 Hello everyone, welcome to theCUBE's presentation of the AWS Startup Showcase, the next big thing in AI, security and life sciences. In this segment, we feature Orca Security as a notable trendsetter, within of course the security track. I'm your host Dave Vellante and today we're joined by Gil Geron who's the co-founder and chief product officer at Orca Security. And we're going to discuss how to eliminate cloud security blind spots. Orca has a really novel approach to cybersecurity problems without using agents. So welcome Gil to today's sessions. Thanks for coming on. Thank you for having me. You're very welcome. So Gil, you're a disruptor in security and cloud security specifically and you've created an agentless way of securing cloud assets. You call this side scanning. We're going to get into that and probe that a little bit into the how and the why agentless is the future of cloud security. But I want to start at the beginning. What were the main gaps that you saw in cloud security that spawned Orca Security? I think that the main gaps that we saw when we started Orca were pretty similar in nature to gaps that we saw in legacy infrastructures in more traditional data centers. But when you look at the cloud, when you look at the nature of the cloud, the ephemeral nature, the technical possibilities and disruptive way of working with a data center, we saw that the usage of traditional approaches like agents in these environments is lacking. It actually not only working as well as it was in the legacy world, it's providing you less value. And in addition, we saw that the friction between the security team and the IT, the engineering, the DevOps in the cloud is much worse or harder than it was. And we wanted to find a way, we want for them to work together to bridge that gap and to actually leverage, allow them to leverage the cloud technology as it was intended to gain superior security than what was possible in the on-prem world. Excellent. Let's talk a little bit more about agent list. I mean, maybe we could talk a little bit about why agent list is so compelling. I mean, it's kind of obvious. It's less intrusive. You've got fewer processes to manage, but how did you create your agent list approach to cloud security? Yeah, so, I think the basic, the basis of it all is around our mission and what we try to provide. We want to provide seamless security because we believe it will allow the business to grow faster, it will allow the business to adopt technology faster and to be more dynamic and achieve goals faster. And so, we've looked on what are the problems or what are the issues that slow you down? And one of them, of course, is the fact that you need to install agents that they cause performance impact that they are technically segregated from one another, meaning you need to install multiple agents and they need to somehow not interfere with one another. And we saw this friction causes organization to slow down their move to the cloud or slow down the adoption of technology. In the cloud, you have, it's not only having servers, right? You have containers, you have managed services, you have so many different options and opportunities. And so, you need a different approach on how to secure that. And so, when we understood that this is the challenge on, we decided to attack it in three, using three pillars. One, trying to provide complete security and complete coverage with no friction, trying to provide comprehensive security, which is taking an holistic approach, a platform approach and combining the data in order to provide you visibility into all of your security assets. And last, but not least, of course, is context awareness, meaning being able to understand and find these, the 1% that matter in the environment. So you can actually improve your security posture and improve your security overall. And to do so, you had to have a technique that does not involve agents because, and so what we've done, we've find a way that utilizes the cloud architecture in order to scan the cloud itself. Basically, when you integrate Orca, you are able within minutes to understand, to read all and to view all of the risks, we are leveraging a technique that we are calling side scanning that uses the APIs or uses the infrastructure of the cloud itself to read the block storage device of every compute instance and every instance in the environment and then from, we can deduce the actual risk of every asset. So that's a clever name, side scanning. Tell us a little bit more about that. Maybe you could double click on how it works. You mentioned it's looking into block storage and leveraging the APIs, very clever, actually quite innovative. And so, but help us understand in more detail how it works and why it's better than traditional tools that we might find in this space. Yes. So the way that it works is that by reading the block storage device, we are able to actually deduce what is running on your compute, meaning what kind of ways, packages, applications are running. And then by combining the context, meaning understanding what kind of services you have connected to the internet, which, what is the attack surface for these services, what will be the business impact? Will there be any access to PII or any access to the crown jewels of the organization? You can not only understand the risk, you can also understand the impact and then understand what should be our focus in terms of security of the environment. The different factor is the fact that we are doing it using the infrastructure itself. We are not installing any agents. We are not running any packet. You do not need to change anything in your architecture or design of how you use the cloud in order to utilize Orca. Orca is working in a pure SAS way. And so it means that there was no impact, not on cost and not on performance of your environment while using Orca. And so it reduces any friction that might happen with other parties of the organization when you enjoy the security or improve your security in the cloud. Yeah, and no process management intrusion. Now, I presume, Gil, that you eat your own cooking, meaning you're using your own product. First of all, is that true? And if so, how has your use of Orca as a cheap product officer helped you scale Orca as a company? So it's a great question and I will, I think that something that we understood only on is that there is a quite a significant difference between the way you architect your security and cloud and also the way that things reach production, meaning there's a difference and there's a gap between how you imagine, like in everything in life, how you imagine things will be and how they are in real life in production. And so even though we have amazing customers that are extremely proficient in security and have thought of a lot of ways of how to secure their environment. And so we, of course, we are trying to secure environment as much as possible. We are using Orca because we understand that no one is perfect. We are not perfect. We might, the engineers might, my engineers might make mistakes like every organization. And so we are using Orca because we want to have complete coverage. We want to understand if we are doing any mistake. And sometimes the gap between the architecture and the hole in the security or the gap that you have in your security could take years to happen and you need a tool that will constantly monitor your environment. And so that's why we are using Orca on our own from day one not to find bugs or to do QA. We're doing it because we need a security to our cloud environment that will provide these values. And so we've also passed compliance auditing like SOC2 and ISO using Orca and it expedited and allowed us to do these processes extremely fast because of having all of these guard rails and metrics. Yes, okay. So you recognize that you potentially had and did have that same problem as your customer's been. Has it helped you scale as a