to the extent that liability arises under specific statutes or regulations applicable to Sacra. Sacra may have issued, and may in the future issue, other reports that are inconsistent with, and reach different conclusions from, the information presented in this report. Those reports reflect different assumptions, views and analytical methods of the analysts who prepared them and Sacra is under no obligation to ensure that such other reports are brought to the attention of any recipient of this report.

All rights reserved. All material presented in this report, unless specifically indicated otherwise is under copyright to Sacra. Sacra reserves any and all intellectual property rights in the report. All trademarks, service marks and logos used in this report are trademarks or service marks or registered trademarks or service marks of Sacra. Any modification, copying, displaying, distributing, transmitting, publishing, licensing, creating derivative works from, or selling any report is strictly prohibited. None of the material, nor its content, nor any copy of it, may be altered in any way, transmitted to, copied or distributed to any other party, without the prior express written permission of Sacra. Any unauthorized duplication, redistribution or disclosure of this report will result in prosecution.