Ahead of RSAC 2026, Orca Security unveils new AI-driven capabilities that help organizations cut through alert noise, accelerate investigations, and focus on the risks that truly impact multi-cloud and AI environments
Orca Security, the pioneer of agentless cloud security, announced major enhancements to the Orca Platform, introducing new AI-powered security agents, real-time detection of AI usage across cloud environments, remediation-focused workflows, and code reachability analysis. These innovations enable organizations to move beyond fragmented alerts to faster investigation, clearer prioritization, and measurable risk reduction in the AI-era.
Also Read:ย CIO Influence Interview with Gihan Munasinghe, CTO of One Identity
As enterprises accelerate AI adoption and scale across multi-cloud environments, security teams are inundated with alerts yet lack the context and prioritization needed to distinguish real, business-critical risk from background noise.ย Research showsย that 84% of organizations now run AI workloads in the cloud, and 62% already have vulnerable AI packages in their environments. Orcaโs latest innovations extend its unified platform to help teams understand threats faster, focus on truly exploitable vulnerabilities, and take action with confidence.
โSecurity teams donโt need more data. They need to know what actually matters and what to do about it,โ said Gil Geron, CEO and co-founder of Orca Security. โThese new capabilities are designed to turn complex cloud risk into clear, actionable guidance so teams can make faster decisions and reduce exposure in a measurable way. That shift from information to action is what ultimately improves security outcomes.โ
New platform capabilities include:
- Threat Investigation Agent:ย Orcaโs Threat Investigation Agent automatically analyzes risk, correlates signals across the cloud environment, and produces transparent investigation reports with recommended containment actions.
- AppSec Triage Agent:ย The new AppSec Triage Agent analyzes SAST findings to identify false positives, reduce alert fatigue, and help teams focus on real vulnerabilities.
- Runtime AI Threat Detection:ย Orca now identifies when workloads, identities, and processes interact with AI models, MCP servers, and third-party AI tools. This enables security teams to understand how AI is being used, detect potential exposure of sensitive data, and implement AI governance based on real runtime activity.
- Orca Missions:ย Orca groups related findings into Missionsโfocused remediation initiatives with clear objectives and verificationโallowing teams to resolve clusters of risk efficiently and track meaningful improvements in their security posture.
- Code Reachability Analysis:ย Orca now analyzes whether vulnerable code paths are actually invoked in applications, in addition to identifying vulnerable packages. Combined with Orcaโs existing Agentless and Dynamic Reachability Analysis, this provides comprehensive context to help teams prioritize vulnerabilities that are truly exploitable.
These enhancements build on Orcaโs agentless-first architecture, which provides deep visibility and risk prioritization across cloud infrastructure, workloads, identities, applications, and now AI systems, without requiring agents.
โCloud security tools generate an incredible amount of data, but what teams really need is help understanding what to do next,โ said Erika Voss, SVP, Chief Security Officer at Blue Yonder. โWhat stands out about Orca is the way it connects the dots. Instead of spending hours piecing together alerts, our team can see what actually happened, whatโs exposed, and where to focus first.โ
Orca Security will showcase these new capabilities at RSA Conference 2026 in San Francisco. Attendees can visit Orca at Booth #1035 in the South Hall of Moscone Center to see live demonstrations.
Catch more CIO Insights:ย CIO as Orchestrator of Cross-Functional Digital Strategy
[To share your insights with us, please write toย psen@itechseries.comย ]