company? Obviously, but how has it helped you scale as a company? So it helped us scale as a company by increasing the trust, the level of trust customer have in Orca. It allowed us to adopt technology faster, meaning we need much less diligence or exploration of how to use technology because we have these guard rails. So we can use the richness of the technology that we have in the cloud without the need to stop, to install agents, to try to re-architecture the way that we are using the technology and we simply use it. We simply use the technology that the cloud offer as it is and so it allows you a rapid scalability. Yeah, allows you to move at the speed of cloud. Now, so I got to ask you as a co-founder, you got to wear many hats as at first of a co-founder and the leadership component there, but also the chief product officer, you got to go out, you got to get early customers, but even more importantly, you have to keep those customers retention. So maybe you can describe how customers have been using Orca. Did they, what was their aha moment that you've seen customers react to when you showcase the new product? And then how have you been able to keep them as loyal partners? So, I think that we are very fortunate, we have a lot of, we are blessed with our customers. Many of our customers are vocal customers about what they like about Orca. And I think that something that comes along a lot of times is that this is a solution they have been waiting for. Many, I can't express how many times I hear that I go on a call and customer says, I must say, I must share this is a solution I've been looking for. And I think that in that aspect, Orca is creating a new standard of what is expected from a security solution because we are transforming the security role in the company from an inhibitor to an enabler. You can use the technology, you can use new tools, you can use the cloud as it was intended. And so we have customers like one of these cases is a customer that they have a lot of data and they're all super scared about using S3 buckets because all of these incidents of S3 buckets being breached or being a people connecting to an S3 bucket and downloading the data. So they had a policy saying S3 buckets should not be used. We do not allow any use of S3 bucket. And obviously you do need to use S3 bucket is powerful technology. And so the engineering team in that customer environment simply installed a VM, installed an FTP server and had a very easy to use password to that FTP server. And obviously two years later, someone also put all of the customer databases on that FTP server, open to the internet, open to everyone. And so I think it was for him and for us as well, it was a hard moment. First of all, he planned that no data will be leaked but actually what happened is way worse the data was open to the world in a technology that exists for a very long time and is probably being scanned by attackers all the time. But after that, he not only allowed them to use S3 buckets because he knew that now he can monitor now he can understand that they are using the technology as intended. Now that they are using it securely, it's not open to everyone. It's open in the right way. And there was no PII on that S3 bucket. And so I think the way he described it is that and now when he's coming to a meeting about things that needs to be improved, people are waiting for this meeting because he actually knows more than what they know what they know about the environment. And I see it really so many times where a simple mistake or something that looks benign when you look at the environment in a holistic way when you are looking on the context, you understand that there is here a huge gap that should be breached. And another cool example was a case where a customer allowed an access from a third party service that everyone trusts to the countries of the environment. And he did it in a very traditional way. He allowed a certain IP to be open to that environment. So overall it sounds like the correct way to go. You allow only a specific IP to access the environment. But what he failed to notice is that everyone in the world can register for free for this third party service and access the environment from this IP. And so even though it looks like you have access from a trusted service, a trusted third party service, when it's a sub-service, it's actually, it can mean that everyone can use it in order to access the environment. And using Orca, he saw immediately the access, he saw immediately the risk. And I see time after time that people are simply using Orca to monitor, to guard rail, to make sure that the environment stays safe throughout time and to communicate better in the organization, to explain the risk in a very easy way. And the, I would say the statistics show that within few weeks, more than 85% of the different alerts and risks are being fixed. And I think it comes to show how effective it is and how effective it is in improving your posture because people are taking action. Those are two great examples. And of course I've often said the shared responsibility model is often misunderstood and those two examples underscore that, thinking that, oh, I hear all this, see all this press about S3, but it's up to the customer to secure the endpoint components, et cetera, configure it properly is what I'm saying. So, what an unintended consequence, but Orca plays a role in helping the customer with their portion of that shared responsibility, obviously AWS is taking care of it. Now, as part of this program, we ask a little bit of a challenging question to everybody because look it, as a startup, you want to do well, you want to grow a company, you want to have your employees grow and help your customers and that's great and grow revenues, et cetera. But we feel like there's more. And so we're going to ask you, because the theme here is all about cloud scale, what is your defining contribution to the future of cloud at scale, Gil? So, I think that cloud has allowed a revolution to the data centers, okay? The way that you are building services, the way that you are allowing technology to be more adaptive, dynamic, ephemeral, accurate and you see that it is being adopted across all vendors, all type of industries across the world. I think that Orca is the first company that allows you to use this technology to secure your infrastructure in a way that was not possible in the on-prem work, meaning that when you're using the cloud technology and you're using technologies like Orca, you're actually gaining superior security that what was possible in the pre-cloud world. And I think that to that respect, Orca is going hand in hand with the revolution and actually revolutionizes the way that you expect to consume security, the way that you expect to get value from security solutions across the world. Thank you for that, Gil. And so we're at the end of our time, but we'll give you a chance for final wrap up and bring us home with your summary, please. So I think that Orca is building the cloud security solution that actually works with its innovative agentless approach to cybersecurity, to gain complete coverage, comprehensive solution and to gain, to understand the complete context of the 1% that matters in your security challenges across your data centers in the cloud. We are bridging the gap between the security teams, the business needs to grow and to do so in the pace of the cloud. I think the approach of being able to install within minutes a security solution and gain complete understanding of your risk will is goes hand in hand with the way you expect and adopt cloud technology. That's great, Gil. Thanks so much for coming on. You guys doing awesome work. Really appreciate you participating in the program. Thank you very much. And thank you for watching this AWS startup showcase. We're covering the next big thing in AI, security and life science on theCUBE. Keep it right there for more great content.