Integration Overview
Orca offers a unified and comprehensive cloud security platform that identifies, prioritizes, and remediates security risks and compliance issues across AWS, Azure, Google Cloud, Oracle Cloud, Alibaba Cloud, and Kubernetes. The Orca Cloud Security Platform leverages Orca’s patented SideScanning™ technology to provide complete coverage and comprehensive risk detection.
Use Cases for Orca Security Logs
Detecting changes to cloud security posture in your Orca Security account
Monitoring for high-severity cloud misconfigurations and vulnerabilities
Correlating Orca Security findings with other activities in your environment
Onboarding Orca Security
Panther's integration for Orca Security is easy to configure. Select Orca Security from Panther's list of pre-defined log sources and follow the guided setup process to begin ingesting Orca Security alerts and findings.
For more detailed steps on onboarding Orca Security logs, you can view our Orca Security documentation here.
Parsing, Normalizing, and Analyzing
As Panther ingests Orca Security events, they are parsed, normalized, and stored in a security data lake backend. This empowers security teams to craft detections, identify anomalies, and conduct investigations.
Panther's managed schema applies normalization fields to your Orca Security events, standardizing attribute names and empowering users to correlate and investigate data across all log types. For more on searching log data in Panther, check out our documentation on Investigations & Search.
Detection as Code
With Panther, your team won't be confined to restrictive detection rules like many SIEM platforms. Panther delivers programmable detections, allowing users to use Python to write expressive detections and integrate external systems like version control and CI/CD pipelines into their detection engineering workflows. This results in robust, flexible, and reusable detections. In addition, you can create correlation rules to link Orca Security findings with other data sources for highly targeted alerts.
Panther includes pre-built detections for Orca Security, offering users immediate value for monitoring common IoCs and threats. You can explore our built-in detection coverage for Orca Security logs here.
Configuring Alerts
Panther fires alerts when your detection rules or policies are triggered and integrates with various alert destinations to allow for easy access and management of any Orca Security alerts. Alerts can also be forwarded to alert context or SOAR platforms for more remediation options.
Alerts are categorized into five different severity levels: Info, Low, Medium, High, and Critical. Security teams can dynamically assign severity based on specific log event attributes.
Customer Support
If you have any questions about configuring Orca Security with Panther, we're here to help. Customers can access our technical support team via a dedicated Slack channel, email, or in-app messenger.
You can check out our documentation on configuring Orca Security here.
The Ideal Cloud Security Solution
With Panther, security teams don't have to struggle with restrictive detection logic, waste time and resources on operational overhead, or pay skyrocketing costs to keep up with the growth of cloud data. Panther was founded by a team of veteran security practitioners who struggled firsthand with legacy SIEM challenges and built an intuitive, cloud-native platform to solve them.
Panther is the security monitoring solution for the cloud, offering flexible programmable detections, intuitive security workflows, and actionable real-time monitoring and alerts to keep up with the needs of today's security teams. Request a demo today for a powerful, flexible, and scalable security monitoring solution for Orca Security.
