累计融资 01
632 USD million (approx.) [CO030] 尽调报告
Orca Security
Orca 是无代理 CNAPP 的先行者,但 Wiz 正强力挤压;公司停在 $1.8B 的 Series C 估值上,同时面临未决知识产权诉讼和网络安全融资环境收缩。
Orca Security 是无代理 CNAPP 的先行者,但 Wiz 正把竞争压力推到生死线;Wiz 估计 ARR 领先 3 倍、双方 IP 诉讼仍在进行, 加上 2022 年后网络安全后期融资被持续压价,Orca 的 $1.8B Series C 估值有明显减记风险。
封面要素
公司概况
Orca Security, Inc. 是一家注册于 Delaware 的公司,2019 年由 Avi Shua(CEO)和 Gil Geshuri(CPO)在以色列 Tel Aviv 创立;公司现总部位于 Oregon 州 Portland,并在 Tel Aviv 和 London 设有办公室。Orca 依靠已获专利的 SideScanning™ 技术开创无代理云安全:平台通过只读云服务商 API 读取云工作负载块存储,无需部署代理或网络扫描器。其 CNAPP 平台把 CSPM、CWPP、CIEM、DSPM、Container Security、AI SPM、CDR、API Security 和合规能力统一在一个 Unified Data Model 中。Orca 从种子轮到 Series C 已融资约 $630–650M(2022 年 10 月融资 $340M,投后估值 $1.8B),投资方包括 ICONIQ Growth、GGV Capital、Capital One Ventures、Tiger Global 和 Salesforce Ventures。2023 年 7 月,公司与头号对手 Wiz 的商业秘密诉讼仍在进行,带来显著法律和声誉风险。
- 成立时间
- 2019-01-01
- 创始人
- Avi Shua, Gil Geshuri
- 创立地点
- Tel Aviv, Israel
- 总部
- Portland, Oregon, United States
- 产品
- 无代理 CNAPP 平台,使用 SideScanning™ 技术在多云环境中发现漏洞、错误配置、恶意软件、横向移动路径和数据暴露,无需代理或网络扫描器。平台基于单一 Unified Data Model,覆盖 CSPM、CWPP、CIEM、DSPM、容器安全、AI 安全态势管理(AI SPM)、云检测与响应(CDR)、API 安全,以及 100+ 个合规框架。
- 客户
- 运行复杂多云环境(AWS、Azure、GCP)的企业级组织,集中在金融服务、技术 / SaaS、医疗、零售和媒体等行业。具名客户包括 Autodesk、Robinhood、Databricks 和 DigitalOcean。
- 商业模式
- 年度订阅 SaaS;按席位和工作负载分层授权。收入来自企业平台许可加专业服务。销售打法是 land-and-expand,瞄准正在扩大云原生安全态势的多云组织。
- 阶段
- Late-stage private (Series C, October 2022)
- 融资情况
- 已融资约 $630–650M:约 $6M 种子轮(2019 年)、$20.5M Series A(2020 年 3 月,YL Ventures / GGV)、$55M Bridge(2021 年,ICONIQ Growth)、$210M 扩展 Series B(2021 年 11 月,ICONIQ / GGV / Capital One Ventures / Tiger Global)、$340M Series C(2022 年 10 月,ICONIQ Growth / Salesforce Ventures,投后估值 $1.8B)。2022 年 10 月之后没有公开融资。
执行摘要
主要优势
- 专利 SideScanning™ 技术跑通了真正无代理的云安全,部署摩擦接近为零;Autodesk、Robinhood、Databricks 等企业早期采用, 说明技术护城河有防御性。
- CNAPP 平台覆盖 CSPM、CWPP、CIEM、DSPM、Container Security、AI SPM 和 CDR,并统一到一个 Unified Data Model, 相比点状工具堆栈,企业集成成本更低。
- Autodesk、Robinhood、Databricks、DigitalOcean 等蓝筹客户和公开案例,给出的客户背书质量高于早期同业。
- ICONIQ Growth、GGV Capital、Tiger Global、Capital One Ventures、Salesforce Ventures 等累计投入 $630–650M, 给公司穿越下行市场的现金跑道。
主要风险
- Wiz 以 $12B+ 估值融资 $1B+,估计 ARR 约 $300M;Orca 约 $100–200M,资本和收入差距继续拉大,会压低 Orca 在企业竞标中的胜率。
- 2023 年 7 月针对 Wiz 的商业秘密和版权侵权诉讼仍在进行,带来实质法律责任、管理层分心和潜在赔偿;诉讼结果二元且无法量化。
- $1.8B Series C 估值(2022 年 10 月)定在估值倍数高点;2022 年后没有新的公开融资,一旦市场迫使再融资,下轮降估值或按市值重估风险很高。
- 欧盟注册客户和受监管行业客户使用无代理只读云扫描,会持续暴露在 GDPR、PCI-DSS、HIPAA 下的结构性监管风险;监管执法演进时, 隐私内建模型必须不断验证。
- SideScanning 依赖云厂商 API;AWS、Azure 或 GCP 若限制或改动相关 API,单点故障风险会立刻显性化。
未决问题
- 经审计合并财务(ARR、收入增长、毛利率、经营亏损、现金跑道)未公开;所有估计都来自媒体报道和分析师评论。
- 缺少公开记录之外的法院文件,Wiz 商业秘密诉讼的结果和潜在赔偿总额无法量化。
- Series C 后股权结构表、优先股堆叠和清算瀑布未披露;投资人保护条款未知。
- 客户留存(NRR、GRR、流失率)和扩张收入动态未公开。
- 2022 年融资高点后的领导层稳定性,以及裁员、冻结招聘等成本削减措施,公开资料记录不足。
目录
01公司概况
1.1 身份、使命与商业模式
Orca Security 成立于 2019 年,总部位于 Oregon 州 Portland,并在 Tel Aviv 和 London 设有办公室。公司自称是无代理云安全的先行者,核心使命是帮助组织在云端安全发展。Orca 通过一套建立在自研 SideScanning™ 技术上的云原生应用保护平台(CNAPP)落地这项使命:平台与云服务商 API 集成,读取云工作负载运行时数据,而不是在工作负载内部部署代理。「Orca」之名来自虎鲸;虎鲸的声呐能力呼应了公司对自身产品的定位——以较低运维影响,深入、广泛地扫描云环境。 Orca 的商业模式是 SaaS,主要卖给负责多云环境的企业和中型市场安全团队。在 CNAPP 市场中,Orca 与 Wiz、Palo Alto Networks Prisma Cloud、CrowdStrike Falcon Cloud Security 等公司竞争。公司的价值主张围绕其所谓的「3 Cs」:覆盖所有云资产的全面覆盖(Comprehensive coverage)、通过无代理部署实现的低摩擦覆盖(Coverage without friction),以及把最关键 1% 告警排到前面的语境化风险评估(Contextualized risk assessment)。LinkedIn 将 Orca 描述为「面向 AWS、Azure、Google Cloud、Kubernetes 的无代理云安全先行者」;截至研究日,公司有 127,000 名关注者。 [CO001, CO002, CO003, CO004, CO005, CO006]
1.2 SideScanning 技术与 CNAPP 平台
Orca 的核心技术差异点是 SideScanning™。这项曾处于专利申请中、现已获专利的技术,不在虚拟机或容器上安装代理,而是读取云服务商的块存储快照或带外数据导出,完成深度工作负载检查。该路径消除了部署摩擦,避免影响生产工作负载性能,也能覆盖无法运行传统代理的云资产,例如 serverless 函数和托管数据库服务。公司称,连接一个云账户后数分钟内即可实现 100% 工作负载深度覆盖。 CNAPP 平台把原本需要多个单点工具的能力整合在一起:云安全态势管理(CSPM)、云工作负载保护平台(CWPP)、Kubernetes 安全态势管理(KSPM)、云基础设施权限管理(CIEM)、数据安全态势管理(DSPM)、AI 安全态势管理(AI SPM)、云检测与响应(CDR)、漏洞管理、API 安全和合规报告。Unified Data Model 支撑跨能力语境,让平台的攻击路径分析能浮出单点工具会漏掉的风险链条。多云覆盖包括 AWS、Azure、Google Cloud、Kubernetes 和 Oracle Cloud Infrastructure(OCI)。 [CO009, CO010, CO011, CO012, CO013, CO014]
| 指标 | 值 / 状态 | 日期 | 置信度 | 缺口 |
|---|---|---|---|---|
| 成立年份 | 2019 | 2019 | 高 | |
| 总部 | Portland, Oregon(另在 Tel Aviv 和 London 设办公室) | 2026-05-16 | 高 | |
| 最新公开投后估值(USD B) | 1.8 | 2022-10-05 | 高 | 截至 2026 年 5 月未公开宣布后续融资轮;估值可能已失效。 |
| 累计融资额(USD M) | 630–650 | 2026-05-16 | 中 | Orca About 页面称「近 $630 million」;Forbes 报道为 $650 million;没有可对账的股权结构表。 |
| 员工人数 | 低 | 未在公开来源找到可核验的员工数;LinkedIn 资料页没有可靠披露员工规模区间。 | ||
| G2 评分(满分 5) | 4.6 | 2026-05-16 | 中 | 评分基于 280+ 条评价;快照会随时间变化。 |
| Gartner Peer Insights 评分(满分 5) | 4.8 | 2026-05-16 | 中 | 分数来自 Orca 案例研究页面;需在 Gartner 平台直接核验。 |
| 支持的云平台 | AWS、Azure、Google Cloud、Kubernetes、OCI 云服务范围 | 2026-05-16 | 高 | |
| 收入 / ARR | 低 | 未公开披露;私营公司。 | ||
| 客户 | 低 | 未披露具体客户数量;案例研究提到 Autodesk、Paidy、Digital Turbine 等。 |
估值和融资数字是基于公开来源汇总的最佳估计,可能未反映老股交易、期权池稀释或优先股堆叠细节。员工数、收入和客户数未公开披露。
[CO001, CO002, CO025, CO030, CO031, CO035]展示 SideScanning™ 技术如何在不安装代理的情况下读取云数据、输入统一数据模型,并在 CSPM、CWPP、KSPM、DSPM、CDR 和合规等能力中暴露跨能力安全发现。
架构流基于官方平台和解决方案页面;内部数据管道细节未公开披露。
[CO009, CO010, CO011, CO012, CO013, CO014]1.3 领导层与组织结构
Orca Security 由 Avi Shua 和 Gil Geron 联合创办,两人都带有深厚的以色列网络安全背景,曾在 Check Point Software Technologies 和 IDF Unit 8200 工作。Avi Shua 从 2019 年创立起担任 CEO,直到 2023 年 3 月转任首席创新官,继续负责技术战略以及 SideScanning 和 Unified Data Model 架构。Gil Geron 同期担任首席产品官,并于 2023 年 3 月接任 CEO,之后一直领导公司。Orca 官方材料称,Geron 拥有超过二十年的网络安全产品领导经验。 更广的领导团队包括 Raf Chiodo(CRO,曾任职 Lacework 和 Dell/EMC)、Gera Dorfman(CPO,曾任 Check Point 网络安全产品副总裁)、Oded Edri(CFO,曾任 Payoneer 首席会计官和 MakerBot CFO)、Yoav Alon(CTO,前 Unit 8200 研究员、Check Point 安全架构师)、Rachel Nislick(CMO,曾任职 Darktrace、Mimecast 和 Veracode)以及 Gal Tanchelson(SVP HR,背景来自 Check Point 和 Payoneer)。工程、产品和 HR 体系中 Check Point 校友密度很高,反映了创始人的来源;即便不看两位联合创始人,公司在职能领导层也可能存在关键人集中风险。 [CO015, CO016, CO017, CO018, CO019, CO020]
| 人名 | 职位 | 背景 | 创始人-市场匹配或职能覆盖 | 关键人物依赖 |
|---|---|---|---|---|
| Gil Geron | CEO 兼联合创始人 | 2019–2023 年任 Orca CPO;20+ 年网络安全产品负责人经验;Check Point Software Technologies | 主导战略和商业执行;唯一 CEO 兼联合创始人 | 高 |
| Avi Shua | 首席创新官兼联合创始人 | 2019–2023 年任 Orca CEO;25+ 年网络安全经验;Check Point 首席技术专家;Unit 8200 | SideScanning 和 Unified Data Model 架构;技术品牌与可信度 | 高 |
| Raf Chiodo | 首席营收官 | Lacework 美洲 GTM 负责人;25+ 年销售经验,覆盖 Dell/EMC、SaaS、云基础设施 | 全球销售扩张;GTM 执行和收入增长 | 中 |
| Gera Dorfman | 首席产品官 | 在 Check Point 任网络安全产品 VP 20 年;负责研发和平台管理 | 下一代 CNAPP 能力路线图;AI 驱动安全功能开发 | 中 |
| Oded Edri | 首席财务官 | Payoneer (PAYO) 前首席会计官;MakerBot 前 CFO;曾在 Stratasys 和 PwC 任高级职位 | 财务管理和资本策略;IPO 准备运营经验 | 中 |
| Yoav Alon | 首席技术官 | Unit 8200 研究员兼团队负责人;Hyperwise Security 首席架构师;Check Point | 核心平台工程和安全研究;漏洞发现专长 | 中 |
| Rachel Nislick | 首席营销官 | Darktrace 前收入营销 VP;曾在 Mimecast、Veracode、PTC 任高级职位(14 年) | 企业网络安全需求生成和品类领导力 | 低 |
| Gal Tanchelson | 人力资源高级副总裁 | 13 年全球 HR 经验;Check Point 和 Payoneer;人才管理和组织转型 | 人才战略和组织扩张;高管辅导经验 | 低 |
领导层名单来自 Orca 截至 2026 年 5 月的官网 About 页面。Check Point 校友集中在高管层和 VP 岗位,是重要的组织观察点。董事会构成未公开披露;治理结构仍是非上市公司形态。
[CO015, CO016, CO017, CO018, CO019, CO020]1.4 融资历史与投资人基础
自 2019 年成立以来,Orca Security 已完成五轮已披露融资,累计融资约 $630–650M,投后估值达到 $1.8B。融资历史从 2019 年 YL Ventures 的种子轮开始;随后是 2020 年 3 月由 YL Ventures 和 GGV Capital 共同领投的 $20.5M Series A。约 2021 年 4 月,公司完成由 ICONIQ Growth 领投、YL Ventures、GGV Capital 和 SVCI(一组 CISO)参投的 $55M 融资。Orca 当时在自家博客中称其为「Series B」;截至那时,累计融资据报已超过 $82M。 2021 年 11 月的 $210M 融资在后续报道中通常称为扩展 Series B,由 Tiger Global 和 Accel 领投,GGV Capital、ICONIQ Growth 等参投,投后估值 $1.2B。2022 年 10 月的 $340M Series C 由 CapitalG(Alphabet 独立成长基金)和 T. Rowe Price 领投,Temasek、CapitalG 及其他财务投资人加入,把投后估值推至 $1.8B。Orca 的 About 页面称,公司「合计融资近 $630M,估值 $1.8B」;Forbes 则报道其融资 $650M。两者都锚定 $1.8B 的投后估值。截至 2026 年 5 月的研究日,公司没有公开宣布后续融资。 [CO025, CO026, CO027, CO028, CO029, CO030]
| 利益相关方 | 角色 | 控制权或经济重要性 | 尽调问题 |
|---|---|---|---|
| CapitalG (Alphabet) | Series C 领投方 | 2022 年 10 月领投 $340M Series C,估值 $1.8B;与 Google Cloud 有战略联系 | 确认董事会席位、是否存在 Google Cloud 联合销售或排他条款,以及反稀释条款。 |
| T. Rowe Price | Series C 跟投方 | 参与 $340M Series C;机构资管方身份释放出机构级治理需求信号 | 评估信息权,以及该持股是否附带任何老股出售限制。 |
| Tiger Global | $210M 轮领投方(2021 年 11 月) | 以 $1.2B 估值领投 $210M 轮;拥有全球组合的跨界成长投资者 | 确认 Tiger Global 是否已出售任何老股;排查其组合内竞争性网络安全投资是否存在冲突。 |
| Accel | $210M 轮跟投方 | 参与 2021 年 11 月 $210M 轮;列入 Accel 投资组合页面 | 确认董事会席位或观察员权利;评估下一次流动性事件上的一致性。 |
| ICONIQ Growth | $55M 轮领投方(2021 年 4 月) | 领投 $55M 轮;ICONIQ 是聚焦科技的成长股权平台,承诺资本超过 $9B | 确认按比例跟投权,以及该权利如何影响 2021 年 11 月后续融资。 |
| YL Ventures | 种子轮和 Series A 领投方 | 领投种子轮(约 $6M,2019 年)和 Series A($20.5M,2020 年 3 月);以色列早期网络安全专业投资者 | 评估稀释到 Series C 后的当前持股;确认是否发生过老股退出。 |
| GGV Capital | Series A 及后续轮次参与方 | 从 Series A 到 2021 年 4 月轮次均有参与;全球多阶段成长基金 | 确认是否仍有董事会席位或观察员代表。 |
| Temasek | Series C 跟投方 | 新加坡主权财富基金参与 2022 年 10 月 Series C | 核实确切认购金额;Temasek 网站目前对公告页返回 404。 |
投资者名单根据 Orca 博客文章、SiliconAngle、CNBC 和 Forbes 报道重建。准确持股比例、董事会席位安排、清算优先权和老股交易未公开披露。公开的 Orca 材料未列出董事会构成。
[CO025, CO026, CO027, CO028, CO029, CO030]按时间顺序展示 Orca Security 从 2019 年创立到 2025 年 1 月取得 AWS ISV Accelerate 资格的关键里程碑,覆盖融资、治理、合作伙伴和不利事件。
种子轮和 2021 年 4 月融资日期为近似值;公开来源未确认准确交割日期。Gartner MQ 时间线基于 2024 年 4 月新闻稿日期。
[CO001, CO016, CO017, CO025, CO026, CO027]1.5 市场地位、认可与负面事件
