Orca Security

Orca Security was founded in 2019 by Avi Shua and Gil Geron, along with six other co-founders who previously held leadership roles at Check Point Security. The founding team leveraged their deep experience in cybersecurity to develop a novel approach to cloud security.

Orca Security found product-market fit as an agentless cloud security platform for enterprises struggling with the complexity of securing their cloud infrastructure. Their key innovation was SideScanning technology, which allows organizations to scan their entire cloud environment without deploying agents or network scanners.

The platform works by connecting to customers' cloud environments through read-only access, then analyzing the block storage of cloud workloads "from the side." This enables Orca to map and assess security risks across AWS, Azure, and Google Cloud environments without impacting performance or requiring complex deployment processes.

Through SideScanning, Orca provides comprehensive visibility into vulnerabilities, malware, misconfigurations, and sensitive data across an organization's cloud estate. Security teams receive contextual alerts based on the actual risk level and business impact, helping them prioritize the most critical issues.

Orca Security is a subscription SaaS company that provides cloud security solutions, pricing based on the number of cloud workloads a customer needs to protect across their compute, data, and runtime environments. The company offers two main product tiers: Orca Essential for early-stage organizations focused on core posture management, and Orca Advanced for enterprises requiring deeper risk analysis and detection capabilities.

The company's pricing starts at $50,000 annually for basic workload scanning, scaling up based on organization size and complexity. For AWS environments specifically, monthly pricing ranges from $7,000 for small starter packs to $30,000 for large deployments covering extensive concurrent workloads.

Orca's key differentiator is its patented SideScanning technology, which enables agentless security scanning across multi-cloud environments without requiring installation of software agents or network scanners. This approach dramatically reduces deployment friction compared to traditional security solutions, enabling rapid customer adoption and expansion. The company employs a land-and-expand strategy, starting with basic security posture management before upselling customers to more advanced capabilities like cloud infrastructure entitlements management, Kubernetes security, and secrets management as their cloud footprint grows.

Orca Security operates in the cloud-native security market, competing primarily against established cybersecurity vendors and emerging cloud security startups.

Palo Alto Networks leads the traditional security vendors with its Prisma Cloud platform, which bundles CSPM and CNAPP capabilities. These incumbents typically rely on agent-based approaches and have strong existing enterprise relationships. In 2022-2023, several acquired cloud security startups to counter emerging threats - Cisco bought Lightspin, CrowdStrike acquired Bionic, and Palo Alto Networks purchased Dig Security. These incumbents often leverage their scale to offer aggressive pricing, including free CNAPP functionality for 2-year terms to retain customers.

Wiz emerged as the fastest-growing competitor, reaching $100M ARR in 18 months by focusing on multi-cloud environments. Like Orca, Wiz offers agentless scanning but targets primarily enterprise customers through a top-down sales motion. Lacework provides cloud workload protection with an emphasis on behavioral analytics and anomaly detection.

Major cloud platforms like AWS, Azure, and Google Cloud offer native security tools integrated into their environments. While these solutions provide basic coverage, they typically lack comprehensive visibility across multi-cloud deployments. GitHub and GitLab have also introduced code scanning capabilities that overlap with some vulnerability detection features, though their tools focus primarily on the development pipeline rather than runtime environments.

The market increasingly favors vendors who can provide comprehensive visibility across multi-cloud environments without requiring agent deployment, while consolidation through acquisitions continues to reshape the competitive landscape.

Orca Security has tailwinds from the growing importance of cybersecurity in cloud environments and has the opportunity to expand into adjacent markets like cloud security, API security, and enterprise-wide security platforms.

The cloud security market represents a massive growth opportunity, expected to reach $77B by 2026. Orca's agentless scanning technology gives it a significant advantage as enterprises accelerate their cloud migration. The company can expand beyond its core CSPM offering into areas like cloud workload protection (CWPP) and cloud infrastructure entitlements management (CIEM), increasing its share of security spend within existing customers.

API security presents another compelling opportunity, with the market projected to exceed $10B by 2032 at a 28% CAGR. Orca can leverage its expertise in cloud-native security to develop developer-first tools for API protection and monitoring. This aligns well with their existing product suite and customer base.

With 70% of revenue currently from North America, international markets offer significant growth potential. Orca has already begun expanding its presence in Asia Pacific and Japan, growing its channel partner network 3x in 2022. The company can replicate its successful enterprise-focused sales motion in new regions while adapting to local security requirements and compliance frameworks.

Orca has demonstrated success in expanding revenue through strategic product bundling. When it added Code and Infrastructure-as-Code capabilities to its core offering, the company was able to double subscription prices. Similar opportunities exist as Orca moves into cloud security orchestration and automated remediation capabilities.

Agentless architecture dependency: Orca's core competitive advantage - its agentless SideScanning technology - relies heavily on cloud providers continuing to allow deep API access to customer environments. If major cloud providers restrict or revoke these privileged access capabilities due to security concerns, it could severely impact Orca's ability to deliver its core value proposition. While the company has strong relationships with cloud providers, this architectural dependency creates meaningful platform risk.

Market positioning conflict: As Orca expands beyond its initial cloud security posture management (CSPM) focus into broader cloud-native application protection (CNAPP), it risks diluting its clear differentiation and entering direct competition with larger incumbents like Palo Alto Networks. Their aggressive expansion could lead to feature bloat and reduced focus on their core technological advantage. The company may struggle to maintain its growth trajectory while competing against vendors who can deeply discount CNAPP features as part of larger security suites.

Enterprise sales transition challenges: Orca's rapid growth has been driven by a product-led motion targeting cloud-native companies. As they push upmarket to justify their $10B+ valuation, they face longer sales cycles and more complex procurement processes with large enterprises. This transition requires significant changes to their go-to-market approach and could impact their historically efficient growth metrics.