Orca Security's extended its cloud-based application security platform to feature an attack path analysis capability.
With the new capability, security teams can generate a visual representation of an attack path and view information on each step within the attack chain, Orca stated. This helps security teams avoid alert fatigue, reduce their time-to-remediation and protect against data breaches.
How to Calculate an Attack Path Analysis and Business Impact Score
To calculate an Attack Path Analysis and Business Impact Score, Orca uses an algorithm based on multiple factors found within an attack path, the company indicated. These factors include:
- Severity of a vulnerability and its accessibility
- Lateral movement risk
- Potential access to sensitive data
Orca assigns an overall score (from 0 to 99) to each attack path, the company stated. The score indicates the risk that a cybercriminal will use the path to attack an organization.
Furthermore, security teams can use the new capability to tag their organizations' most important cloud assets, Orca said. This enables security teams to prioritize these assets and how to protect them against cyberattacks.
Orca Security Acquires RapidSec
Orca Security has been growing both organically and through acquisitions. In a December 2021 move, the company purchased RapidSec, an Israeli application security startup. Since that time, Orca has been working to integrate RapidSec's web application protection technology into its offerings.
Orca provides security and compliance for Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP) environments. Organizations can use Orca's CNAPP platform for workload and data protection, cloud security posture management (CSPM) vulnerability management, and compliance.
Furthermore, Orca received a valuation of $1.8 billion in October 2021. The company also offers a Security Partner Program and continues to explore opportunities to engage with MSSPs and MSPs.