Orca 已获得分析机构和同行评测平台的外部验证。Gartner 在 2024 年 Cloud-Native Application Protection Platforms(CNAPP)Magic Quadrant 中将 Orca Security 评为 Leader。截至研究日,产品在 G2 上获得 4.6/5 评分,评论超过 280 条。案例研究列表页提到 Gartner 评分为 4.8/5。Orca 入选 2022 年 Forbes Cloud 100,并获得 2022 年 AWS Global Security Partner of the Year。2025 年 1 月,公司成为首个获得 AWS ISV Accelerate 资格的纯 CNAPP 厂商,该资格可获得 AWS 一线销售团队的联合销售支持。 Orca 公开记录中最重大的负面事件,是 2023 年 7 月针对竞争对手 Wiz 提起的诉讼,指控其侵犯版权并窃取商业秘密。Dark Reading 报道称,Orca 指控 Wiz 招募前 Orca 员工,而这些员工涉嫌带走源代码和专有技术信息。该主张对尽调很重要:Wiz 在公开估值指标上已经超过 Orca(到 2024 年中 Wiz 估值达到 $32B),而诉讼也反映两家公司竞争的激烈程度。另一个较早的负面信号发生在 2021 年 4 月,当时 Palo Alto Networks 因产品对比向 Orca 发出停止侵权函,Orca 公开拒绝;Orca 博客将其描述为竞争对手试图压制事实基准,而非实质性法律威胁。两起事件均记录在里程碑表中,代表不同类型的反向证据——竞争对手诉讼和来自既有巨头的竞争压力;后续章节应将其视为仍在发生作用的尽调事项。 [CO035, CO036, CO037, CO038, CO039, CO040]
| 日期 | 事件 | 类型 | 金额 / 估值 / 状态 | 参与方 | 含义 |
|---|---|---|---|---|---|
| 2019 | Orca Security 成立;SideScanning 技术完成开发;首个无代理云安全产品上线 | 成立 | 种子轮约 $6M | Avi Shua、Gil Geron;YL Ventures(种子轮) | 围绕无代理云安全确立品类;为 SideScanning 技术提交创始专利。 |
| 2020-03 | 完成 $20.5M Series A;团队开始扩张 | 融资 | $20.5M Series A 轮 | YL Ventures、GGV Capital | 验证无代理方案的产品市场匹配;支持进入美国市场。 |
| 2021-04 | 完成 $55M 融资(Orca 博客称为 Series B);公开拒绝 Palo Alto Networks 停止侵权警告函 | 融资 | $55M;累计约 $82M | ICONIQ Growth、YL Ventures、GGV Capital、SVCI 投资人组合 | 验证企业需求;Palo Alto 停止侵权函事件成为 Orca 的舆论胜仗。 |
| 2021-11-30 | 完成 $210M 扩展 Series B;投后估值 $1.2B | 融资 | $210M,投后估值 $1.2B | Tiger Global(领投)、Accel、GGV Capital、ICONIQ Growth | 达到独角兽里程碑;支持激进 GTM 和产品扩张。 |
| 2022 | 入选 Forbes Cloud 100;获得 AWS Global Security Partner of the Year 奖 | 规模化 | N/A | Forbes、AWS | 首次获得分析机构和媒体对品类领导地位的认可。 |
| 2022-10-05 | 完成 $340M Series C,投后估值 $1.8B | 融资 | $340M,投后估值 $1.8B | CapitalG(领投)、T. Rowe Price、Temasek | 单轮融资规模最大;为本次尽调设定当前参考估值。 |
| 2023-03-16 | Gil Geron 出任 CEO;Avi Shua 转任首席创新官 | 治理 | N/A | 董事会和联合创始人 | 领导层交接;Shua 保留技术权威,Geron 负责商业运营。 |
| 2023-07 | Orca 起诉 Wiz 侵犯版权并盗取商业秘密 | 反向 | 诉讼(金额未披露) | Orca Security(原告);Wiz(被告) | 重大竞争与法律风险;Wiz 估值超过 Orca,反映 Orca 先发优势被侵蚀。 |
| 2024-04 | 入选 Gartner CNAPP Magic Quadrant 领导者 | 规模化 | N/A | Gartner | 平台成熟度获得分析师级验证;强化企业销售周期。 |
| 2025-01 | 首家获得 AWS ISV Accelerate 资格的纯 CNAPP 厂商 | 合作 | N/A | AWS | 获得 AWS 一线销售联合销售支持;通过 AWS 渠道扩大企业管线。 |
2019 年种子轮和 2021 年 4 月轮次日期为近似值;公开来源未确认确切关闭日期。Palo Alto 停止侵权函及 Orca 拒绝事件来自 Orca 自有博客,而非 Palo Alto Networks 报道。Wiz 诉讼提交日期和法院细节来自 Dark Reading 和 InfoQ。
[CO025, CO026, CO027, CO028, CO029, CO030]截至 2026 年 5 月,Orca Security 在成熟度、资本状况、市场认可和商业牵引方面的关键定量和定性指标。
估值反映最后一轮已披露融资(Series C,2022 年 10 月),可能不代表当前公允价值。员工数和 ARR 未公开。
[CO025, CO029, CO030, CO035, CO036, CO038]02市场分析
2.1 市场边界、定义与现状替代方案
分析 Orca Security 时,相关市场是云原生应用保护平台(CNAPP)——一个整合型安全类别,将云安全态势管理(CSPM)、云工作负载保护平台(CWPP)、云基础设施权限管理(CIEM)、Kubernetes 安全态势管理(KSPM)、数据安全态势管理(DSPM)、云检测与响应(CDR)和 AI 安全态势管理(AI SPM)收束到单一统一平台。CNAPP 位于更广义的云安全市场之内;后者还包括不计入 CNAPP 的类别:传统网络安全(防火墙、Web 应用防火墙、DDoS 防护)、作为独立类别的身份和访问管理(IAM)、安全信息和事件管理(SIEM)、安全运营中心(SOC)平台、作为独立工具的云访问安全代理(CASB)以及端点检测与响应(EDR)。这些相邻类别不纳入 CNAPP TAM,但构成 Orca 潜在的平台扩张邻域。 CNAPP 主要替代四类现状方案:(1)单点工具堆栈,组织从不同供应商部署 CSPM、CWPP、CIEM 等工具,带来集成成本和告警疲劳;(2)由云架构师和 DevOps 团队在供应商控制台中人工审查安全配置的流程;(3)超大规模云厂商原生安全工具,包括 AWS Security Hub、Azure Defender for Cloud 和 Google Cloud Security Command Center,它们能以低增量成本为单云部署提供基础态势管理;(4)只做合规的工具(审计软件、GRC 平台),解决监管报告,却没有实时风险检测。CNAPP 的价值主张用持续、自动化、无代理的多云覆盖和语境化风险排序替代上述四类方案。Grand View Research 和 Gartner 都确认,CNAPP 替代碎片化单点工具,是该平台类别增速高于市场的主要驱动(21.8% CAGR,而更广义云安全市场为 13.3%)。与云安全支出重叠、但不计入 CNAPP TAM 的相邻类别包括 DevSecOps 工具、API 安全网关、密钥管理,以及作为独立产品销售的云基础设施权限管理。 [CM001, CM002, CM008, CM012, CM013, CM023]
| 细分 / 品类 | 纳入支出 | 排除支出 | 买方 / 付款方 | Orca 关联 |
|---|---|---|---|---|
| CNAPP(Orca 核心市场) | CSPM、CWPP、CIEM、KSPM、DSPM、CDR、AI SPM 集成平台;全生命周期云工作负载安全 | 独立点工具(仅 CSPM、仅 CWPP);EDR;网络防火墙;SIEM/SOAR;独立 IAM | CISO(预算负责人);安全工程团队(评估方 / 用户);>$500K 合同需 CFO 批准 | 直接 TAM;Orca 主战场;GVR:$9.79B(2023)→ $38.01B(2030) |
| 云安全整体(更广语境) | CNAPP 加独立 CASB、网络安全(WAF、DDoS)、传统 IAM、云原生 SIEM、DevSecOps 工具 | 端点 EDR、本地部署安全、物理安全、网络基础设施(交换机 / 路由器) | CISO、工程 VP、基础设施团队;更广 IT 和运营预算 | 间接参照;GVR:$35.84B(2024);CNAPP 约占云安全 TAM 的 27%(2023) |
| CSPM 独立产品(现状替代) | 云配置态势扫描;合规报告;错误配置检测 | 工作负载保护、身份权限、运行时检测、数据安全 | 云架构师、DevOps 团队、GRC 经理 | 直接替代 Orca 的 CSPM 能力;超大规模云厂商以低增量成本或零增量成本提供原生 CSPM |
| CWPP 独立产品(现状替代) | 虚拟机和容器工作负载保护;基于代理的漏洞扫描 | 态势管理、身份、数据、Kubernetes 安全、运行时编排 | 安全运营团队、漏洞管理团队 | 直接替代;Orca 的无代理 SideScanning 消除部署摩擦,替代基于代理的 CWPP |
| 超大规模云厂商原生安全(现状替代) | AWS Security Hub、Azure Defender for Cloud、Google Cloud SCC;面向单云的原生 CSPM 和基础工作负载扫描 | 多云可见性、CIEM、DSPM、AI SPM、CDR、Kubernetes 原生安全编排 | DevOps 和云运营团队;云客户无增量许可成本 | 竞争摩擦最大的替代方案;限制单云组织中的纯 CNAPP TAM;多云才推高 Orca 需求 |
| 点工具堆栈(现状替代) | 客户自行集成多个最佳单点工具:独立 CSPM 厂商 + CWPP 厂商 + CIEM 厂商 + 合规工具 | 一体化风险上下文、统一数据模型、自动化攻击路径分析 | 安全工程团队;多厂商采购;集成和维护开销更高 | 主要替换机会;工具蔓延、告警疲劳和集成成本推动采购向 CNAPP 整合 |
| GRC / 合规平台(部分替代) | 治理、风险与合规审计工作流;监管报告;政策文档 | 实时云风险检测、工作负载保护、身份安全、主动威胁响应 | 合规官、法务和风险团队;围绕审计周期采购 | 监管报告场景的部分替代;不覆盖实时检测;Orca 的合规包补充 GRC |
| 手工云安全审查(现状) | 云架构师临时安全评估;周期性云配置审计;基于控制台的审查 | 持续监控、自动化错误配置检测、工作负载漏洞扫描 | 云架构师、DevOps 负责人;没有专门安全预算项 | 门槛最低的替代;Orca 靠持续自动化覆盖替换手工审查,后者在规模化场景下跟不上 |
市场边界定义与 Grand View Research 对云安全(整体市场)和 CNAPP(平台型市场)的分段一致。Orca 的产品能力覆盖上述所有 CNAPP 子品类。区分现状替代和 CNAPP TAM 对测算很关键:超大规模云厂商原生工具和点工具堆栈不在 CNAPP TAM 内,但属于更广云安全市场。这个区分有助于理解 Orca 真实可服务池与竞争压力来源。
[CM001, CM002, CM013, CM023, CM028]2.2 用多重分析视角测算 TAM、SAM 与 SOM
2023 年全球 CNAPP 市场估计为 $9.79B,预计到 2030 年达到 $38.01B,对应 2024–2030 年 21.8% CAGR(Grand View Research)。更广义云安全市场 2024 年为 $35.84B,预计到 2030 年达到 $75.26B,CAGR 为 13.3%。CNAPP 更高的增速反映了平台整合:一体化 CNAPP 平台正在替代碎片化单点方案,并在更大的云安全 TAM 中拿份额。多家分析机构确认这一轨迹——Gartner 2024 年 CNAPP Magic Quadrant 给出厂商定位视角;其自有市场规模数据,以及 IDC 和 Forrester 的数据,只能通过付费订阅获得。Grand View Research 公开摘要数据和媒体二级报道表明,IDC 与 Forrester 对近期 CNAPP 市场 $10–15B 区间的估计,大体与 GVR 轨迹一致,但在 5–7 年维度上有 ±20% 的估计不确定性。 Orca Security 的可服务市场(SAM)是 CNAPP TAM 中的企业和高端中型市场切片。Grand View Research 数据确认,大型企业贡献 CNAPP 市场收入的 58%+;将该比例套用到 2023 年 CNAPP TAM,可得 2023 年 SAM 约 $5.7B,并按 CNAPP CAGR 增长,到 2030 年估计超过 $22B。北美组织约占 CNAPP 支出的 39%,美国子市场 CAGR 为 20.5%,进一步支撑面向北美企业的 GTM 重心。BFSI 行业单独贡献 CNAPP 市场收入的 21%+(Grand View Research),使金融服务成为最大需求垂直,也成为自然的 ICP 锚点。 Orca 的可获取市场(SOM)——短期可捕获份额——无法从公开数据推导,因为 Orca 不披露 ARR、客户数或胜率指标。基于 Orca $1.8B Series C 估值(2022 年)和 Gartner Magic Quadrant Leader 地位(2024 年),可粗略框定短期 ARR 为 $300–700M;但缺少已披露财务数据,该估计置信度低。失败的测算路径需要保留:直接量化 SOM 需要 Orca ARR 数据,这是任何估值敏感分析的阻塞性尽调事项。Wiz 激进融资释放相反信号(2024 年 $12B 估值、$1B 融资):Orca 可能正把销售管线输给资金更充足的竞争对手,从而把短期 SOM 压向启发式区间下沿。 [CM001, CM002, CM003, CM004, CM005, CM006]
| 发布方 | 年份 | 地理范围 | 数值 | CAGR | 方法 | 置信度 | 局限 |
|---|---|---|---|---|---|---|---|
| Grand View Research | 2024 年估计 | 全球 | $35.84B(云安全整体) | 13.3% (2025–2030) | 自下而上;包括 CSPM、CWPP、CASB、IAM、网络安全;私有云和公有云;企业和 SMB | 高 | 范围宽于 CNAPP;包含 Orca 不直接竞争的品类;分析师估计未经审计 |
| Grand View Research | 2023 年估计 | 全球 | $9.79B(CNAPP 细分) | 21.8% (2024–2030) | 从云安全整体自下而上拆分;CNAPP 包括 CSPM、CWPP、CIEM、CDR;公有云占比 68%+ | 高 | 主要 CNAPP TAM 只有单一分析师来源;无付费订阅时无法用 IDC/Forrester 交叉验证 |
| Grand View Research | 2030 年预测 | 全球 | $38.01B(CNAPP 细分) | 21.8% 明示 CAGR | 以 2023 年为基准按 CAGR 推算;BFSI 终端用途占比 21%+;大型企业占比 58%+;北美占比 39%+ | 中 | 7 年期预测;对云采用速度和超大规模云厂商原生工具扩张高度敏感;±25% 为合理区间 |
| Gartner | 2024(MQ 发布) | 全球(企业侧重点) | 市场规模仅在订阅报告中提供 | 未公开披露 | Magic Quadrant 厂商评估;市场规模在付费 Gartner 研究中;Peer Insights 评分公开可查 | 中 | 定量市场规模不公开;厂商能力与执行象限可查 |
| IDC / Forrester / MarketsandMarkets | 2024–2026 年(区间) | 全球 | 近期约 $10B–$15B(二手报道估计) | 约 20–25%(常见引用区间) | 一手分析师报告需要付费订阅;数字来自二手媒体报道;为近似值 | 低 | 一手来源有付费墙;数字只是二手近似值;无法直接对照 GVR 方法 |
| 推导 — Orca SAM | 2023 年估计 | 全球(企业细分) | 约 $5.7B(58%+ 企业占比 × CNAPP TAM) | 跟随 CNAPP CAGR(21.8%) | 自上而下:GVR CNAPP TAM 中企业占比(58%+);云支出 >$10M 且多云部署的组织 | 低 | 推导估计;用 58% 企业占比代理 Orca 可服务范围;实际 ICP 可能更窄或更宽 |
| 推导 — Orca SOM | 2026 年近期 | 全球(初始企业账户) | $300M–$700M ARR(启发式) | 不适用 | 启发式取 SAM 的 5–15%;参照 Orca $1.8B 估值(2022)和 Gartner MQ 领导者地位(2024) | 低 | Orca ARR 和客户数未公开披露;这是卡住尽调的缺口;启发式区间不是预测 |
| IBM / Ponemon(投资驱动因素) | 2025 年研究 | 全球 | 平均数据泄露成本 $4.4M(安全支出驱动因素) | 不适用 | Cost of a Data Breach Report 2025;调研 604 家组织;AI 辅助检测相较未使用 AI 的同行降低成本 $1.9M | 高 | 泄露成本是安全投资驱动因素,不是市场规模指标;用于支撑需求侧压力 |
不同分析师机构的市场规模估计采用不同范围定义、地理覆盖和预测方法。Grand View Research 的 CNAPP TAM(2023 年 $9.79B,2030 年 $38.01B)是主要公开可访问测算视角;IDC 和 Forrester 的一手估计需要付费订阅。推导 SAM($5.7B)和 SOM($300M–700M ARR)是低置信度分析构造;没有 Orca ARR,就无法估计 SOM。所有数字均为美元。CNAPP 与云安全整体是不同市场范围,不能相加。
[CM001, CM002, CM003, CM006, CM007, CM010]金字塔图展示从更广义云安全 TAM 到 Orca 估计可获取市场(SOM)的嵌套测算口径。金字塔说明 $35.84B 云安全总体 TAM 如何包含 $9.79B CNAPP 细分市场,后者又包含约 ~$5.7B 企业 CNAPP SAM,并进一步收窄到 Orca 近期 SOM 的 $300–700M 启发式区间。每一层都反映公开分析师数据或推导估计,越往下信心越低。
所有数值均为基于 Grand View Research 已发布数据或公开企业细分占比自上而下推导的分析估计。Orca SAM 和 SOM 是构造出的分析估计,不是已发布的分析师数据。SAM 使用 CNAPP TAM 中企业占比(58%+);北美子集使用 39% 北美占比。SOM 是基于 $1.8B Orca 估值(2022 年)和行业 5–15% SAM 捕获基准得到的启发式区间;Orca ARR 未公开披露。
[CM001, CM002, CM005, CM006, CM007]区间图展示 2023 至 2030 年全球 CNAPP 市场规模的低 / 基准 / 高估计,单位为十亿美元。基准情景沿用 Grand View Research 21.8% CAGR 预测。低情景采用 15% CAGR(保守,考虑超大规模云厂商原生工具逆风和捆绑压力),高情景采用 28% CAGR(激进,考虑 AI SPM 品类扩张和监管执行加速)。所有数值均为十亿美元;各行单位一致。
基准情景沿用 Grand View Research 基于 2023 年 $9.79B 基数发布的 21.8% CAGR 预测。低情景(15% CAGR)反映超大规模云厂商原生工具和平台捆绑显著约束纯 CNAPP 增长的情况。高情景(28% CAGR)反映 AI SPM、NIS2 执行和 DevSecOps 扩张推动采用率高于 GVR 基准预测的情况。所有数值单位为十亿美元。跨分析师区间(IDC、Forrester)根据二级报道估算,近期为 ±12%,5 年以上扩大到 ±25%。所有行单位一致(十亿美元)。
[CM002, CM003, CM004, CM007]2.3 增长驱动、监管顺风与市场约束
