Orca Security announced significant upgrades to the Orca Platform, adding AI-powered security agents, real-time visibility into AI use across cloud environments, remediation-driven workflows, and code reachability analysis. These enhancements help organizations move beyond scattered alerts to accelerate investigations, improve prioritization, and achieve measurable risk reduction in the AI era.
As enterprises accelerate AI adoption and scale across multi-cloud environments, security teams are inundated with alerts yet lack the context and prioritization needed to distinguish real, business-critical risk from background noise. Orca Security Research shows that 84% of organizations now run AI workloads in the cloud, and 62% already have vulnerable AI packages in their environments. Orca’s latest innovations extend its unified platform to help teams understand threats faster, focus on truly exploitable vulnerabilities, and take action with confidence.
“Security teams don’t need more data. They need to know what actually matters and what to do about it,” said Gil Geron, CEO and co-founder of Orca Security. “These new capabilities are designed to turn complex cloud risk into clear, actionable guidance so teams can make faster decisions and reduce exposure in a measurable way. That shift from information to action is what ultimately improves security outcomes.”
New platform capabilities include:
- Threat Investigation Agent: Orca’s Threat Investigation Agent automatically analyzes risk, correlates signals across the cloud environment, and produces transparent investigation reports with recommended containment actions.
- AppSec Triage Agent: The new AppSec Triage Agent analyzes SAST findings to identify false positives, reduce alert fatigue, and help teams focus on real vulnerabilities.
- Runtime AI Threat Detection: Orca now identifies when workloads, identities, and processes interact with AI models, MCP servers, and third-party AI tools. This enables security teams to understand how AI is being used, detect potential exposure of sensitive data, and implement AI governance based on real runtime activity.
- Orca Missions: Orca groups related findings into Missions—focused remediation initiatives with clear objectives and verification—allowing teams to resolve clusters of risk efficiently and track meaningful improvements in their security posture.
- Code Reachability Analysis: Orca now analyzes whether vulnerable code paths are actually invoked in applications, in addition to identifying vulnerable packages. Combined with Orca’s existing Agentless and Dynamic Reachability Analysis, this provides comprehensive context to help teams prioritize vulnerabilities that are truly exploitable.
These enhancements build on Orca’s agentless-first architecture, which provides deep visibility and risk prioritization across cloud infrastructure, workloads, identities, applications, and now AI systems, without requiring agents.
“Cloud security tools generate an incredible amount of data, but what teams really need is help understanding what to do next,” said Erika Voss, SVP, Chief Security Officer at Blue Yonder. “What stands out about Orca is the way it connects the dots. Instead of spending hours piecing together alerts, our team can see what actually happened, what’s exposed, and where to focus first.”
Orca Security will showcase these new capabilities at RSA Conference 2026 in San Francisco. Attendees can visit Orca at Booth #1035 in the South Hall of Moscone Center to see live demonstrations.
Related News:
Orca Security Releases the 2025 State of Cloud Security Report
Orca Security Enhances AppSec with Orca Cloud Security Platform
