That’s a lot of money for a seed round, but the company, which is led by two former Check Point Security executives, is trying to solve a hard problem around securing applications in the cloud without an agent.
“Orca, as a cloud native security platform, secures both customers’ own cloud native and legacy apps migrated to the cloud without needing agents,” company co-founder and CEO Avi Shua explained. Instead, he says the company uses a concept called “SideScanning,” which he said, “comprehensively examines the entire deployed software stack, discovering vulnerabilities, outdated and deprecated software versions, misconfiguration and other risks.”
This approach works well in a cloud native world where developers are launching applications in the cloud in containers using Kubernetes to orchestrate the containers, precisely because of the agentless approach.
The startup is going after established security vendors like Rapid7 and Tenable by attempting to build a more modern approach to cloud security, one that’s built from the ground up for cloud native constructs. “We didn’t just repurpose security software originally targeted at data center workloads. As such, we can analyze and secure customers’ own cloud-native workloads, migrated legacy workloads and hybrids of the two,” he said.
As a seed investment, it’s still very much early days for the company, which has a 15-person staff. With several beta customers, the startup is looking for ways to build out the product and help customers solve the security problems related to modern software approaches. Today’s funding should help in that regard.