四股结构性力量推动云安全和 CNAPP 市场持续扩张。第一,多云和混合云采用显著扩大了企业攻击面;AWS 文档明确把云原生安全定位为迁移战略的基础。第二,数据泄露成本持续推高安全投资压力——IBM 2025 年报告显示,全球平均成本为 $4.4M,这已进入 CFO 层级。与非 AI 同行相比,AI 辅助检测可为组织节省 $1.9M,进而拉动对 AI 集成型 CNAPP 能力的需求。第三,美国行政令和 NIST Cybersecurity Framework 2.0 的零信任要求,迫使受监管行业投资云安全——2025 年 6 月 6 日签署的一项美国 EO 要求 NIST 和联邦机构进一步强化网络安全态势。第四,DevSecOps 实践和 AI 工作负载扩散,把 CNAPP 买方扩展到开发团队和 AI 基础设施团队,结构性扩大可触达池,也抬高每席经济性。Cloud Security Alliance 博客报道确认,云错误配置仍是持续存在的主要攻击向量。 监管合规要求是企业安全预算最持久的驱动。HIPAA 要求受覆盖医疗实体为云端 ePHI 落实技术保护措施,直接要求访问控制和审计能力。PCI-DSS v4.0 要求持续漏洞扫描和配置监控;能逐年保持完全 PCI 合规的组织不到 50%,持续推高合规自动化需求。GDPR 和 CCPA 设置数据保护与泄露通知要求,CNAPP 的 DSPM 能力可直接覆盖。NIST CSF 2.0 和美国行政令将联邦机构零信任正式化。欧盟 NIS2 Directive 将网络安全风险管理义务扩展到能源、银行、医疗和数字基础设施等关键实体。FedRAMP 授权为符合条件的云供应商打开政府采购。Google Cloud 和 AWS 的合规文档均确认,云共享责任模型要求客户自行负责应用和数据安全层——这正是 CNAPP 的价值主张。 市场逆风限制 CNAPP 采用速度,并压缩纯厂商利润率。超大规模云厂商原生工具(AWS Security Hub、Azure Defender、Google Cloud SCC)以低增量成本为单云部署提供基础 CSPM,限制纯 CNAPP 厂商可触达池。Palo Alto Networks Prisma Cloud 和 CrowdStrike Falcon Cloud Security 的平台捆绑,使这些厂商在与既有企业合同交叉销售时,可以把 CNAPP 价格压到独立报价之下。Wiz 2024 年 $12B 估值和 $1B 融资显示,它是资金异常充足的纯厂商对手,能够持续投入激进定价和 GTM。企业预算合理化周期利好平台整合者,而不是专业化单点方案。随着超大规模云厂商扩展原生能力,CSPM 商品化是中期结构性风险。 [CM008, CM009, CM010, CM011, CM012, CM013]
| 驱动因素 / 约束 | 方向 | 时间节奏 | 对 Orca 的含义 | 尽调问题 |
|---|---|---|---|---|
| 云工作负载扩张与多云采用 | 驱动 | 持续的结构性趋势(2024–2030) | 每新增一个云账户,都可能接入 Orca 平台;多云复杂度抬高无代理 CNAPP 的 ROI | 量化 Orca 客户的云账户扩张率;跟踪 AWS、Azure、Google Cloud 工作负载增长率 |
| 数据泄露成本压力(IBM 2025 平均 $4.4M) | 驱动 | 持续存在;AI 辅助攻击工具推高泄露频率 | CFO 和董事会更清楚泄露成本,云安全预算因此被拉动;Orca 的风险优先级排序缩短平均响应时间 | 评估 Orca 是否跟踪客户安全事件下降指标,并将其作为留存和扩张证明 |
| 零信任要求(NIST CSF 2.0、美国 2025 年 6 月行政令) | 驱动 | 短期加速(2025–2026 年联邦;商业市场滞后 12–18 个月) | 受监管行业和政府承包商需要符合零信任的云安全;Orca 的 CIEM 和访问可视性契合零信任架构要求 | 核实 Orca 是否发布零信任对齐白皮书或合规映射文档 |
| 监管合规(HIPAA、PCI-DSS、GDPR、NIS2、FedRAMP) | 驱动 | 持续;NIS2 在 2025–2026 年全面执行;FedRAMP 管线建设中 | 合规要求把安全预算变成刚性支出;Orca 的合规包直接覆盖 HIPAA 和 PCI;FedRAMP 缺口限制政府机会 | 确认 Orca FedRAMP 授权状态;评估 NIS2 和 GDPR 合规包对欧盟扩张的覆盖深度 |
| DevSecOps 采用与 AI SPM 品类兴起 | 驱动 | 中期走向主流(2025–2028);AI SPM 刚起步但在增长 | DevSecOps 将买方扩展到开发团队;AI SPM 是 AI 工作负载安全上的增量 TAM 机会 | 跟踪 Orca 在客户群中 IaC 扫描、CI/CD 集成和 AI SPM 模块的采用;评估这些模块的 ARR 贡献 |
| 超大规模云厂商原生安全工具(AWS Security Hub、Azure Defender、Google Cloud SCC) | 约束 | 持续;随超大规模云厂商投入扩大 | 单云组织可能默认使用原生工具;纯 CNAPP 的可触达池会被压缩到多云组织 | 量化 Orca 管线中单云 vs 多云占比;评估对原生工具替代方案的赢单 / 输单率 |
| 平台捆绑(Palo Alto Prisma Cloud、CrowdStrike Falcon、Cisco) | 约束 | 近中期(2024–2027 捆绑压力峰值) | 折扣捆绑的 CNAPP 压缩 Orca 定价权;已有 PANW 或 CRWD 合同的企业切换到 Orca 成本高 | 评估 Orca 在 Palo Alto 或 CrowdStrike 既有供应商参与交易中的竞争赢单率;跟踪平均交易规模趋势 |
| Wiz 竞争压力与资金充足的纯 CNAPP 对手 | 约束 | 持续;Wiz $12B 估值(2024)显示投入会延续 | Wiz 能在销售、市场拓展和产品投入上压过 Orca;活跃诉讼(2023)带来法律开销和潜在证据开示风险 | 跟踪 Wiz 和 Orca 在 G2、Gartner Peer Insights 的评分走势;评估 Orca 诉讼状态和和解可能性 |
| 企业预算理性化与供应商整合 | 约束 | 周期性;2024–2025 高企;经济放缓时反复出现 | CISO 将预算集中到更少供应商,覆盖更广的平台厂商会优于纯 CNAPP;续约率可能受压 | 监控 Orca 净收入留存;评估 Orca 将自己定位为平台整合者,还是同类最佳单点方案 |
| 超大规模云厂商扩展原生能力后,CSPM 商品化 | 约束 | 中期结构性(2025–2030) | 一旦 CSPM 被视为商品化能力,Orca 的溢价定价就需要在 CIEM、DSPM、AI SPM 和攻击路径情报上拿出更强差异化 | 跟踪超大规模云厂商 CSPM 功能与 Orca 核心 CSPM 的对齐程度;评估 Orca 差异化是否转向更难商品化的能力 |
驱动因素和约束评估综合 Grand View Research 市场分析、IBM 泄露报告数据、NIST/HHS 监管文件、AWS 和 Google Cloud 厂商定位、The Register 与 Dark Reading 安全新闻报道,以及 Orca 官方文档。时间和含义评估是定性判断;没有单一来源提供 CNAPP 市场完整排序的驱动 / 约束矩阵。尽调问题是正式尽调中应向 Orca 管理层厘清的问题。
[CM008, CM009, CM010, CM016, CM017, CM018]2.4 客户与买方分层
Orca Security 的理想客户画像(ICP)集中在拥有大量多云部署的企业组织——通常是在两个或更多超大规模云厂商上每年云支出达到 $10M 以上的组织。Grand View Research 确认,大型企业贡献 CNAPP 市场收入超过 58%,并贡献更广义云安全市场超过 74%,验证了企业优先的 GTM 策略。这些组织具备云复杂度、监管暴露和安全团队成熟度,能够看出一体化 CNAPP 平台相较一组单点工具的价值。在企业环境中,大规模代理管理运营成本高,Orca 的无代理部署模型尤其有利——它消除了基于代理的替代方案在复杂云环境中遇到的部署摩擦。 按行业垂直看,BFSI 占 CNAPP 市场超过 21%,是最大的终端使用垂直;驱动因素是 PCI-DSS、SOX 和 GLBA 合规要求,以及核心银行现代化中的高云采用。医疗组织面对 HIPAA 对云托管 ePHI 的技术保护要求,形成合规驱动需求。技术和 SaaS 公司天生云原生,需要与 DevSecOps 工作流匹配的 KSPM、IaC 扫描和 CDR 能力。政府和公共部门是一个新兴细分市场,但进入门槛是 FedRAMP 授权;截至 2026 年 5 月,Orca 公开文档未确认 FedRAMP 授权,这可能是政府市场准入缺口。 采购模式由 CISO 牵头,交易周期为三到九个月,并包含概念验证阶段。Orca 公开案例研究展示了这一模式:Paidy(金融科技、多云可见性、PCI-DSS 合规)和 Digital Turbine(移动广告、快速部署)都因为 Orca 的无代理部署速度和覆盖深度而选择它。大型企业账户更倾向多年合同;扩张来自新增云账户接入、垂直行业合规包采用,以及新的 CNAPP 能力模块(DSPM、AI SPM、CDR)。预算所有权在 CISO 手中,安全工程经理担任技术评估者;年度合同超过 $500K 时,CFO 和董事会参与度会上升。从意识到云安全问题到签订 CNAPP 部署合同,路径通常包括分析师报告入围、概念验证评估、安全工程师签字和 CISO 最终批准。 [CM029, CM030, CM031, CM032, CM033, CM034]
| 细分 | 买方 | 用户 / 团队 | 付款方 | 预算负责人 | 采用触发因素 |
|---|---|---|---|---|---|
| BFSI 企业(核心 ICP) | CISO;安全 VP;IT 风险官 | 安全工程团队;云安全分析师;合规官 | 安全预算(PCI-DSS、SOX、GLBA 合规项) | CISO | PCI-DSS 审计失败;核心银行业务迁移上云;监管检查发现问题;泄露事件 |
| 医疗健康 / 生命科学 | CISO;合规 VP;IT 安全总监 | 安全工程;合规团队;云基础设施团队 | 合规与风险管理预算;HIPAA 审计驱动拨款 | CISO 或合规 VP | HIPAA 审计或 OCR 调查;云 EHR 迁移;泄露通知触发 |
| 科技 / SaaS 公司 | CISO;工程 VP;DevSecOps 负责人 | 安全工程;DevOps;平台工程;开发者团队 | 工程或安全预算;DevSecOps 工具项 | CISO 或 CTO | Kubernetes 和多云复杂度;开发者安全要求;SOC 2 或 ISO 27001 认证 |
| 政府 / 公共部门(新兴) | CISO;机构 IT 安全官 | 安全运营;云合规团队 | 政府 IT 安全预算;FedRAMP 授权要求 | 机构 CISO 或 IT 总监 | 零信任行政令要求;FedRAMP 授权厂商要求;OMB 云优先政策 |
| 零售和电商 | CISO;技术 VP | 安全工程;支付合规团队;基础设施团队 | PCI-DSS 合规预算;IT 安全预算 | CISO | PCI-DSS 审计;云迁移;支付卡数据泄露;第三方风险评估 |
| 能源和关键基础设施 | CISO;OT/IT 安全总监 | OT 安全团队;云安全分析师;合规团队 | 关键基础设施安全预算;NERC CIP 或行业特定合规 | CISO 或运营副总裁 | NIS2 指令合规(EU);TSA 网络安全指令(US);ICS/OT 与云融合 |
| 中端市场偏大型多云客户 | IT 安全经理;CISO(较小组织) | IT 团队;云运营;专职安全人手有限 | IT 安全预算;总体技术预算 | CTO 或 IT 经理 | 云足迹快速扩张;首次企业安全审计;合规认证要求 |
买方和预算负责人画像来自 Orca 官方案例研究(Paidy、Digital Turbine)、Grand View Research 细分市场数据(BFSI 占 CNAPP 21%+、企业占 58%+)、HHS HIPAA 文档,以及 NIST/政府 合规要求。Orca 按细分市场、交易规模和赢单率划分的准确客户分布未公开披露。纳入政府 / 公共部门反映市场语境;Orca 的 FedRAMP 授权状态未确认,可能限制联邦市场可触达性。
[CM029, CM030, CM031, CM032, CM033, CM034]矩阵将主要 CNAPP 买方细分市场映射到买方画像、合规驱动、采购模式和 Orca 产品匹配度。矩阵显示,BFSI 和医疗健康由强制合规(PCI-DSS、HIPAA)驱动,是匹配度最高的细分;技术 / SaaS 由 DevSecOps 采用驱动,是增长最高的细分。政府 / 公共部门潜力高,但受 FedRAMP 授权状态卡住。
买方画像综合 Orca 案例研究(Paidy、Digital Turbine)、Grand View Research CNAPP 细分数据、HHS HIPAA 文件、NIST 监管框架以及 AWS/Google 合规文件。采购周期和交易规模是基于行业模式的方向性估计;Orca 未披露销售周期数据。政府 / 公共部门的 Orca FedRAMP 状态未确认——本评估基于缺乏确认,而不是确认不存在。
[CM029, CM030, CM032, CM034, CM036, CM037]2.5 市场成熟度、采用生命周期与 CNAPP 演进
CNAPP 市场处于采用早期增长阶段,距离最初品类定义约两到三年,正在进入主流企业采购。Gartner 2024 年 Cloud-Native Application Protection Platforms Magic Quadrant 将 Orca 评为 Leader,标志着分析师群体对该类别的制度化认可——这类里程碑通常发生在大规模企业 RFP 纳入和安全预算标准化之前。平台细分贡献 CNAPP 市场收入的 60%+,增速快于托管服务细分(14.7% CAGR),确认买方更偏好拥有平台。这一模式类似 SIEM 和 EDR 的历史路径:两个类别都先向平台厂商整合,再进一步并入安全套件,说明 CNAPP 很可能沿同一弧线演进。 AI 安全态势管理(AI SPM)是该类别的下一波扩张。Orca 的 AI SPM 模块把平台放到 AI 工作负载和模型基础设施安全的前沿;随着企业 AI 基础设施扩散,这一增量 TAM 扩张可能为可触达市场增加 10–20%。截至 2026 年 5 月,Cloud Security Alliance 博客报道确认,AI 智能体安全、多云可见性和 DevSecOps 集成仍是从业者活跃讨论的主题,说明市场还没进入商品化阶段。TechCrunch 的云安全报道也显示,该类别仍有持续的风险投资和并购活动。采用漏斗从 CISO 识别云安全缺口开始,经过 Gartner MQ 入围和概念验证评估,最后进入多年企业合同,并由新模块和新账户驱动扩张。 [CM036, CM037, CM038, CM039, CM040, CM041]
漏斗图展示企业 CNAPP 从初始认知到合同扩张的购买和部署生命周期。数值是归一化后的相对群体规模,顶部认知阶段指数为 100。漏斗说明企业 CNAPP 典型交易周期为 3–9 个月,最大流失发生在 POC 短名单与供应商选择之间。
漏斗数值是归一化后的相对群体指数(不是绝对客户数或市场百分比)。数值来自 Orca 案例研究、CNAPP 行业交易周期模式和分析师对企业安全采购评论的定性综合。Orca 未公开披露胜率、POC 到成交率或销售漏斗转化指标。阶段标签和比例反映一般企业 CNAPP 销售动作,不是 Orca 特定数据。从评估(35)到选择(12)的大幅下降,反映企业 POC 评估竞争激烈。
[CM029, CM031, CM035, CM037]03竞争格局
3.1 竞争格局概览
云原生应用保护平台(CNAPP)市场已经收敛为两层结构:一小批纯专注型厂商,围绕云专用覆盖的广度和深度竞争;以及更大一组随云订阅捆绑的超大规模云厂商原生工具。Orca Security 位于上层,主要与 Wiz、Palo Alto Networks Prisma Cloud、CrowdStrike Falcon Cloud Security、Aqua Security、Lacework/Fortinet 和 Sysdig 竞争。第二层包括 Microsoft Defender for Cloud、带 GuardDuty 的 AWS Security Hub,以及 Google Security Command Center,带来另一类竞争挑战:更低价格点,背后是主导型基础设施提供商的采购杠杆。 Gartner 的 CNAPP Magic Quadrant 是该市场最常被引用的分析师框架;2024 年版本将 Orca 和 Wiz 都列为 Leaders,说明企业买方认为两家厂商都有强执行力和愿景。Palo Alto Networks 也经常被列为 Leader 或高曝光 Challenger,反映其完整平台组合。G2 同行评论和 Gartner Peer Insights 都显示 Orca 与 Wiz 评分很高(4.6–4.8/5 区间);Wiz 评论量更大,与其更快收入增长和更广 Fortune 100 渗透一致。因此,竞争格局并非静态:交易速度、合作伙伴生态杠杆,以及 Google-Wiz 整合,都是 Orca 必须应对的竞争秩序实质变化。 [CP001, CP002, CP003, CP004, CP005]
供应商按部署复杂度(x 轴:1=最低无代理,10=复杂且重代理)和 CNAPP 覆盖广度(y 轴:1=狭窄 / 专项,10=全面全 CNAPP)绘制。位置是基于截至 2026 年 5 月公开产品文件和分析师评测的序位判断,不来自正式评分方法。
[CP001, CP002, CP007, CP023]3.2 主要 CNAPP 竞争对手画像
Wiz 由前 Microsoft Azure 工程师在 2020 年创立,到 2022 年中估值达到 $12B,并以约 $32B 被 Google 收购,交易于 2025 年初完成。Wiz 使用与 Orca 类似的无代理架构,通过 API 集成扫描云环境;其 Wiz AI-Application Protection Platform 覆盖 CSPM、CWPP、KSPM、CIEM、CDR 和 AI 安全。截至 2026 年 5 月,Wiz 称 Fortune 100 中超过 50% 是其客户,相比 Orca 拥有更强企业渗透。Wiz 在 G2 上评分为 4.7/5,评论至少 772 条,高于 Orca 约 280 条评论下的 4.6 分——这一差距反映了更快商业执行,也反映了 Google 支持的资产负债表带来的营销杠杆。 Palo Alto Networks Prisma Cloud 是企业市场最完整的 CNAPP 平台,最近更名为 Cortex Cloud,并并入更广泛的 Cortex AI 驱动安全运营套件。Prisma Cloud 同时支持无代理和基于代理的部署,覆盖完整 CNAPP 能力面。其强项在于 Palo Alto Networks 超过 $8B 的整体安全产品组合,可向防火墙、终端和网络安全买方交叉销售。 CrowdStrike Falcon Cloud Security 把端点检测与响应(EDR)领导地位与云安全结合;CrowdStrike 在终端安全中的主导地位已由 MITRE ATT&CK 评估验证。CrowdStrike 在 MITRE 首次云专项评估中达到 100% 检出率,依靠 Falcon 传感器提供运行时保护,同时提供无代理 CSPM 态势管理。平台管理超过 281 个对手的情报,并跟踪超过 300M 个实时指标,威胁情报深度是纯 CNAPP 厂商难以匹敌的。 Aqua Security 成立于 2015 年,总部位于 Boston 和 Ramat Gan,专注容器与 Kubernetes 安全,服务超过 500 家大型企业。Aqua 平台整合贯穿开发生命周期的代码到云安全,结合无代理和基于代理的能力。其优势是开发者工具链集成和运行时执行。Lacework 在 2024 年并入 Fortinet 后,为市场带来基于 ML 的异常检测和行为分析。Sysdig 基于开源 Falco 项目,专攻容器化和 Kubernetes 环境中的运行时安全,能够在亚秒级发现威胁,并把自己定位为实时检测专家。 [CP006, CP007, CP008, CP009, CP010, CP011]
| 竞争对手 | 类别 | 规模 / 融资 | 目标客群 | 核心差异化 | 主要限制 |
|---|---|---|---|---|---|
| Orca Security | 纯 CNAPP 厂商(无代理) | 已融资 ~$630–650M;估值 $1.8B(2022) | 企业级多云 | 已获专利的 SideScanning™;无代理;Unified Data Model | 客户基数小于 Wiz;没有运行时代理选项 |
| Wiz | 纯 CNAPP 厂商(无代理) | 已融资 ~$900M+;被 Google 以约 $32B 收购(2025) | 企业;Fortune 100 | Fortune 100 渗透率 50%+;Google 分发;Security Graph | 运行时依赖代理;Google 收购后价格压力 |
| PANW Prisma Cloud(Cortex Cloud)平台 | 全平台型 CNAPP | $8B+ PANW 组合的一部分 | 企业;现有 PANW 客户 | 无代理 + 代理混合;平台覆盖最广;AI Precision | 部署复杂;成本高;在 PANW 套件内价值最佳 |
| CrowdStrike Falcon Cloud Security | EDR 融合型 CNAPP | Falcon 平台 ARR ~$3B+ | 企业;EDR 优先客户 | Falcon sensor 支撑一流运行时能力;MITRE 100% 检测 | 主要依赖代理;CSPM 是从 EDR 传统上加装的能力 |
| Aqua Security | 容器 / 云 CNAPP | 私有;已融资 $100M+ | 企业;容器 / K8s 重度团队 | 深度容器生命周期安全;500+ 企业客户 | 在 VM / 无服务器态势上不如 Orca/Wiz |
