Orca Security Expands Relationship with Google Cloud + Adds Generative AI Features

It’s been a busy year for Orca Security. Back in June, the company announced an expanded relationship with Google Cloud. Earlier this month, Orca released a new generative AI-based tool for asset discovery. Between the two events, Forbes named Orca Security to its 2023 Forbes Cloud 100 list.

News: Asset Discovery with Generative AI

Orca Security was early in adopting generative AI in the cybersecurity space. In January of this year, Orca announced that it was using GPT-3 in its cloud security platform to generate remediation instructions for customers responding to a cloud security risk. The company delivered a significant update in May when it moved away from GPT-3 to fully integrate with OpenAI’s GPT-4 LLM through Microsoft Azure OpenAI Service.

Orca took things further earlier this month by introducing its new generative AI tool for cloud asset discovery. Cloud asset discovery is an essential procedure encompassing the recognition, classification, and mapping of all digital assets in a cloud environment. These assets contain a vast array of elements, such as virtual machines, databases, storage instances, containers, networking components, applications, and more.

The new feature uses its Microsoft Azure OpenAI GPT-4 integration to allow users to query the digital assets within its cloud infrastructure with simple queries using natural language. For example, IT practitioners don’t need to fully understand different naming conventions or complex technical terminology. Orca offered an example of a user simply asking, “which virtual instances are stopped?” with Orca’s platform offering the answer. That’s the power of generative AI.

News: Expanded Relationship with Google Cloud

Back in June, Orca Security expanded its relationship with Google Cloud to enhance the security of cloud workloads. The companies announced that the Orca Cloud Security platform will be integrated with various Google security products, including Google Chronicle, Security Command Center, and VirusTotal. The integration aims to provide a comprehensive and contextually aware security layer for Google Cloud customers, covering infrastructure, workloads, and data, protecting against various risks.

Orca Security’s agentless approach simplifies the complex process of securing cloud assets. By integrating with Google Cloud security tools, Orca will standardize and enhance data across different environments. This coordination allows security teams to utilize Google Cloud telemetry within the Orca platform, offering a unified view of the security landscape.

For example, the integration allows the Orca Platform to send alert data directly to the Google Cloud Security Command Center, enabling security teams to access vulnerability and configuration data across their cloud environments quickly. This streamlined information flow enhances response time and helps mitigate potential threats.

The integration also extends to VirusTotal, enabling security analysts and incident response teams to access additional intelligence on malware detected by the Orca Platform. This provides more context about suspected malware and its potential connection to more significant threats.


There’s no question that the wind is at Orca’s back. A cybersecurity unicorn, Orca is backed by an impressive team of strategic investors funding the company by nearly $630 million at a reported $1.8 billion valuation.

The company is also being recognized for its achievements. Orca was recently named to the Forbes 2023 Cloud 100, an annual list serving as the definitive ranking of the world’s top 100 private cloud companies. That’s one of numerous accolades, including being placed on the 2023 CNBC Disruptor 50 list.

It is challenging to differentiate yourself in cybersecurity, one of the market’s most competitive, crowded segments. Orca Security’s unique approach to protecting cloud workloads, along with a one-two punch of strong innovation and execution, make it a standout in the space.

Disclosure: The author is an industry analyst, and NAND Research an industry analyst firm, that engages in, or has engaged in, research, analysis, and advisory services with many technology companies, which may include those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.