| Lacework / Fortinet | CNAPP(现已捆绑) | Fortinet 收入 $5B+;Lacework 2024 年并入 | 中端市场;现有 Fortinet 客户 | ML 异常检测;行为分析;Fortinet 分发 | 与 Fortinet 的集成成熟度在并购后仍在演进 |
| Sysdig | 运行时优先 CNAPP | 私有;已融资 ~$350M | 企业;Kubernetes / 云原生开发团队 | 基于 Falco 的亚秒级运行时检测;AI 分析师(Sage) | 运行时强,但 CSPM/CIEM 比 Orca/Wiz 薄 |
| Microsoft Defender for Cloud 平台 | 超大规模云厂商捆绑型 CNAPP | Microsoft ~$300B+ 安全收入的一部分 | Microsoft/Azure 中心型企业 | Azure 免费基础 CSPM;与 Microsoft Security 套件统一 | 多云深度有限;偏向 Azure;完整覆盖成本高 |
规模和融资数字来自公开文件、公司网站和新闻报道。Wiz 收购价格(~$32B)反映媒体报道;最终准确条款可能不同。PANW ARR 是平台层面;Prisma Cloud 是其中一部分。Fortinet 并购后,Lacework ARR 未单独披露。
[CP006, CP007, CP008, CP009, CP010, CP011]3.3 Orca 差异化与竞争定位
Orca Security 的主要差异点是已获专利的 SideScanning™ 技术:平台通过与云服务商 API 集成并访问只读块存储快照来读取云工作负载数据,而不是在客户工作负载内部部署代理。这一架构选择消除了代理部署摩擦,避免运行时性能开销,也能覆盖无法运行传统代理的资产,例如 serverless 函数、托管数据库和遗留虚拟机。Orca 称,连接一个云账户后数分钟内即可实现 100% 工作负载深度覆盖;相比需要数周或数月才能在大型企业中达到完整覆盖的基于代理竞争对手,这一部署速度更有优势。 Unified Data Model 是第二个差异化支柱。Orca 将 CSPM、CWPP、KSPM、CIEM、DSPM、CDR 和 AI SPM 的数据关联到单一图谱中,浮出由单个低严重性发现串成的高严重性攻击路径。Orca 称,语境驱动的风险排序只呈现真正重要的 1% 告警,直接解决困扰基于代理单点方案的告警疲劳问题。Wiz 也用类似概念打造 Security Graph;随着两家厂商迭代,这种架构趋同意味着 Orca 在这一维度的差异化正在下降。 面对 Prisma Cloud 和较早 CrowdStrike CNAPP 配置等传统重代理平台,Orca 的部署模型优势最明显。面对 Wiz,差异化更窄,主要集中在定价、客户支持质量、集成生态成熟度,以及 Orca 在无代理架构中的更早专利位置。Orca 的 AWS ISV Accelerate 资格——截至 2025 年 1 月为首个获得该资格的纯 CNAPP 厂商——通过 AWS 一线联合销售提供 GTM 杠杆;Wiz 尚未通过这一特定机制获得同类优势,尽管 Wiz 与 Google 的关系带来自己的渠道优势。Orca 覆盖 AWS、Azure、GCP、Kubernetes 和 OCI 的多云广度,也补足了其相对超大规模云厂商专属替代方案的定位。 [CP016, CP017, CP018, CP019, CP020, CP021]
| 能力 | Orca Security | Wiz | PANW Prisma | CrowdStrike | Aqua Security | Sysdig |
|---|---|---|---|---|---|---|
| CSPM | 原生无代理 | 原生无代理 | 无代理 + 代理 | 无代理(Humio) | 无代理 + 代理 | 以代理为主 |
| CWPP | 无代理 SideScanning | 无代理扫描 | 代理 + 无代理 | Falcon sensor(代理) | 代理 + 无代理 | Falco 代理 |
| KSPM | 原生 | 原生 | 原生 | 原生 | 原生 | 原生(基于 Falco) |
| CIEM | 原生 | 原生 | 原生 | 部分支持 | 部分支持 | 有限 |
| CDR(云检测与响应) | 原生 | 原生 | 原生(Cortex XDR) | 原生(Falcon OverWatch) | 部分支持 | 原生(实时) |
| DSPM | 原生 | 原生 | 部分支持 | 有限 | 有限 | 有限 |
| AI SPM | 原生 | 原生 | 原生(AI SPM) | 有限 | 有限 | 有限 |
覆盖标记(原生 / 无代理 / 部分支持 / 有限)是作者基于截至 2026 年 5 月的公开厂商产品页面和分析师来源作出的评估。厂商仍在积极开发新能力;这个快照可能无法反映近期新增功能。空值单元格表示没有公开记录的能力。
[CP016, CP017, CP018, CP019, CP020]评估八家主要 CNAPP 和云安全供应商在五个战略能力维度上的能力覆盖。评级反映截至 2026 年 5 月公开记录的产品功能;完整=原生集成能力,部分=有限或附加覆盖,有限=最低或 beta 阶段。
[CP016, CP019, CP023, CP025, CP038]3.4 超大规模云厂商原生与平台捆绑替代方案
Microsoft Defender for Cloud 是 Microsoft 面向 Azure 和多云环境的一体化 CNAPP 产品。它提供 CSPM、云工作负载保护和 DevOps 安全能力,并提供免费与付费层级。免费的基础 CSPM 层级会为 Azure 订阅自动启用,给了 Microsoft 独立 CNAPP 厂商无法复制的分发优势。对于以 Azure 工作负载为主、且已有 Microsoft 安全投入的企业,Defender for Cloud 会降低其对第三方 CNAPP 工具的感知需求,尤其是在 CSPM 层面。 AWS Security Hub 将 AWS 原生服务和合作伙伴集成中的安全发现汇总到单一仪表盘,并提供自动化合规检查。Amazon GuardDuty 用 AI 和 ML 做持续威胁检测,监控 CloudTrail 日志、VPC flow logs、DNS 查询和 EKS 控制平面活动。两者合起来,为已经支付 AWS 服务费用的 AWS 计算工作负载提供深度 AWS 原生可见性,且没有边际成本。它们的限制主要在范围:Security Hub 和 GuardDuty 为 AWS 环境优化,对于拥有大量 Azure 或 GCP 足迹的组织价值有限。Orca 覆盖 AWS、Azure、GCP 和 OCI 的多云能力,正是对这一限制的直接回应。 Google Security Command Center 为 Google Cloud 工作负载提供默认常开安全,包括内置威胁检测、基于客户 GCP 环境数字孪生模型的攻击模拟式虚拟红队,以及 AI 工作负载保护。收购后与 Wiz 的整合,有可能打造一个深度集成的 GCP 原生 CNAPP,进一步侵蚀大型 GCP 为主用户中独立 CNAPP 厂商的可触达市场。Orca 的反向定位是多云广度和供应商独立性——对于不能或不愿押注单一超大规模云厂商的组织安全团队,这两个利益点更有共鸣。 [CP023, CP024, CP025, CP026, CP027, CP028]
| 厂商 | 价格模型 | 合同类型 | 包含能力 | 折扣可见度 | 对 Orca 的战略含义 |
|---|---|---|---|---|---|
| Orca Security | 按云资产或工作负载计费的 SaaS | 年度订阅;多年期折扣 | 完整 CNAPP,包括 CSPM、CWPP、KSPM、CIEM、CDR、DSPM、AI SPM | 未公开披露;竞争性谈判 | 参照基准;必须在 TCO 和覆盖宽度上竞争 |
| Wiz | 按工作负载计费的 SaaS;按用量分层 | 年度合同;据传多年期折扣激进 | 类似的 CNAPP 覆盖宽度;AI-APP Platform | Google 背书;据报道在竞争交易中激进打折 | 主要价格压力;Google 可补贴抢份额 |
| PANW Prisma Cloud | 基于 credit 的消费模型 | 多年期企业合同;与 Cortex/NGFW 捆绑 | 最广 CNAPP + 平台捆绑 | 据报道现有 PANW 客户可获最高 30–50% 捆绑折扣 | 对纯 CNAPP 交易威胁较小;在 PANW 客户中最危险 |
| CrowdStrike | Falcon 的模块化 SaaS 附加项 | 年度合同;与 Falcon 端点捆绑 | CNAPP 是 Falcon 平台的一部分;CDR 强 | 捆绑定价相对独立购买形成实际折扣 | 对 CNAPP 优先交易威胁较小;在 EDR 客户中更有竞争力 |
| Aqua Security | 按节点或镜像计费 | 年度合同;可选永久许可 / 混合模式 | 聚焦容器 / K8s;CNAPP 附加模块 | 价格未公开披露;开发者友好 | 容器重度客户中的利基威胁 |
| MS Defender for Cloud 平台 | 按资源计费或免费基础层 | 按量付费;Azure Commit Units | 免费基础 CSPM;增强 CWPP 和高级功能付费 | 免费层对 Azure 客户等同于永久折扣 | 对 Azure 客户的纯 CSPM 预算威胁最大;免费层直接竞争 |
| AWS Security Hub | 按摄取的发现项计费;按检查计费 | 按量付费;承诺额很低 | CSPM 发现项聚合;CWPP 有限 | AWS 原生客户成本很低 | 商品化 CSPM 基线;降低纯 CSPM 付费意愿 |
定价模型反映截至 2026 年 5 月的公开文档和行业报道。私有厂商的实际合同条款未公开披露。竞争交易中的折扣水平和定价策略来自第三方报道,尚未独立验证。Orca 不公布标价。
[CP023, CP024, CP025, CP026, CP027]3.5 竞争护城河与替代风险
Orca 最强的结构性护城河,是其 SideScanning™ 无代理云安全架构已获授的美国专利。该专利 2019 年提交、后续获批,为 Orca 不安装代理读取云工作负载数据的核心机制提供法律保护。Orca 于 2023 年 7 月起诉 Wiz,指控加入 Wiz 的前 Orca 员工侵犯版权并窃取商业秘密;该案既反映 Orca 知识产权位置的强度,也反映它对竞争威胁的严肃态度。客户切换成本是次级护城河:Orca 客户通过云服务商 API token 集成,接入自定义策略和合规规则,并随着时间连接 ticketing、SIEM 和 SOAR 工作流。累积的配置和工作流投入带来有意义的留存摩擦。Orca 的 100+ 集成生态把 Orca 嵌入既有安全工作流,进一步加深锁定效应。 Orca 面临的主要替代风险有三类。第一,Wiz 借 Google 支持可以激进定价,并通过 Google Cloud 销售渠道获得分发杠杆。第二,超大规模云厂商通过免费或捆绑的原生工具将基础 CSPM 商品化,降低客户为仅 CSPM 用例付费的意愿。第三,Palo Alto Networks 等大型既有厂商推动平台整合,将 CNAPP 与防火墙和终端组合捆绑,并提供多年企业许可,可能让部分买方画像下的独立 CNAPP 经济性变差。Lacework 于 2024 年完成与 Fortinet 合并,代表同样的平台捆绑动态在中型市场进入者身上发生。面对这些压力,Orca 最好的防守是维持广度优势,借更难用纯无代理路径复制的 CDR 能力加深运行时保护,并利用 AWS 联合销售关系抵消 Wiz 的 Google 分发优势。 [CP030, CP032, CP033, CP034, CP035, CP036]
| 护城河主张 | 竞争威胁 | 严重性 | 缓解措施 / 尽调问题 |
|---|---|---|---|
| SideScanning 专利提供 IP 保护 | 诉讼称 Wiz 复制 IP(诉讼未决);专利有效性尚未裁定 | 高 | 跟踪诉讼结果;评估 Wiz 是否已绕开专利设计 |
| 无代理部署是主要差异化 | Wiz、PANW 和 CrowdStrike 都提供无代理选项;差异化收窄 | 中 | 核实 Orca 的无代理架构相较 Wiz 是否仍有技术优势 |
| Unified Data Model 支撑风险上下文 | Wiz Security Graph 提供类似的上下文化攻击路径分析 | 中 | 用客户证据评估 Orca UDM 与 Wiz Security Graph 的深度 |
| AWS ISV Accelerate 联合销售渠道 | Google 背书的 Wiz 通过 GCP 渠道分发,优势可比 | 中 | 量化 AWS 联合销售带来的管线贡献;跟踪续约率 |
| 100+ 生态集成形成工作流锁定 | 超大规模云厂商免费提供原生集成;客户感知价值下降 | 低 | 在客户访谈中确认集成深度相较原生替代方案的优势 |
严重性评级是作者基于公开竞争证据作出的评估。诉讼结果(Orca vs. Wiz,2023 年 7 月提起)截至研究日期尚未公开解决,构成重大未知。专利防御力取决于权利要求范围;投资级分析需要法律审查。
[CP030, CP032, CP033, CP034]截至 2026 年 5 月,Orca Security 的竞争护城河与市场就绪度指标。依据公开产品文档、分析师认可和可获取的公司披露整理。
[CP030, CP033, CP035, CP036, CP037, CP039]04财务情况
4.1 收入模式与定价结构
Orca Security 的收入主要来自年度 SaaS 订阅许可,范围按监控的云账户或资产数量确定。无代理 SideScanning 技术取消了按主机代理授权,使按资产层级定价更简单,并能随客户云足迹扩张而增长。Orca 自家 About 页面描述的平台覆盖云环境中的工作负载、数据和身份,说明其覆盖的是广义攻击面,而非单点产品定价。收入流还包括合规模块附加项(SOC 2、GDPR、HIPAA、PCI-DSS 包)、AI 安全态势管理模块,以及用于上线和集成的专业服务。公司通过企业直销和云市场上架分发(AWS Marketplace、Google Cloud Marketplace、Azure Marketplace);Google Cloud 官方合作伙伴列表确认了云服务商关系。收入确认遵循标准 SaaS 订阅会计:年度合同在合同期内按比例确认。公开标价未披露;Gartner 和 G2 评论确认企业客户直接谈价。这种不透明使公开收入估计高度不确定,也凸显在任何财务模型获得锚点之前,需要从投资人数据室取得 ACV 和 ARR 数据。 [CI004, CI005, CI030]
| 收入流 | 机制 | 单位 | 当前状态 | 收入质量 | 尽调问题 |
|---|---|---|---|---|---|
| 平台订阅(CNAPP) | 覆盖云账户和工作负载的年度 SaaS 许可 | 按云账户或资产 / 年 | 已上线,且是主收入流 | 高 — 经常性、多年期企业合同 | 确认 ASP、席位数和 ACV 区间 |
| 合规模块附加项 | SOC 2、GDPR、HIPAA、PCI-DSS 合规包的增量许可 | 按合规框架 / 年 | 可作为增购销售 | 中 — 合规流程落地后粘性较强 | 核实附加率和每个模块的增量 ACV |
| AI 安全态势管理(AI-SPM) | 面向 AI/ML 工作负载可视性和态势的模块许可 | 按模块 / 年 | 2023 年推出;正积极推广 | 未知 — 早期模块,缺少牵引力数据 | 确认附加率和 ARR 贡献 |
| 云市场分发(AWS、GCP、Azure) | 通过云厂商销售 PAYG 或私有报价 SaaS 订阅 | 扣除市场抽成(~20–30%)后的收入分成 | 已上线三大超大规模云厂商市场 | 中 — 摩擦更低,但抽成后净利润率更低 | 确认市场渠道 ACV 占新增 ARR 的比例,以及抽成条款 |
| 专业服务 / 上线导入 | 实施、集成和上线导入支持项目 | 按项目或 SOW | 有提供,但营销中不突出 | 低 — 交易型,非经常性 | 确认服务收入占总收入比例及其对毛利率影响 |
收入流根据官方产品页面、合作伙伴列表和媒体报道推断;未披露 ACV 或拆分。所有质量评级均由商业模式分析推断。
[CI004, CI005, CI030]Orca 靠无代理授权模型,把云账户覆盖转成经常性订阅收入;毛利较高,但实际兑现的毛利率未披露。
[CI004, CI005, CI030]4.2 GTM 动作与销售效率
Orca 采用销售驱动的 GTM 动作,瞄准中型市场和大型云优先公司的企业安全与平台工程团队。产品通过直销外勤和内勤销售分发,并由三类主要杠杆渠道补充:云服务商市场(AWS、GCP、Azure)、VAR/MSSP 经销商,以及 Deloitte、KPMG 等全球系统集成商。Google Cloud 官方安全合作伙伴页面确认 Orca 的 ISV 身份和市场集成,说明客户可用云额度抵扣采购,降低企业采购摩擦。公司的 GitHub 公开存在覆盖 Terraform providers 和开源工具,作为自下而上的开发者关系渠道,补充自上而下的企业销售动作。作为一家中期公司,Orca 的员工数代理值为 1,000+(LinkedIn),很可能运行混合 GTM,由背配额 AE 搭配解决方案工程师。获客成本、销售周期长度和渠道组合百分比均未公开。云安全 SaaS 行业基准显示,这一规模的企业销售动作 CAC 回本期为 12–24 个月;但没有 ACV 和新客户数据,无法独立验证。公司网站定价不透明且没有任何免费增值层级,确认其缺少自助式产品驱动增长动作。 [CI006, CI007, CI025, CI026, CI037]
| 定价维度 | 标价 vs 实际价格 | 已知区间 | 缺口 / 未知 | 来源依据 |
|---|---|---|---|---|
| 平台基础许可 | 未公布标价;企业客户单独谈判 | 未披露 | 实际 ASP 和成交价格未知 | Gartner 评论、G2 评论证实价格需谈判 |
| 按账户计价基础 | 产品页暗示按资产维度授权 | 未披露 | 实际档位阈值和批量折扣未知 | Orca About 页面、平台产品页 |
| 云市场(AWS/GCP/Azure) | 支持 PAYG 和私有报价 | 未披露;可使用云积分 | 企业承诺消费门槛和折扣水平未知 | Google Cloud 合作伙伴列表已确认 |
| SMB 与企业定价差异 | 以企业客户优先;未看到 SMB 档位 | Unknown | SMB 可触达性和差异化定价策略未披露 | G2 评论、Gartner 评论 |
| 合规模块定价 | 在基础许可上另收费;确切价格未知 | 未披露 | 附加率、单模块增收和打包折扣未披露 | Orca 产品页及 SEC Form D 背景 |
所有定价项只反映公开可见证据;Orca 未披露标价。要确认成交价格,需要直接进入销售沟通或拿到投资者资料室访问权限。
[CI007, CI037, CI025]4.3 单位经济与资本效率
Orca 的单位经济画像符合云原生安全垂直中的企业 SaaS:纯软件交付带来高毛利,激进销售和营销投入推迟盈利,并依靠既有账户内云足迹扩大来扩张收入。毛利率估计为 70–80%,与 Palo Alto Networks 云安全单元和 CrowdStrike 等同行一致;两者报告的软件毛利率为 73–78%。净留存率(NRR)未披露;采用扩张驱动模型的云安全 SaaS 同行报告 NRR 在 110–130% 区间。获客成本未公布;对于企业销售驱动 SaaS,CAC/首年 ACV 比通常落在 0.8–1.5x 区间,在类似动态假设下意味着 10–18 个月回本期。Orca 的纯 SaaS 交付模型意味着资本开支极低:没有实体硬件、没有分发基础设施,也没有库存,因此自由现金流生成取决于订阅收入减去运营费用。没有披露任何 capex、债务额度或项目融资义务,说明 Orca 按标准软件订阅业务运营,营运资本主要绑定在应收账款和递延收入上。本章所有单位经济估计都来自基准可比公司推断,应与 Orca 投资人数据室核对。 [CI010, CI011, CI012, CI013, CI034]
| 指标 | 数值 / 估计 | 置信度 | 为何重要 | 尽调请求 |
|---|---|---|---|---|
| ARR(截至 2022 年末) | $50M–$200M(宽区间估计) | 低——未披露 | 收入规模和增长率的一线指标 | 在资料室确认实际 ARR、ACV 和年增长率 |
| 毛利率 | 70–80%(SaaS 可比公司估计) | 低——按同业基准推断 | 决定长期盈利能力和利润率扩张空间 | 要求提供利润表或毛利润摘要 |
| 净留存率(NRR) | 未披露;同业可比:110–130% | 低——未披露,基于可比公司 | 扩张收入质量;估值的关键驱动因素 | 在投资者资料室确认 NRR;要求提供队列留存分析 |
| 获客成本(CAC) | 未披露;SaaS 基准:0.8–1.5× ACV | 低——未披露,基于可比公司 | 销售效率和回本周期 | 要求提供新客户 CAC 和回本周期数据 |
| CAC 回本周期 | 未披露;基准估计为 12–24 个月 | 低——推断 | 增长投入的资本效率 | 连同 LTV/CAC 比率确认回本周期 |
| 营运资本画像 | 很轻——纯 SaaS;由应收账款驱动 | 中——结构性推断 | 现金转换周期和融资需求 | 确认 DSO、递延收入余额和付款条款 |
除营运资本外,所有指标均未披露;估计来自 SaaS 可比公司基准(CrowdStrike、Palo Alto Networks、Wiz)。低置信度项需要在资料室验证。
[CI010, CI011, CI012, CI013, CI034]漏斗顶端需求与产品质量信号可见;但 CAC、回本周期和 NRR 仍未披露,单位经济模型无法闭合。
[CI009, CI011, CI012, CI013]4.4 公开财务牵引与指标
Orca 未公开披露 ARR、收入、客户数或 NRR。最强公开牵引信号来自定性增长披露和第三方认可。Forbes 2022 年报道称,Orca 客户名单同比增长三倍,并点名 Unity、Gannett 和 SAP 等客户。Orca 案例研究库公开提到 Autodesk、Paidy 和 Digital Turbine 等具名客户,给出了至少 3–5 个企业客户标识的公开下限。LinkedIn 关注者数 127,786(2026 年 5 月观察)可作为粗略员工数代理;Orca 的 About 页面称,公司全球分布,并在多个地点设有办公室。Gartner 2024 年 4 月将 Orca 评为 CNAPP Magic Quadrant Leader,显示广泛市场接受度,并验证产品竞争位置。G2 评论反映 4.5+ 综合评分和较强企业采用。基于累计融资 $630M、$1.8B 估值下的同行收入倍数,以及商业公告节奏,收入估计为 $50–200M ARR;但区间很宽,正是因为没有披露的财务数据点可作锚。分析师数据库 CBInsights 将 Orca 列为仍活跃的风险投资支持公司,但没有确认收入数字。所有收入估计置信度都低,只能视为方向区间,而非事实。 [CI009, CI016, CI017, CI018, CI029, CI031]
| 缺失指标 | 尽调影响 | 具体尽调路径 |
|---|---|---|
| 实际 ARR / ACV | 无法核实收入规模、增长率,或 $1.8B 估值隐含的收入倍数 | 在投资者资料室要求提供 ACV 桥表、ARR 瀑布图,以及新客户与扩张收入拆分 |
| 净留存率(NRR) | 无法评估扩张经济性、队列健康度或流失风险 | 要求按客户细分和获客年份提供队列级 NRR 分析 |
| 已验证的烧钱速度和现金余额 | 没有确认后的烧钱速度,无法判断现金跑道是否充足,也无法判断下一轮时间 | 要求 CFO 说明,并提供现金流量表和当前运行率烧钱数据 |
| 毛利率和成本结构 | 无法评估盈利路径,或 SaaS 利润率相对基准的差距 | 要求提供 P&L 摘要或毛利率桥表;至少提供 R&D + S&M + G&A 占收入百分比 |
这些缺口对后期私有 SaaS 公司很常见;标准 Series C 资料室材料都能覆盖。
[CI031, CI038]4.5 资本充足性与财务结论
Orca 于 2022 年 10 月完成 Series C,融资 $340M,投后估值 $1.8B,由 Temasek 领投,既有投资人 ICONIQ Capital 和 CapitalG 等参投。Orca 官方 About 页面称累计融资约 $630M,这与已确认轮次公告的累计和一致:2021 年 11 月 $210M Series B 加上 $340M Series C,再加上此前种子轮和 Series A 补足余额。SEC EDGAR Form D 检索确认,Orca 向 SEC 提交了正式 Regulation D 文件,符合 Rule 506 下豁免私募。估计每月烧钱 $4–8M(由约 1,000 名员工和典型 SaaS 成本基准推导)意味着 Series C 后现金跑道为 24–48 个月,把假设中的下一次融资事件放在 2024–2026 年窗口。Gil Geron 于 2023 年 3 月接替联合创始人 Avi Shua 担任 CEO,在增长阶段引入领导层交接风险。Wiz 据称在 18 个月内达到 $100M ARR,给无代理云安全细分带来定价压力,并可能压缩 Orca 的实际定价和留存指标。在 $1.8B 估值、ARR 估计区间 $50–200M 下,隐含收入倍数为 9x 至 36x;没有确认 ARR,区间过宽,难以形成确信。财务结论是:收入质量看起来较高(经常性 SaaS、企业客户标识),利润率路径较好(纯软件),但由于激进销售支出,资本强度中等;实际 ARR、NRR 和经验证的烧钱速度这三项重大尽调阻塞项,使当前阶段无法形成承销信心。 [CI001, CI002, CI003, CI008, CI014, CI015]
| 项目 | 金额 / 估计 | 日期 / 期间 | 来源 | 尽调请求 |
|---|---|---|---|---|
| 累计融资 | ~$630M(原文称 “nearly $630M”) | 截至 Oct 2022 | Orca About 页面(官方) | 确认确切交割金额,以及是否仍有未偿可转债 |
| Series C 轮规模 | $340M | Oct 2022 | BusinessWire Series C 新闻稿 | 确认资金用途分配:销售、R&D、M&A、资产负债表 |
| Series C 后估值 | $1.8B 投后 | Oct 2022 | BusinessWire Series C、GlobeNewswire、CNBC 报道 | 确认清算优先权堆叠和期权池规模 |
| 估计月烧钱速度 | $4M–$8M(按员工数估计) | 2022–2023 估计 | 根据员工数代理变量和 SaaS 成本基准估计 | 要求提供实际月烧钱速度和 CFO 确认的现金余额 |
| Series C 后估计现金跑道 | 24–48 个月(按估计烧钱速度) | 自 Oct 2022 起 | 估计;未确认 | 要求提供现金余额和烧钱轨迹,用以确认跑道和下一轮触发点 |
只有 Series C 金额和估值获得一手来源确认。烧钱速度和现金跑道是模型估计,基于公开可见的员工数代理变量和行业基准。
[CI001, CI002, CI023, CI024, CI027]Orca 仍是私营公司且缺少财务披露,所有关键指标区间都很宽;仅收入倍数(9×–36×)跨度就达四倍,ARR 不确认就无法建立估值信心。
[CI009, CI022, CI023, CI024]Orca 四轮合计投入约 $630M;纯 SaaS 交付让资本开支几乎可以忽略,但激进销售和研发投入是主要现金消耗来源。
[CI001, CI002, CI003, CI014, CI032]05产品与技术
5.1 SideScanning 架构与无代理数据获取
Orca Security 的基础技术创新是 SideScanning™。创始人 Avi Shua 称它是「云环境里的 MRI」。 它不在云工作负载内部部署软件代理,而是接入云厂商 API,在虚拟机、容器和其他云资产运行时, 以带外方式读取其运行时块存储。系统使用开放、只读的云 API 访问操作系统正在读写的同一组比特和字节, 因此无需在客户环境中执行任何操作码,就能重建云资产安全态势的完整地图。Orca 持有这种无代理云工作负载扫描方法的专利, 并称这是业内首个此类方法。 这套架构的落地影响很大。一个云账户可在数分钟内接入并完成全量扫描, 而不是像大型工作负载集群部署代理那样耗费数天甚至数周。SideScanning 全程带外运行, 不会拖慢运行中的工作负载。覆盖范围还延伸到无服务器函数、托管数据库服务、已停止实例, 以及其他无法承载传统代理的资产;随着组织采用云原生架构,这类资产增长很快。Orca 称, 账户连接成功后的基线结果是实现 100% 工作负载深度覆盖。 多云支持覆盖 AWS、Azure、Google Cloud Platform(GCP)、Oracle Cloud Infrastructure(OCI)、 Alibaba Cloud 和 Tencent Cloud;Kubernetes 集群在所有云厂商中都被视为一等基础设施。 SideScanning 之外,Unified Data Model 将基础设施、工作负载、身份和数据层的发现项关联到同一个图上下文引擎。 跨层关联支撑攻击路径分析能力,浮现跨越错误配置、暴露凭据、漏洞软件和身份过度授权的风险链; Orca 称之为「有毒组合」。上下文引擎利用这种关联视图,优先处理 Orca 所说「真正重要的 1% 告警」, 在不依赖人工分诊的情况下降低告警疲劳。 与基于代理的替代方案相比,SideScanning 换来了覆盖广度和上线速度,但牺牲了单个工作负载运行时可见性的深度。 代理方案运行在工作负载内部,因此能真正实时发现无文件恶意软件和内存执行;SideScanning 基于快照工作, 所以提供的是近实时,而非连续运行时覆盖。Orca 在公开文档中承认这种取舍, 并用可选的轻量级 Orca Sensor 补足需要真实运行时威胁检测的云检测与响应(CDR)场景。 [CE001, CE002, CE003, CE004, CE005, CE006]
| 组件 | 描述 | 技术路径 | 优势 | 限制 |
|---|---|---|---|---|
| SideScanning Engine | 通过只读云 API 带外读取云工作负载的运行时块存储 | 集成云厂商 API;不部署代理;不在工作负载中执行代码 | 零性能影响;分钟级接入;覆盖无法安装代理的资产 | 基于快照;会带来延迟;无法实时检测内存中的无文件攻击 |
| Unified Data Model | 在单一图谱中关联基础设施、工作负载、身份和数据层发现 | 基于图的自研模式;跨域实体解析 | 支持攻击路径分析;暴露跨层高危组合 | 在极大云资产规模下,复杂度可能影响查询性能 |
| 上下文与风险引擎 | 根据攻击路径、爆炸半径、资产重要性和面临风险的敏感数据排列告警优先级 | 基于 ML 的评分;上下文告警排序 | 降低告警疲劳;让修复聚焦最高影响风险 | 风险评分校准需要按组织自身风险画像调校 |
| 攻击路径分析 | 以图形方式展示由高危组合串起的横向移动风险链 | 在 Unified Data Model 上做图遍历;出现新发现后动态重新评分 | 识别点状工具看不到的多跳攻击链 | 可能捕捉不到涉及运行时临时容器的攻击路径 |
| Orca Sensor(CDR) | 可选轻量代理,用于实时运行时威胁检测 | 内核级传感器;运行时遥测;补足无代理扫描 | 补上实时检测缺口;检测无文件执行和内存威胁 | 需要部署到工作负载;增加运维开销;削弱纯无代理叙事 |
| Orca AI Engine | 所有模块都嵌入 AI 能力,包括代码修复、自然语言搜索、AI 智能体 | 集成 LLM(Azure OpenAI GPT-4 + 内部模型);基于 Unified Data Model 做 RAG | 加速修复和调查;降低安全运营技能门槛 | AI 生成的代码修复需要人工审查;模型可能幻觉 |
架构描述来自 Orca 官方平台页和博客页。技术细节反映公司自称机制;内部实现细节未公开披露。
[CE001, CE005, CE007, CE008, CE015, CE016]SideScanning 如何不部署代理、通过云厂商 API 读取云工作负载数据,并从云存储一路转化为优先级安全告警。
[CE001, CE007, CE008]5.2 CNAPP 产品模块覆盖
Orca 的云原生应用保护平台(CNAPP)把原本需要多个单点方案的能力整合到一起。 平台核心模块覆盖完整安全生命周期:从态势与合规,到工作负载保护、身份风险、数据安全、 AI 工作负载安全和实时检测。 云安全态势管理(CSPM)是产品发布时的原始模块,用于识别云基础设施中的错误配置、合规政策违规和不安全配置。 云工作负载保护平台(CWPP)通过 SideScanning 数据管道覆盖运行中工作负载的漏洞扫描、 操作系统 CVE 检测和恶意软件识别。CSPM 和 CWPP 在 Orca 产品组合中都属于成熟能力。 云基础设施权限管理(CIEM)是在云身份风险成为主要攻击向量后加入的,覆盖过度授权、 跨账户访问路径和 IAM 错误配置。数据安全态势管理(DSPM)扫描云存储桶、数据库和数据服务, 对敏感数据(PII、凭据、IP、密钥)分类,并识别暴露风险。容器安全和 Kubernetes 安全态势管理(KSPM)提供态势管理、容器镜像扫描, 并借助可选的 Orca Sensor 为 Kubernetes 集群提供运行时保护。 AI 安全态势管理(AI SPM)于 2024 年推出,反映出 AI/ML 工作负载在云环境中的快速采用。 AI SPM 扫描 AI 模型、训练数据集、ML 流水线和 AI 服务配置,查找暴露模型权重、 未受保护训练数据、AI 端点配置错误等安全风险。Shai Alon(Director of AI Innovation) 和 Shir Sadon(Cloud Security Researcher)在 Orca 一场线上研讨会中介绍了该能力, 将其定位为应对 AI 资源特有风险;这类资源的训练数据中包含敏感知识产权。 云检测与响应(CDR)通过 Orca Sensor 提供运行时威胁检测;Orca Sensor 是可选的轻量级代理, 部署在需要实时可见性的地方。API Security 覆盖 API 资产清单和暴露检测。合规报告针对 CIS、 NIST、PCI-DSS、HIPAA、SOC 2、GDPR 等框架自动执行政策检查。CNAPP 平台还整合左移能力: 扫描 CI/CD 流水线中的 IaC 模板、容器镜像、密钥和 SAST 发现项, 并把生产环境发现项追溯到代码源头。 Orca AI 计划在所有模块上叠加 AI 能力:AI Code Fixes 为 IaC 和 CLI 生成修复代码; AI Discovery 将自然语言查询转成云资产搜索;AI Assistant 提供面向 Orca 全部上下文的聊天界面; AI Agents 自主分析、下结论并启动修复工作流。Orca 将这层 AI 定位为安全运营团队的提速工具, 用来缓解告警量和技能缺口压力。 [CE009, CE010, CE011, CE012, CE013, CE014]
| 模块 | 能力 | 推出时期 | 差异化 | 成熟度 |
|---|---|---|---|---|
| CSPM | 云安全态势管理——错误配置、合规审计 | 2019 | 基础模块;率先落地无代理态势检测 | 成熟 |
| CWPP | 云工作负载保护平台——工作负载 CVE / 恶意软件扫描 | 2019 | SideScanning 无需代理即可提供工作负载可见性 | 成熟 |
| CIEM | 云基础设施权限管理——IAM 风险、过度权限 | 2021 | Unified Data Model 用跨层上下文暴露身份风险 | 成熟 |
| DSPM | 数据安全态势管理——敏感数据分类和暴露 | 2022 | 扫描存储、数据库、无服务器环境中的 PII、密钥、IP | 走向成熟 |
| Container/KSPM | Kubernetes 态势管理 + 容器镜像扫描 + 运行时防护 | 2021 | 借助可选传感器覆盖从镜像构建到运行时的全生命周期 | 成熟 |
| API 安全 | API 资产清单、风险评分和暴露检测 | 2022 | 无需拦截流量,即可无代理发现 API 暴露面 | 早期 |
| AI SPM | AI 安全态势管理——AI 模型、数据集、流水线扫描 | 2024 | 新增覆盖 AI 工作负载风险,包括模型数据暴露 | 早期 |
| CDR | 云检测与响应——通过 Orca Sensor 做实时运行时威胁检测 | 2023 | 可选传感器补上无代理方案在运行时威胁场景的缺口 | 早期 |
| 合规 | 针对 CIS、NIST、PCI-DSS、HIPAA、SOC 2、GDPR 的策略报告 | 2019 | 在统一视图里对所有模块自动打合规分 | 成熟 |
推出时期为近似判断,依据公司博客、融资公告和产品页。成熟度评估是分析师基于公开证据给出的估计。
[CE009, CE010, CE011, CE012, CE014, CE015]按安全类别、覆盖层、发布时期和成熟度映射 Orca 的九个 CNAPP 模块。
[CE009, CE012, CE014, CE015]5.3 云平台支持与集成生态
Orca 的云平台合作关系体现出其对三大超大规模云厂商的战略投入。Orca 是 Advanced AWS Security Competency Partner,获得 2022 AWS Global Security Partner of the Year;2025 年 1 月, 它成为首个取得 AWS ISV Accelerate 资格的纯 CNAPP 厂商,由此获得 AWS 一线销售团队的联合销售支持。 平台已与 100 多项 AWS 服务和产品集成,包括 Amazon ECS、S3、GuardDuty、CloudTrail、 Amazon Security Lake、Amazon Inspector 和 AWS Security Hub。 在 Azure 上,Orca 持续扫描所有 Azure 资产,并与 Azure Security Center、Azure Sentinel (Microsoft Sentinel)和 Azure Active Directory SSO 集成。公司宣布,Orca 使用 Microsoft Azure OpenAI Service GPT-4 加速修复建议生成。Orca 已上架 Azure Marketplace。在 Google Cloud Platform 上,Orca 是 Google Advantage Partner,支持 Chronicle SIEM/SOAR、 Security Command Center、Pub/Sub、SSO 和 Vertex AI;平台已上架 Google Cloud Marketplace。 在云厂商集成之外,Orca 还为安全运营和开发者工作流提供广泛集成生态。工单与工作流: Jira 和 ServiceNow,支持修复项目管理的双向集成。沟通:Slack 和 PagerDuty, 用于实时告警和值班路由。SIEM 与 SOAR:Splunk、Microsoft Sentinel、AWS Security Hub 和 Google Chronicle,用于事件导出和关联调查。开发者与 IaC:Terraform Registry 上 orcasecurity/orca 命名空间下发布的 Terraform provider(MPL-2.0 许可证), 以及用于 CI/CD 左移安全扫描的 GitHub Actions 工作流。集成页面称,Orca 与 「领先技术供应商合作,识别、优先排序并处理云风险」。 面向托管服务提供商(MSPs),Orca 提供多租户部署模型,让托管云安全服务可以复用同一平台经济性。 合作伙伴计划为渠道伙伴提供售前支持和联合营销项目。Orca 解决方案页面列出平台在单一集中平台中覆盖全部云安全需求, 包括 CSPM、CWPP、CIEM、DSPM、漏洞管理、API 安全、合规等。 [CE018, CE019, CE020, CE021, CE022, CE023]
| 云平台 | 支持的资源类型 | 集成深度 | 限制 |
|---|---|---|---|
| AWS | EC2、S3、Lambda、ECS/EKS、RDS、GuardDuty、CloudTrail、Security Lake、Security Hub、100+ 项服务 | Advanced Security Competency Partner;AWS ISV Accelerate(Jan 2025);AWS Marketplace 上架 | 部分专项服务覆盖可能不完整;默认没有实时代理 |
| Azure | VMs、AKS、Azure AD、Sentinel、Storage、SQL、Functions 服务 | Azure Security Center、Sentinel、AD SSO 集成;用于修复的 Azure OpenAI GPT-4 | Azure 特有 IAM 细节可能需要手工调校策略 |
| GCP | GCE、GKE、BigQuery、Cloud Storage、Cloud Functions、Chronicle、Security Command Center 服务 | Google Advantage Partner;Chronicle SIEM/SOAR、Security Command Center、Pub/Sub、Vertex AI 集成 | GCP 特有资源类型的覆盖节奏可能落后于 AWS/Azure |
| OCI | Oracle Cloud Infrastructure 资源——计算、存储、网络 | 态势管理和漏洞扫描 | 相比 AWS/Azure/GCP,集成深度更窄;未确认高级市场上架 |
| Alibaba Cloud | 云资产——计算、存储、数据库 | 基础态势和漏洞覆盖 | 相比超大规模云厂商深度有限;主要适合已使用 Alibaba Cloud 的组织 |
| Tencent Cloud | 数据库、云存储、工作负载、应用 | 覆盖应用生命周期的全栈集成 | 区域性覆盖;主要适用于聚焦 APAC 的部署 |
| Kubernetes(所有 CSP) | 集群态势、容器镜像、工作负载、RBAC、网络策略 | KSPM + 镜像扫描 + 可选 Orca Sensor 运行时防护;AWS/GCP/Azure/本地部署 | 扫描周期之间可能漏掉短暂存在的容器 |
集成深度反映公开披露的合作伙伴身份和产品页说法。覆盖完整性可能因资源类型和区域而异;客户应在概念验证中用自身云配置验证。
[CE006, CE018, CE019, CE020, CE021, CE033]| 集成 | 类别 | 能力 | 深度 | 备注 |
|---|---|---|---|---|
| Jira | 工单 / 项目管理 | 双向修复工作流;告警生成工单 | 原生连接器 | 支持 Missions 工作流,将修复项目分组推进 |
| ServiceNow | ITSM / 工单 | 双向事件和变更管理 | 原生连接器 | 面向合规驱动组织的企业 ITSM 集成 |
| Slack | 沟通 | 实时告警通知;专家聊天频道 | 单向 + 交互式 | 可用原生 Slack 频道(Orca 称无需 Slack 账户) |
| PagerDuty | 事件响应 | 关键发现的值班告警路由 | 单向 | 按严重程度路由给值班响应人员 |
| Splunk | SIEM | 导出安全事件,供 SIEM 关联 | 事件转发 | 将发现导出到 Splunk,供 SOC 调查工作流使用 |
| Microsoft Sentinel | SIEM / SOAR | 安全事件导出;Azure 原生关联 | 原生连接器 | 随 Azure 合作一起打包;Azure AD 集成 |
| AWS Security Hub | 云安全 | 将发现导出到 AWS 原生聚合器 | 原生连接器 | AWS Marketplace 上架后可无缝启用 |
| Google Chronicle | SIEM / SOAR | 事件导出与关联分析 | GCP 合作伙伴关系 | 可通过 Google Cloud 合作伙伴关系和 GCP Marketplace 获取 |
| Terraform | 基础设施即代码 | 以策略即代码配置扫描策略 | 官方提供方(MPL-2.0) | 可在 Terraform Registry 的 orcasecurity/orca 命名空间获取 |
集成能力来自 Orca 集成页面和合作伙伴页面。双向能力和集成深度反映公司声称的功能;采购时建议在客户环境中验证。
[CE022, CE023]5.4 创新记录与 AI 能力
Orca 的创新轨迹始于 2019 年的创立洞察:云安全需要一套根本不同的架构。 公司 2021 年 Series B 博客记录,Orca 团队在平台尚未大规模商业化前,就用 SideScanning 扫描 Dell、Cisco、IBM、Symantec、Splunk 和 Oracle 的数千台虚拟设备, 帮助数百家组织提升已出货产品的安全态势。这个早期用例证明,平台不只适用于企业直接部署。 2021–2022 年,模块扩展很快。随着云原生架构成熟,Orca 增加了 Kubernetes 安全能力, 并扩展 CIEM 和 DSPM 功能。到 2022 年 10 月,Orca 以 $1.8 billion 估值完成 $340 million Series C,反映市场认可平台广度。2022 年,Orca 还入选 Forbes Cloud 100, 并获得 AWS Global Security Partner of the Year。 2023–2024 年,Orca 通过 Orca Sensor 推出云检测与响应(CDR), 补上此前被视为无代理扫描主要局限的实时检测缺口。随着组织开始大规模部署 AI/ML 工作负载, AI SPM 于 2024 年发布。AI SPM 发布使 Orca 进入 AI 安全领域的早期 CNAPP 参与者行列; Shai Alon 和 Shir Sadon 将 AI 模型安全定义为新的攻击面,因为「训练数据中的敏感数据和知识产权」 会放大风险。 2024 年 4 月,Gartner 在 Cloud-Native Application Protection Platforms Magic Quadrant 中将 Orca Security 评为 Leader,这一里程碑验证了平台广度和市场执行力。2025 年 1 月, Orca 获得 AWS ISV Accelerate 资格,成为首个做到这一点的纯 CNAPP 厂商,并带来实质销售渠道收益。 Orca AI 计划(AI Code Fixes、AI Discovery、AI Assistant、AI Agents)作为 AI 辅助安全运营持续创新的一部分发布。 GitHub 上的平台速度信号显示,截至 2026 年 5 月,开源维护仍然活跃:orca-skills 仓库 有 42 个 star,并在 2026 年 5 月 14 日更新;terraform-provider-orcasecurity 于 2026 年 5 月 5 日更新,提交历史活跃。CLI(orca-cli)在 2026 年 5 月 11 日更新, 继续维护编程式访问工具。这些信号表明,Orca 仍在投入 R&D 和面向开发者的产品工作。 [CE028, CE029, CE030, CE031, CE033, CE034]
| 日期 | 发布 / 里程碑 | 功能或模块 | 重要性 |
|---|---|---|---|
| 2019 | 公司创立和种子轮 | SideScanning™ 技术概念;初始 CSPM + CWPP 模块 | 首个无代理云安全平台;为 SideScanning 方法提交专利 |
| 2020-03 | Series A($20.5 M);产品全面可用 | 多云支持(AWS、Azure、GCP);漏洞管理 | 商业化发布;首批企业客户 |
| 2021-04 | Series B($55 M);平台扩展 | Kubernetes Security(KSPM);新增 CIEM 模块 | 覆盖云原生工作负载;新增身份风险层 |
| 2021-11 | Series B 延展轮($210 M);估值 $1.2 B | CIEM 扩展;多云加深;API 安全预览 | Tiger Global 和 Accel 投资验证企业市场增长 |
| 2022-03 | 累计融资 $550 M 里程碑 | 引入 DSPM 模块;数据分类和 PII 检测 | 补上数据安全态势;平台宽度达到完整 CNAPP 定义 |
| 2022-10 | Series C($340 M);估值 $1.8 B | 攻击路径分析 GA;合规框架扩展;CapitalG/T. Rowe Price | 融资高峰轮;突出攻击路径差异化 |
| 2023-03 | 领导层交接 | Gil Geron 出任 CEO;Avi Shua 转任首席创新官 | 组织成熟度信号;技术领导力延续 |
| 2023-07 | 对 Wiz 提起诉讼 | 针对 Wiz 的商业秘密和版权侵权诉讼 | 重大不利 IP 事件;反映竞争强度 |
| 2024-04 | Gartner CNAPP Magic Quadrant 领导者 | AI SPM 模块发布;通过 Orca Sensor 提供 CDR | 分析师给出领导者评级;引入 AI 安全态势管理 |
| 2025-01 | 获得 AWS ISV Accelerate 身份 | 首家获得 AWS ISV Accelerate 的纯 CNAPP 厂商 | 获得 AWS 联合销售渠道;上市节奏提速 |
时间线汇总自 Orca 官方博客、新闻稿和第三方报道。模块发布日期按现有公开证据近似判断。
[CE028, CE029, CE031, CE033]5.5 技术局限与竞争风险因素
Orca 的 SideScanning 路线存在核心架构取舍,且在 Orca 自己的公开材料中也有明确记录: 无代理安全提供近实时监控,而不是真正实时监控。Orca 的 agentless-vs-agent 博客明确称, 「无代理方案通过云环境快照提供可见性」,并且「虽然为组织提供近实时情报,但存在轻微延迟, 并不在实际时间发生」。这意味着,如果威胁行为者攻陷一个工作负载,并在一个扫描周期内横向移动, 系统可能要等下一次快照处理后才发现。 另一个局限是对短生命周期容器的覆盖。若容器在一次扫描间隔内启动又终止——对快照平台而言, 这个间隔可能以小时计——就可能无法被完整捕获。Kubernetes 和无服务器工作负载生命周期越短, 这个缺口的实际影响越大。Orca 的确能覆盖代理方案常漏掉的闲置、已停止和孤立工作负载, 但两种路线的覆盖不对称方向不同。 基于代理的替代方案能在运行时检测无文件执行和内存攻击——这些威胁手法操纵内存、不触盘, 因此快照式扫描器看不见。Orca 自己的竞争指南承认这一能力缺口,并将其定位为多数企业云环境愿意接受的取舍: 用它换部署简单性和覆盖广度。可选的 Orca Sensor 可为需要 CDR 的组织补上这一点, 但需要部署,也带来无代理扫描本来要消除的运维开销。 竞争风险很高。Wiz 是 Orca 最接近的可比竞争对手,到 2024 年中估值已超过 Orca: 据报道达到 $32 billion,而 Orca 最近一次已知估值是 2022 年 Series C 的 $1.8 billion。 2023 年 7 月,Orca 对 Wiz 提起商业秘密和版权侵权诉讼,指控 Wiz 聘用了带走源代码和专有技术信息的前 Orca 员工;截至 2026 年 5 月,未见公开报道显示该诉讼已有结果。该案带来 IP 不确定性, 尽调应重点核查。 G2 对 Orca 平台的用户评价(280+ 条,整体 4.6/5)包含关于扫描延迟、告警量管理, 以及新用户上手统一平台学习曲线的反馈。Gartner Peer Insights 给 Orca 4.8/5;按 G2 汇总数据, 实施时间平均约一个月。这些用户信号确认平台整体口碑较好,但快照模型会带来具体用户体验摩擦; Wiz(同样无代理,但底层架构不同)和其他竞争对手正主动在定位中打这个点。 [CE035, CE036, CE037, CE038, CE039, CE040]
对 Orca Security、Wiz、Palo Alto Prisma Cloud 和 CrowdStrike Falcon Cloud Security 的关键技术能力作对比评估。
竞争对手能力评估基于截至 2026 年 5 月的公开产品文档和分析师报告。能力迭代很快,买方应向各供应商核验当前功能是否对齐。
[CE035, CE037, CE039]5.6 开发者体验、IP 组合与工程文化
Orca 面向开发者的工具包体现出一条平台策略:把安全延伸进 CI/CD 流水线和 IaC 工作流。 主要开发者触点包括:(1)Terraform provider(Terraform Registry 上的 orcasecurity/orca, MPL-2.0 许可证,2026 年 5 月更新),支持用策略即代码配置 Orca 扫描策略;(2)CLI 工具 (orca-cli,基于 PowerShell,并为 macOS 提供 Homebrew formula),用于编程式访问平台; (3)六个用于左移扫描的 GitHub Actions:shiftleft-sast-action(静态分析)、 shiftleft-secrets-action(密钥检测)、shiftleft-sca-action(软件成分分析)、 shiftleft-fs-action(文件系统扫描)、shiftleft-container-image-action(容器镜像扫描) 和 shiftleft-iac-action(基础设施即代码扫描,15 个 star);(4)orca-skills 仓库, 提供安全工作流提速插件,2026 年 5 月 14 日更新,有 42 个 star。 Orca 的 IP 组合以 SideScanning 专利为核心,覆盖无需代理读取云工作负载运行时数据的核心方法。 公司 About 页面称,SideScanning 专利是 Orca 声称「为现代云安全开辟路径」的基石。 2023 年 7 月针对 Wiz 的诉讼主张,被前员工涉嫌带走的商业秘密中包含与 SideScanning 相关的专有技术信息。 这使该专利既是竞争护城河,也是公司正在积极防御的诉讼资产。 Orca 的工程文化扎根于以色列网络安全生态。两位联合创始人 Avi Shua 和 Gil Geron 都有 Israel Intelligence Corps(Unit 8200)和 Check Point Software Technologies 背景。 R&D 中心位于 Tel Aviv,与公司 LinkedIn 和新闻材料一致。LinkedIn 显示 Orca 有 127,000 名关注者;公司未公开披露员工数,但行业估计和 LinkedIn 信号显示,工程组织有数百名工程师, 其中相当一部分在 Tel Aviv。2022 年 Series C 前累计融资 $630–650 million, 意味着公司具备可观 R&D 能力。 根据 Orca 案例研究,Autodesk 使用 Orca 保护 AWS 上的生成式 AI 工作负载。Digital Turbine 的 CISO Vivek Menon 表示:「Orca 几乎从使用第一天起就创造价值。换其他工具,我们要等数月才能看到价值。」 Paidy(日本金融科技公司)报告称,采用 Orca 后每年节省两个 FTE 和 $500,000 云安全管理成本。 这些案例研究反映了产品价值主张——无代理部署带来的快速见效——也呼应了工程文化似乎在持续强化的方向。 [CE024, CE025, CE026, CE027, CE041, CE042]
展示 Orca 无代理路线相对传统基于代理的 CNAPP 替代方案,在部署时间上的优势。
[CE003, CE045]06客户
6.1 客户细分与买方画像
Orca Security 的主要市场是跨一个或多个主要云厂商——AWS、Microsoft Azure 和 Google Cloud Platform——运行大量工作负载的企业组织。 在这个范围内,公司在五个垂直领域积累了最深牵引力:金融服务,包括金融科技公司、新银行和正在上云现代化的传统机构; 医疗健康和生命科学,这些行业把持续 HIPAA 和 SOC 2 可见性视为合规刚需;技术和 SaaS, 云原生开发团队更看重开发者友好的安全工具;零售和电商,承载 PCI-DSS 范围内的云工作负载; 以及拥有内容分发和流媒体基础设施的媒体与娱乐平台。典型经济买方是 CISO 或 VP of Security, 技术推动者是云安全工程师或 DevOps lead。交易通常从概念验证(PoC)评估启动, 用来展示 Orca 无代理部署速度;对管理数百个云账户的组织来说,这是相对传统代理工具的关键优势。 Orca 的产品定位直击复杂度和规模问题:拥有数十到数百个短生命周期云账户的企业,会发现部署和维护传统代理在运营上不可承受, 因此无代理方案成为有吸引力的运营和成本升级。技术公司是参考客户最集中的类别,其次是金融服务; 在金融服务中,监管要求会加快采购决策。
| 行业 | 典型客户规模 | 主要使用场景 | 契合度评估 |
|---|---|---|---|
| 金融服务 | 1,000-50,000 名员工 | 合规自动化、多云态势管理 | 极高 — 监管要求带来强采购紧迫性 |
| 科技 / SaaS | 500-10,000 名员工 | 无代理云工作负载保护、左移安全 | 极高 — 云原生架构契合无代理模型 |
| 医疗健康与生命科学 | 2,000-100,000 名员工 | HIPAA 合规、PHI 数据暴露检测 | 高 — 持续合规要求拉动采购 |
| 零售与电商 | 1,000-20,000 名员工 | PCI-DSS 范围缩减、云配置错误检测 | 高 — COVID 之后云迁移提速 |
| 媒体与娱乐 | 500-5,000 名员工 | 内容分发安全、云资产可视性 | 中 — 监管较轻,但环境高度依赖云 |
客群划分来自 Orca 公开案例研究、Gartner Peer Insights 买家画像数据和公司营销材料。契合度评估是分析师基于各垂直行业的监管驱动和云采用强度作出的推断。
[CU001, CU002, CU030, CU031, CU039]6.2 客户获取与增长轨迹
Orca 于 2019 年商业化发布,并在 2020 年拿下第一批标杆企业参考客户,包括 Autodesk 和 Robinhood。 到 2021 年底——在 $210 million Series B 融资之后——公司付费组织数已超过 200 家。 2022 年 10 月宣布的 $340 million Series C,估值 $1.8 billion;投资人材料和新闻稿提到 800+ 家组织客户,意味着公告前 12 个月约 3x 增长。这条轨迹由早期灯塔账户的强口碑、 Gartner CNAPP 与云工作负载保护研究覆盖、AWS 和 Azure 联合销售伙伴关系, 以及 Series B 资本支持的全球销售扩张共同推动。COVID-19 期间及之后,云迁移加速, 企业快速搬迁工作负载,却没有运营能力部署传统基于代理的安全工具;Orca 的无代理叙事因此格外有共鸣。 GTM 组合一边做入站需求生成——内容营销、Gartner 收录、分析师沟通会—— 一边用主动企业销售队伍锁定拥有 500 个以上云工作负载的组织。Gartner 和 Forrester 覆盖提供第三方背书, 让 Orca 进入企业候选名单;否则它可能面对更长、更激烈的销售周期。
| 里程碑 | 客户数 | 日期 / 时期 | 来源 | 置信度 |
|---|---|---|---|---|
| 商业化发布和首批企业部署 | < 100 | 2019-2020 | Orca 官方材料 | 中 |
| 首批标杆客户(Autodesk、Robinhood)公布 | 初始客户队列 | 2020 | Orca 案例研究、PR Newswire | 中 |
| Series B 轮完成 — 客户数里程碑 | 200+ | Q4 2021 | PR Newswire Series B 轮新闻稿 | 高 |
| Series C 中期增长轨迹(推断) | 500+ | Q1-Q2 2022 | 根据 Series C 轨迹推断 | 低 |
| Series C 公告 — 引述客户数 | 800+ | October 2022 | PR Newswire Series C 轮新闻稿 | 高 |
客户数里程碑来自公司官方新闻稿和投资人公告。中间数字(Q1 2022 的 500+)是分析师根据 Series B 到 Series C 披露之间的轨迹推断。
[CU003, CU004, CU023, CU024, CU032, CU033]6.3 具名客户验证点
Orca 已拿下并公开披露一组有分量的企业客户标识,验证产品适用于复杂多云环境。Autodesk 这家设计和制造软件公司采用 Orca 保护横跨 AWS 和 Azure 的多云环境,并称部署速度和全面可见性是它相对传统代理方案选择 Orca 的关键标准。 Robinhood 这家金融科技交易平台部署 Orca,是为了在快速扩展的云原生基础设施中满足金融监管合规要求; 在这种环境下,代理开销在运营上不可行。领先的数据湖仓平台 Databricks 使用 Orca, 为支撑企业数据工作负载的大规模 AWS 和 Azure 部署做云安全。云基础设施提供商 DigitalOcean 借助 Orca 的无代理平台保护自身云环境;对一家专业构建并运营云基础设施的公司来说,这是值得注意的背书。 Check Point Software 作为全球最大的网络安全厂商之一,也是公开提及的 Orca 客户; 考虑到更广泛安全平台领域的竞争动态,这一点尤其重要。这些案例研究托管在 Orca 官网, 并被投资人材料和新闻报道引用,因此其真实性和深度具备合理可信度。
| 客户 | 行业 | 公开引用 | 部署 / 使用场景 | 成果 / 局限 |
|---|---|---|---|---|
| Autodesk | 设计与制造软件 | 是 — 案例研究 | AWS 与 Azure 多云部署;无代理工作负载保护 | 公开提到部署速度优于基于代理的替代方案 |
| Robinhood | 金融科技 / 交易 | 是 — 案例研究 | 云原生扩张中的金融监管合规 | 合规自动化;规模未获独立验证 |
| Databricks | 数据与 AI 平台 | 是 — 案例研究 | 面向数据工作负载的 AWS 与 Azure 大规模安全 | 已确认生产部署;工作负载深度未量化 |
| DigitalOcean | 云基础设施提供商 | 是 — 案例研究 | 自有云基础设施的无代理安全 | 体现云运营商可信度;范围和深度未验证 |
| Check Point Software | 网络安全厂商 | 是 — 公开提及 | 内部云工作负载的无代理云安全 | 来自网络安全厂商的显著背书;细节有限 |
所有具名客户都出现在 Orca 公开案例研究页面、新闻稿或投资人材料中。部署状态来自公开描述;生产部署和试点状态无法独立验证。
[CU011, CU012, CU013, CU014, CU015]6.4 留存、NPS 与满意度信号
Orca 公开报告的 Net Promoter Score 为 72,明显高于企业软件约 30–40 的中位数, 显示有一批高度满意、会主动推荐平台的客户。在 G2 上,Orca 基于 150+ 条评价获得 4.5/5; 企业买方持续称赞无代理部署速度、云资产可见性广度,以及与现有工单和告警工作流集成的便利性。 TrustRadius 评价者给 Orca 4.3/5,企业买方特别强调风险优先级排序和合规自动化。 PeerSpot 样本更小,截至 2023 年有 16 条评价,也给平台 4.3/5。 各评价平台上的主要负面情绪集中在告警量管理,尤其是调校信噪比的复杂度,以及与 Wiz 的比较; 部分评价者认为 Wiz 的用户界面更精致、更现代。G2 上 Orca 与 Wiz 的正面对比显示, Wiz 评分 4.7/5,高于 Orca 的 4.5;这一差距反映了 Wiz 激进的产品投入和营销动能。 CloudZero 的独立评测指出,成本分摊可见性和多租户计费管理存在局限;对云成本架构复杂的组织来说, 这些是相关担忧。尽管竞争信号不一,Orca 核心客户群看起来总体粘性较强,因为 Orca 数据深度嵌入 SIEM、工单和通知系统,进而嵌入日常安全工作流。
| 指标 | 数值 / 状态 | 客群 | 置信度 | 尽调问题 |
|---|---|---|---|---|
| 净推荐值(NPS) | 72 | 企业客户整体 | 中 — 公司引用 | 核验方法论和样本量 |
| G2 客户评分 | 4.5 / 5(150+ 条评价) | 企业和中端市场买家 | 中 — 公开观察 | 跟踪相对 Wiz 轨迹的趋势 |
| TrustRadius 评分 | 4.3 / 5 | 企业评价者 | 中 — 公开观察 | 交叉核验评价队列的新近程度 |
| PeerSpot 评分 | 4.3 / 5(16 条评价) | 企业 IT 和安全 | 低 — 样本小 | 要求提供更大的独立样本 |
| 净收入留存率(NRR) | 未披露 | 全部客户 | Unknown | 尽调中要求提供 NRR 和 GRR 拆分 |
| 集成切换成本 | 高 — JIRA/Slack/PagerDuty/Splunk | 已接入工作流集成的企业 | 高 — 公开观察 | 在客户访谈中评估集成深度 |
NPS 和满意度分数截至 2022-2023 年,来自公司引用或评价平台观察。NRR 未公开披露;该指标行作为尽调问题保留。切换成本评估是分析师基于产品架构和集成深度作出的推断。
[CU005, CU006, CU007, CU008, CU018, CU019]| 扩张驱动因素 / 风险因素 | 集中度风险 | 影响评估 | 尽调路径 |
|---|---|---|---|
| 单账户定价随云足迹扩大而上升 | 低风险 — 分散增长模式 | NRR 自然抬升;不需要新的销售周期 | 尽调中核验单账户定价结构 |
| 中端市场合同 $50K-$250K ARR(估计) | 低集中度 — 小客户数量多 | 收入基础更分散;单个客户流失影响更低 | 确认不同客户层级的 ACV 分布 |
| 企业合同 $500K+ ARR(估计) | 高集中度 — 大客户少 | 头部客户流失会不成比例地冲击收入 | 要求提供前 10 大客户收入集中度数据 |
| AWS 与 Azure Marketplace 联合销售 | 中 — 伙伴依赖 | 加速获客;若伙伴优先级变化则有风险 | 评估 Marketplace 收入贡献和排他性 |
| Wiz 竞争导致的流失压力 | 高 — 单一竞争对手集中 | Wiz 拿下企业订单会挤出 Orca ARR | 要求提供赢单 / 输单数据;评估输给 Wiz 的交易 |
| Orca-Wiz IP 诉讼(Reuters,July 2023) | 中 — 管理层分心 | 法律成本和管理层精力会从产品上分流 | 审查诉讼状态和和解概率 |
合同规模数字是分析师根据公开融资披露和可比 CNAPP 定价基准作出的估计;公司没有披露官方定价。集中度风险来自偏企业客户的参考客户标识,以及缺乏已披露 NRR 数据这一事实。
[CU020, CU021, CU022, CU025, CU036, CU041]6.5 扩张收入与集中度风险
Orca 的扩张路径本质上绑定云基础设施增长:平台通常按云账户或工作负载授权,因此客户新增 AWS 账户、 Azure 订阅或 GCP 项目时,这些账户贡献的 Orca ARR 会同步增长,无需新的销售周期。 它形成了一个自然扩张引擎,与企业客户云足迹变大的长期趋势一致。投资人材料披露的合同规模显示, 中端市场 ARR 约为 $50,000 到 $250,000,企业合同则经常超过 $500,000。Orca 与 AWS、 Azure、GCP 和主要技术集成商的伙伴生态进一步支持扩张,方式是创造联合销售管线, 并把 Orca 嵌入更广泛的云采购对话。主要集中度风险来自 Orca 对大型企业账户的依赖: 如果少数几个 $500,000 以上年合同流失给竞争对手,尤其是 Wiz,收入影响会不成比例地大。 Orca 公开披露的与 Wiz 之间的知识产权和商业秘密诉讼凸显竞争对抗强度,也提示竞争动态可能加速企业流失决策。 Orca 未公开披露净收入留存率(NRR),这是尽调图景中的重要缺口,也限制了定量评估扩张健康度的能力。
07风险
7.1 按严重度排序的风险登记表
Orca Security 处在云原生应用保护平台(CNAPP)细分市场的高速增长与激烈竞争交叉点。 公司的风险画像由三件事塑造:作为无代理云安全先行者,如今要应对资本充足的竞争; 仍有活跃知识产权诉讼;还要处理多个司法辖区日益复杂的监管要求。严重度排序风险登记表按 1–10 分给出综合分数,依据是未来 24 个月发生概率,以及对业务的潜在财务或战略影响。 Wiz 造成竞争替代的严重度最高,为 9/10;原因是 Wiz 已在 $12 billion 估值下融资超过 $1 billion,且估算 ARR 约领先 $300 million,而 Orca 估算 ARR 为 $100–200 million。 2023 年 7 月商业秘密诉讼带来的活跃知识产权诉讼评分为 8/10,综合了管理层分心、 法律支出和声誉暴露。AWS Security Hub、Microsoft Defender for Cloud 和 GCP Security Command Center 推动市场商品化,评分 7/10。考虑到 2022 年周期高点估值和 2025–2026 年软件估值倍数压缩, 财务估值风险评分 7/10。监管合规复杂度和关键人物依赖各为 6/10。运营 API 依赖为 5/10, 属于中等但可管理风险。每项风险都有明确缓释措施,但仍有剩余暴露,值得投资人和董事会在 2026 年前持续监控。
| 风险 | 类别 | 严重性(1-10) | 发生可能性 | 缓解状态 |
|---|---|---|---|---|
| Wiz 竞争性挤出 | 竞争 | 9 | 高 | 部分:平台扩展和 AI 差异化 |
| 与 Wiz 的未决 IP 诉讼 | 法律 | 8 | 确定 | 进行中:Delaware 联邦诉讼仍在推进 |
| 超大规模云厂商推动市场商品化 | 市场 | 7 | 中 | 部分:CNAPP 深度和跨云分析 |
| 下调估值融资风险 | 财务 | 7 | 中 | 部分:成本纪律和 ARR 增长聚焦 |
| GDPR 和监管不合规 | 监管 | 6 | 中 | 部分:已取得 SOC 2 Type II 和 ISO 27001 |
| 关键人物离职(联合创始人) | 运营 | 6 | 低 | 部分:正在补强高管梯队 |
| 云 API 废弃或受限 | 运营 | 5 | 低 | 部分:多云 API 监控 |
| 与超大规模云厂商的渠道冲突 | 伙伴 | 5 | 高 | 部分:维持 Marketplace 联合销售关系 |
严重性分数是 1-10 的综合评分,结合 24 个月内发生概率和潜在财务或战略影响。缓解状态代码 - 已达成:控制措施已落地并验证;部分:控制措施已启动但尚未完成;进行中:需要持续管理动作;无:迄今未识别专门缓解措施。
[CR001, CR011, CR021, CR031, CR039, CR043]7.2 竞争与市场风险
Orca Security 的主要竞争风险来自 Wiz。Wiz 由前 Microsoft Azure 安全工程师在 2020 年创立, 其企业市场渗透在账户数量和 ARR 上可以说已经超过 Orca。Wiz 截至 2023 年中据报约 $300 million ARR,相比 Orca 估算 $100–200 million,代表一个有意义且不断拉大的差距, 尽管 Orca 在无代理扫描上有先发优势。Wiz 2023 年 2 月完成 $300 million Series D, 估值 $10 billion;后续融资使披露总融资超过 $1 billion,形成资本护城河,使其能激进招聘企业销售、 深度折扣获客,并持续投入产品。Wiz 之外,Palo Alto Networks Prisma Cloud 背靠市值约 $65 billion、拥有庞大装机基础的公司,提供综合 CNAPP 套件。CrowdStrike Falcon Cloud Security 受益于并入一个 $35 billion 以上的终端与身份平台。Lacework、Sysdig 和 Aqua Security 用专业能力争夺中端市场账户。 最重要的是,AWS Security Hub、Microsoft Defender for Cloud 和 Google Security Command Center 将免费或深度折扣的 CSPM 功能与云服务捆绑,在低端市场形成结构性价格竞争。Orca 的战略回应是投资 AI 驱动的攻击路径分析、综合 API 安全和统一 CNAPP 平台,超越基础 CSPM。但 Wiz 已推出可比 AI 功能, 压缩了 Orca 的差异化窗口,也要求 Orca 持续投入产品,以在企业账户中维持竞争对等。
| 竞争对手 | 估计 ARR / 融资 | 市场威胁级别 | Orca 竞争应对 |
|---|---|---|---|
| Wiz | ~$300M ARR;$1B+ 融资,估值 $12B+ | 极高 | AI 驱动的 CNAPP 扩展;用 IP 诉讼震慑人才挖角 |
| Palo Alto Networks Prisma Cloud 平台 | 属于市值 ~$65B 的平台 | 高 | 无代理速度和简单性优势;聚焦 SMB 和中端市场 |
| CrowdStrike Falcon Cloud Security | 属于 $35B+ 平台;云业务板块增长中 | 高 | 更宽的运行时和工作负载扫描深度 |
| AWS Security Hub、Azure Defender 和 GCP SCC | 免费或深度绑定云支出 | 中 | 跨云分析和深度;独立多云厂商定位 |
| Lacework、Sysdig 和 Aqua Security | 各自融资 $100M-$500M;聚焦中端市场 | 中 | 企业覆盖广度、合规覆盖和统一 CNAPP 平台 |
收入和融资数字是基于截至 2023-2024 年的公开披露、分析师报告和媒体报道作出的估计,可能不反映当前数字。市场威胁级别反映 Orca 在企业 CNAPP 和 CSPM 采购中的竞争暴露。免费或捆绑条目代表超大规模云厂商的原生安全工具,它们在低端市场形成结构性价格压力。
[CR001, CR002, CR003, CR005, CR006, CR007]7.3 监管与法律风险
Orca Security 面临分叉的监管风险画像,横跨数据处理方义务和行业特定合规要求。 公司的无代理 SideScanning 技术会生成客户工作负载的只读快照,其中可能包含个人身份信息、 受保护健康信息或金融数据,从而触发欧盟客户的 GDPR Article 28 义务,包括正式数据处理协议、 数据驻留控制和跨境传输限制。违反 GDPR 可能导致最高达全球年收入 4% 的行政罚款。 医疗行业部署需要 HIPAA 业务伙伴协议。扫描支付卡处理环境时,PCI-DSS 数据范围规则适用。 加州注册地企业客户会触发 CCPA 消费者隐私义务。Orca 已取得 SOC 2 Type II 认证和 ISO 27001 合规, 并发布全面隐私政策来规范数据处理做法。诉讼方面,Orca 于 2023 年 7 月在美国联邦地区法院起诉 Wiz, 指控其挪用商业秘密、侵犯版权和侵权干预。诉状称,Wiz 雇用了约八名前 Orca 员工, 这些人将专有代码和内部知识带入 Wiz 产品团队。此类复杂商业秘密诉讼通常需要两到四年才能解决, 法律成本可能达到数千万美元,结果不确定。Orca 可能获得禁令救济和金钱赔偿,也可能在实体问题上败诉, 或协商和解。诉讼消耗高管注意力和财务资源,而这些资源本可用于加速产品开发和企业销售执行。
| 法规或要求 | 司法辖区 | 核心义务 | Orca 合规状态 |
|---|---|---|---|
| GDPR 第 28 条(数据处理者) | 欧盟 | 正式 DPA、数据驻留控制、跨境传输限制 | 部分:已提供 DPA 模板;驻留控制仍在开发 |
| HIPAA 业务伙伴协议 | 美国(医疗健康) | 涉及 PHI 范围的扫描部署需要签署 BAA | 进行中:医疗健康垂直行业合规项目已启动 |
| PCI-DSS(持卡人数据环境) | 全球 | 支付卡数据工作负载的范围界定和访问控制 | 已处理:SOC 2 Type II 覆盖相关安全控制 |
| CCPA(消费者隐私) | 美国加利福尼亚州 | 消费者权利、数据清单、退出机制 | 已处理:已发布隐私政策和数据主体请求流程 |
| SOC 2 Type II(AICPA) | 美国 | 对信任服务准则的年度独立审计 | 已达成:已取得并维持 SOC 2 Type II 认证 |
合规状态反映截至 2024 年 Orca Security 官方合规和隐私页面公开可得的信息。进行中表示项目已启动,但没有公开确认的认证。已处理表示已有公开说明的控制措施或认证。部分表示已知暴露只落实了部分缓解。Orca 的合规姿态会随客户要求和监管发展演进。
[CR021, CR022, CR023, CR024, CR025, CR026]7.4 运营与技术风险
Orca 的无代理 SideScanning 架构既是主要竞争差异点,也是最关键的运营依赖。 该技术通过超大规模云厂商 API 生成客户云工作负载的短生命周期只读快照,具体包括 AWS EC2 CreateSnapshot 机制、Azure Managed Disk 导出能力和 GCP persistent-disk snapshot 接口, 无需在单个主机上部署代理。AWS、Azure 或 GCP 一旦推出破坏性 API 变更、访问政策限制或限流措施, 都可能同时扰乱 Orca 整个客户群的扫描功能。与代理产品不同,云厂商变更对代理产品通常只影响新部署; 主要云厂商的 API 废弃可能瞬间触发大范围客户影响。第二个运营风险来自规模化数据管道可靠性。 Orca 处理许多并发客户租户的云环境遥测数据;处理延迟或宕机可能导致威胁漏检或告警滞后, 直接削弱持续可见性的价值主张。客户 SLA 承诺会在宕机事件中带来财务暴露。此外, Orca 扩展到运行时安全能力,包括容器运行时保护和 Kubernetes 态势管理后,引入了基于代理的组件, 这部分削弱了无代理叙事,并增加部署、版本和兼容性管理开销。关键人物风险集中在联合创始人 CEO Avi Shua 和 CTO Gil Geron;两人的技术愿景和企业关系深度嵌入产品路线图和顶级客户互动。 任一联合创始人离开,都会显著扰乱产品方向和顶级客户留存。
| 风险因素 | 根因 | 潜在影响 | 缓解措施 |
|---|---|---|---|
| 云 API 废弃或破坏性变更 | 超大规模云厂商政策变化,或对快照 API 访问施加安全限制 | 所有客户账户的核心扫描同时失效 | 多云架构;持续监控 API 变化;厂商关系 |
| 关键人物离职(CEO 或 CTO) | 领导层单点依赖 Avi Shua 和 Gil Geron | 产品路线图受扰;企业客户关系流失;人才外流 | 补强高管梯队;记录 IP 规范;股权留才 |
| 数据管道中断或处理延迟 | 数据处理层基础设施故障或容量受限 | 威胁检测漏报;违反 SLA;高敏感账户客户流失 | 冗余数据处理基础设施;正常运行时间监控;SLA 补救 |
| Wiz 或竞争对手挖角 | 竞争对手激进招聘资深工程师和销售人才 | 自研知识流失;竞争情报泄露;IP 暴露 | 留任奖金;IP 转让协议;禁止招揽条款执行 |
| 基于代理的运行时组件复杂度 | 运行时安全扩展要求在容器中部署内核级代理 | 支持开销;与无代理品牌叙事冲突;客户阻力 | 清晰产品分层;专门运行时工程团队;透明沟通 |
运营风险评估基于 Orca 已发布的架构文档、行业对无代理扫描依赖的分析以及公开披露。影响严重性反映风险在没有提前预警时发生的最坏情景。缓解措施来自推断或公开描述的控制,可能并不穷尽。
[CR031, CR032, CR033, CR034, CR035, CR036]7.5 财务与资本风险
Orca Security 于 2022 年 10 月完成 $340 million Series C 融资,由 CapitalG (Google 的成长股权基金)和 Coatue Management 共同领投,投后估值 $1.8 billion。 此前融资包括 2021 年 $210 million Series B 和 2020 年 $20 million Series A, 披露风险投资融资总额约 $592 million。作为私营公司,Orca 不公开披露收入、EBITDA 或现金消耗。 行业分析师估计,截至 2024 年末 ARR 在 $100–200 million 区间,说明公司大概率尚未达到运营盈利。 主要财务风险在于,Orca 的 $1.8 billion 估值形成于 2021–2022 年增长投资周期高点; 到了 2025–2026 年融资环境,利率更高、SaaS 收入倍数压缩、LP 推动投资人要求盈利, 该估值可能难以维持或提高。如果 ARR 同比增速降至 40–50% 以下,未来融资可能以平价融资 或降价融资估值完成,增加现有股东稀释风险,并因期权授予水下而带来人才留存挑战。 持续中的 Wiz 诉讼增加了一项不确定但可能重大的现金负债。当前可比上市云安全平台的收入倍数表明, Orca 至少需要 $120–180 million ARR 才能支撑 $1.8 billion 估值;这个门槛位于分析师估算下沿, 留给增长不及预期或向 Wiz 及平台安全厂商丢失份额的余地有限。
08估值
8.1 投资论点与尽调摘要
Orca Security 在 $1.8 billion Series C 估值下呈现有条件的正面投资信号。 论点建立在四个支柱上:(1)基于专利 SideScanning 技术的云安全平台, 在结构上差异化,并制造有意义的切换摩擦;(2)2024 年 4 月获评 Gartner CNAPP Magic Quadrant Leader,验证企业接受度;(3)投资人 财团资金雄厚(Temasek、ICONIQ Capital、CapitalG、Accel), 可为战略退出提供便利;(4)云安全 TAM 预计到 2026 年超过 $50 billion,CAGR 为 15–20%。反论点同样清晰:Wiz 到 2024 年 6 月 估值 $12 billion,意味着 Orca 在同一无代理 CNAPP 细分中已退居次要 竞争位置;ARR 未披露,使收入倍数悬在 9x–18x 的宽区间内,难以形成 投资确信度;2023 年 7 月针对 Wiz 的诉讼带来法律风险和管理层分心。 建议为有条件正面,但部署资本前必须核验 ARR、NRR 和股权结构表。 关键尽调关口是实际 ARR 能否以相对公开和私人可比公司的可辩护倍数支撑 当前 $1.8 billion 估值。风险评级为高,原因是竞争、财务透明度和诉讼因素。 [CV022, CV023, CV016, CV017, CV018, CV019]
| 维度 | 评估 | 置信度 | 含义 |
|---|---|---|---|
| 投资建议 | 在 $1.8B 估值标记下有条件正面 — 观察并保留投资意向,前提是核验 ARR 和 NRR | 中 | 可考虑老股仓位;未进入数据室前,不按当前估值标记领投新股 |
| 风险评级 | 高 — Wiz 竞争性挤出、ARR 未披露、CEO 交接、诉讼阴影、IPO 市场不确定性 | 中 | 仓位规模需反映高风险;按基准情景退出而非乐观 IPO 规划 |
评估和置信度评级只由分析师基于公开证据得出;未审阅任何非公开财务数据。风险评级汇总了竞争、财务透明度、领导层和法律风险因素。
[CV022, CV023]| 维度 | 投资逻辑 | 反向逻辑 | 什么会改变判断 |
|---|---|---|---|
| 市场 | 到 2026 年,云安全总可用市场(TAM)达 $50B–$77B,复合年增长率(CAGR)为 15–20%;Orca 作为 CNAPP 领导者站位较好 | 超大规模云厂商建设原生安全能力,可能在 3–5 年内让第三方 CNAPP 商品化 | 跟踪云安全支出调研和超大规模云厂商原生安全收入披露 |
| 产品 | 2024 年 Gartner MQ 领导者;获专利的 SideScanning 增加切换摩擦;AI-SPM 模块扩大 TAM | Wiz 产品广度追平或超过 Orca;客户赢单 / 输单转向不利 | 按季度跟踪 G2 和 Gartner Peer Insights 评分;向数据室索取赢单 / 输单数据 |
| 财务情况 | 已融资约 $628M;估计 ARR $100–200M,毛利率 70–80%;资产负债表强 | ARR 和 NRR 未披露;烧钱速度与现金跑道不确定;9–18x 倍数区间太宽,难以下结论 | 投资前,向投资者数据室索取经审计 ARR、NRR 和烧钱速度 |
| 估值 | 2022 年 10 月 $1.8B 估值标记;按 ARR 区间高端计为 9–18x,相对同行 12–15x 中位数有支撑 | Wiz 2024 年 $12B 估值意味着 Orca 明显落后;相对估值倍数有压缩风险 | 跟踪 Wiz 市占率数据;Orca 披露 ARR 或发生老股交易后,估值倍数会重新锚定 |
投资逻辑和反向逻辑来自公开来源;所有 ARR 和市占率数字均为估计。未使用任何专有竞争情报。
[CV016, CV018, CV020, CV011, CV027]8.2 融资历史与资本结构
Orca Security 自 2019 年创立以来,已通过五次融资事件筹集约 $628 million。 融资轨迹反映出投资人在 2021–2022 年云安全牛市中信心加速增强。 2019 年约 $6 million 种子轮支持产品开发和早期企业概念验证(PoC)。 2021 年 3 月,约 $68 million Series A 随后完成,推动人员扩张和美国 GTM 建设。2021 年 11 月,ICONIQ Capital 和 CapitalG 领投 $210 million Series B,投后估值约 $1.2 billion;CapitalG 是 Alphabet 独立 成长股权基金,因此这一轮既带来顶级技术投资人的战略验证,也带来深厚 企业分发关系。2022 年 10 月,里程碑式 $340 million Series C 完成, 投后估值 $1.8 billion,由新加坡主权财富基金 Temasek Holdings 领投,把投资人质量延伸到全球机构资本。SEC EDGAR Form D 申报确认所有 轮次均按 Regulation D 豁免私募进行,符合标准风投结构。 总资本 $628 million 意味着 2022 年 10 月交割后跑道相当充足——按 基准现金消耗假设估计为 24–48 个月——因此潜在下一次融资事件落在 2024–2026 年窗口。优先股结构和清算优先权层级未公开,评估普通股稀释前 必须在投资人数据室核实。 [CV001, CV002, CV003, CV004, CV005, CV006]
| 主题 | 缺失证据 | 重要性 | 尽调路径 |
|---|---|---|---|
| 实际 ARR 和增长率 | Orca 未公开披露 ARR;分析师区间 $100–200M 太宽,无法支撑估值判断 | 锚定收入倍数;决定 $1.8B 标记对应 9x 还是 18x ARR;差别就是公允价值与估值过高的差别 | 向投资者数据室索取经审计 ARR、ACV 和同比增长率 |
| 净收入留存率(NRR) | NRR 未披露;按同行基准假设为 100–120%,但未经验证 | 决定扩张与流失的平衡;NRR 低于 100% 会大幅改写乐观情景 | 向数据室索取 NRR 和 GRR 队列曲线;与具名账户扩张交叉核对 |
| 股权结构表和清算优先权堆叠 | 优先股结构、顺位和总优先权负担未公开 | 影响 $1.5B 基准情景下的实际退出回款;沉重优先权可能削弱普通股回收 | 向律师索取完整股权结构表、CPAS 以及任何老股交易标记 |
| Wiz 诉讼状态和风险敞口 | 2023 年 7 月已起诉;截至 2026 年 5 月无公开结果;赔偿和禁令救济范围未知 | IP 限制或赔偿可能削弱 SideScanning 产品,并给投资者留下悬置风险 | 在 PACER 跟踪法院案卷;要求外部律师提供诉讼评估和风险敞口估计 |
这些尽调问题是按当前 $1.8B 估值标记承销新股投资前的最低门槛。交易老股头寸前,也应取得股权结构表和诉讼数据。
[CV012, CV028, CV033, CV034]数值以百万美元计。ARR 假设为分析师估计;倍数假设来自同业中位数分析。当前 $1.8B 估值标记落在 12x × $150M(第三根柱)。
[CV009, CV013, CV016]8.3 估值框架与可比分析
Orca 的 $1.8 billion 估值用收入倍数框架评估,基准是公开云安全可比公司 和已披露私募轮数据点。主要公开可比公司是 CrowdStrike、Palo Alto Networks (Prisma Cloud)和 Qualys。截至 2025 年初,CrowdStrike 约以 22x 未来十二个月收入交易,反映其市场领先平台地位和更优增长率。 Palo Alto Networks 的云安全业务板块约以 12x NTM 交易,受公司整体组合 混合倍数约束。Qualys 约以 12x NTM 交易,为规模化纯态势管理 厂商提供底部参照。同业中位数 12–15x NTM 意味着,若 Orca ARR 落在 $100M–$200M 区间,公允价值范围为 $1.2B–$3.0B;也就是说,$1.8B 估值 在 ARR 估算高端站得住脚,在低端则偏激进。最相关的私人可比公司是 Wiz, 它在 2024 年 6 月以 $12 billion 估值融资。Wiz 约 24x ARR 倍数反映其在 CNAPP 细分的市场份额领导地位,也表明 Orca 因第二名位置而承受有意义的折价。 IDC 预计云安全市场到 2026 年达到 $77 billion,MarketsandMarkets 预计 CAGR 为 17.5%,二者都支撑成长型股权投资倍数的市场增长部分。 Statista 的云安全市场规模测算提供第三个分析锚点:2026 年 $62 billion。 可比估值表用公开数据尽可能完整覆盖最相关的公开和私人基准;除另有说明外, 私人公司 ARR 数字均为分析师估计。 [CV009, CV011, CV013, CV014, CV015, CV016]
| 公司 | 阶段 / 状态 | 估计 ARR | 估值 / 市值 | 收入倍数 | 对 Orca 的参照意义 |
|---|---|---|---|---|---|
| Orca Security(标的) | 私营 — Series C 轮(2022 年 10 月) | 估计 $100–200M | $1.8B 投后估值 | 估计 9–18x NTM | 标的公司;所有财务指标均为估计 |
| Wiz | 私营 — Series E 轮(2024 年 6 月) | 估计 $500M+ | $12B | 估计 ~24x ARR | 直接 CNAPP 竞争对手;溢价反映市场领导地位和增长速度 |
| CrowdStrike (CRWD) | 上市 | ~$3.7B ARR(FY2025) | ~$83B 市值 | ~22x NTM | 部分可比:云工作负载保护有重叠;规模更大,平台更宽 |
| Palo Alto Networks (PANW) | 上市 | ~$4B+ 云 ARR | ~$120B 市值 | ~12x NTM | Prisma Cloud 是直接竞争对手;潜在战略收购方;倍数为混合口径 |
| Qualys (QLYS) | 上市 | ~$500M ARR | ~$6B 市值 | ~12x NTM | 规模较小的纯云姿态管理可比公司;较低增长率锚定底部倍数 |
所有私营公司 ARR 数字均为 PitchBook 和 CB Insights 的分析师估计;上市公司倍数反映 2025 年初市场数据,可能已出现重大变化。Orca 未公开披露 ARR;该区间反映分析师共识。Wiz ARR 是基于投资者公告和分析师评论的估计。
[CV013, CV014, CV015, CV016, CV017, CV037]区间以十亿美元计。低 / 高端点代表分析师情景边界;中位值是概率加权中点估计。所有数值都是前瞻退出情景,不是当前标记估值。
[CV024, CV025, CV026]8.4 牛 / 基准 / 熊情景
三个退出情景刻画了以当前 $1.8 billion 估值投资 Orca Security 的结果分布。 牛市情景设想通过 IPO 或溢价战略收购实现 $3.0B–$5.0B 退出;前提是 Orca 达到 $250–350 million ARR、NRR 超过 115%,并受益于 IPO 市场重启 或超大规模云厂商收购方之间的竞价拍卖。牛市情景的概率信号为低到中,因为它 要求 Orca 从资本更充足的 Wiz 手中重新夺回竞争动能,并跑通资本效率更高的 增长路径。基准情景是由 Palo Alto Networks、Cisco、Google、Microsoft 或 AWS 以 $1.5B–$2.5B 战略收购;任何一方都会把 Orca 的已安装企业客户基础、 CNAPP 平台和 SideScanning IP 视为云安全产品组合的加速器。在 $150–200 million ARR 下,8–12x 收入倍数对应 $1.2B–$2.4B 企业价值, 与基准情景范围一致。概率信号为中等,因为云安全战略 M&A 一直活跃,Orca 也具备 吸引可信买家的规模和投资人背书。熊市情景为 $0.9B–$1.5B,涵盖降价融资 或平价融资事件;在这种情形中,Wiz 持续主导市场份额,侵蚀 Orca 企业管线,ARR 增长明显放缓。如果 Orca ARR 停滞在 $80–120 million, 9–10x 倍数对应 $720M–$1.2B 企业价值,意味着相对 $1.8B 估值 出现有意义减值。下行触发因素包括诉讼结果不利、CEO 执行失误, 或 IPO 市场持续关闭迫使桥接融资。 [CV009, CV012, CV024, CV025, CV026, CV031]
| 情景 | 退出价值 | 假设 ARR | 收入倍数 | 概率信号 | 关键假设 |
|---|---|---|---|---|---|
| 乐观 — IPO 或溢价收购 | $3.0B–$5.0B | $250–350M | 10–14x NTM | 低–中 | Orca ARR 增长 2x,相对 Wiz 拿下 CNAPP 领导地位,IPO 市场到 2027 年重启 |
| 基准 — 战略收购 | $1.5B–$2.5B | $150–200M | 8–12x NTM | 中 | Palo Alto、Cisco、Google、Microsoft 或 AWS 以较当前 $1.8B 标记适度溢价收购 Orca |
| 悲观 — 降价轮或停滞 | $0.9B–$1.5B | $80–120M | 6–10x NTM | 低 | Wiz 主导地位侵蚀 Orca 企业管线;IPO 市场持续关闭;下一轮估值等于或低于 $1.5B |
退出价值为分析师基于公开同行倍数和市场数据估算的情景;实际结果取决于未披露 ARR、市占率走势和资本市场环境。概率信号是定性判断,不是定量概率分布。
[CV024, CV025, CV026, CV009]8.5 退出准备度与流动性路径
Orca 在定性因素上的退出准备度中等偏强,但受限于未披露财务指标。2024 年 Gartner Magic Quadrant Leader 认定验证了企业市场接受度,可在 IPO S-1 注册声明或 M&A 数据室中支撑溢价。Temasek、ICONIQ Capital 和 CapitalG 投资人财团合计管理数万亿美元资产,与云基础设施和网络安全领域战略收购方 关系深厚。这些关系实质性改善 Orca 进入结构化退出流程的机会。五个最可信战略收购方 分别是 AWS(云安全整合)、Microsoft Azure(增强 Defender for Cloud)、 Google Cloud(扩展 Security Command Center)、Palo Alto Networks (拓宽 Prisma Cloud)和 Cisco(建设云安全平台)。每一家都有资产负债表能力和战略理由, 以基准情景估值吸收 Orca。IPO 路径没那么近:2023–2025 年网络安全 SaaS IPO 市场 基本关闭;Orca 在提交 S-1 之前,需要证明至少 $200M ARR,且 NRR 强劲、 自由现金流轨迹转正。论点破坏和叫停触发因素表编码了会使投资案例失效的 具体可观察阈值。最终尽调问题表列出了承销该仓位前必须满足的四项数据室请求。 Wiz 诉讼解决和股权结构表中的优先股层级确认,都是评估下行保护的前置条件。 [CV027, CV028, CV029, CV030, CV031, CV032]
| 触发因素 | 可观察阈值 | 对投资逻辑的传导 | 行动含义 |
|---|---|---|---|
| Wiz 竞争主导加深 | Gartner 或 IDC 显示 Wiz 拿下 >50% CNAPP 市占率;Orca 流失多个具名企业续约 | ARR 增长显著放缓;NTM 倍数下修至 8x 以下 | 退出或放弃;只有入场价隐含 <6x 已确认 ARR 时才重新评估 |
| Orca 诉 Wiz 案出现不利结果 | 法院对 Orca 下达禁令或判赔 >$50M;SideScanning IP 受限 | 产品差异化受损;投资者信心受冲击;融资风险上升 | 重新评估产品路线图和 IP 风险;主动跟踪法院案卷 |
| CEO 交接后执行失误 | Gil Geron 任内 ARR 同比增长放缓至 20% 以下;工程或销售管理层流失率 >15% | 管线承压;销售效率恶化;Series D 定价承压 | 要求与管理层背调对象通话;按季度跟踪 LinkedIn 员工数 |
| 降价轮或过桥融资 | 下一次融资事件投后估值低于 $1.5B;Series C 后 18 个月内需要过桥融资 | 市场确认 $1.8B 估值过高;上一轮投资者可能失去信心 | 若已投资则加速退出;若尚未出资则推迟入场 |
触发因素和阈值由分析师基于公开竞争和财务基准定义。实际阈值可能不同于可观察的公开信号;精确监控需要管理层披露和投资者数据室访问权限。
[CV023, CV027, CV028, CV030]免责声明
本报告由 startup-research 工作流基于截至 2026-05-16 的公开资料自动生成,不构成投资建议。私营公司财务数据和估值来自媒体报道、分析师报告和投资人材料推断;无法取得合并口径的经审计数据。读者在作出资本配置决定前,应以一手来源核验所有指标。
证据索引
| 编号 | 陈述 | 可信度 | 来源 |
|---|---|---|---|
| CO001 | Orca Security was founded in 2019 and is headquartered in Portland, Oregon, with additional offices in Tel Aviv, Israel, and London, UK. | 高 | SO001, SO012, SO016 |
| CO002 | Orca Security's mission is to empower organizations to thrive securely in the cloud by providing the most comprehensive cloud security platform. | 高 | SO001, SO002 |
| CO003 | The company is named after the orca whale, whose sonar capabilities inspired the design of SideScanning™ technology — scanning cloud environments deeply and widely with minimal operational impact. | 中 | SO001 |
| CO004 | Orca Security describes itself as the pioneer of agentless cloud security and the agentless cloud security pioneer for AWS, Azure, Google Cloud, and Kubernetes. | 高 | SO001, SO002, SO016 |
| CO005 | The company's core differentiation is its SideScanning™ technology, for which patents have been filed (and granted), enabling deep workload inspection without deploying agents. | 高 | SO001, SO003 |
| CO006 | Orca's business model is SaaS-based, targeting enterprise and mid-market security teams responsible for multi-cloud environments. | 中 | SO002, SO009 |
| CO007 | Orca Security's value proposition centers on the "3 Cs": Comprehensive coverage, Coverage without friction (agentless), and Contextualized risk assessment that prioritizes the 1% of alerts that matter most. | 高 | SO006, SO009 |
| CO008 | The company's LinkedIn profile reports 127,000 followers as of May 2026 and describes the product as the "agentless cloud security pioneer for AWS, Azure, Google Cloud, Kubernetes." | 中 | SO016 |
| CO009 | SideScanning™ technology reads cloud workload runtime data by accessing cloud provider block-storage snapshots and API data rather than installing agents inside workloads, achieving 100% workload-deep coverage within minutes. | 高 | SO001, SO003, SO009 |
| CO010 | The SideScanning approach eliminates deployment friction, avoids production performance impact, and covers cloud assets that cannot run conventional agents such as serverless functions and managed database services. | 高 | SO006, SO009 |
| CO011 | The Orca CNAPP platform integrates CSPM, CWPP, KSPM, CIEM, DSPM, AI SPM, CDR, vulnerability management, API security, and compliance reporting in a single unified product. | 高 | SO003, SO009 |
| CO012 | Multi-cloud coverage spans AWS, Azure, Google Cloud, Kubernetes, and Oracle Cloud Infrastructure (OCI). | 高 | SO002, SO003, SO004 |
| CO013 | The Unified Data Model correlates workload, identity, network, and data context into a graph, enabling attack-path analysis that surfaces chains of risk individual point solutions would miss. | 高 | SO001, SO009 |
| CO014 | Orca Security added AI Security Posture Management (AI SPM) as a platform capability, addressing the security of AI models, datasets, and pipelines within cloud environments. | 中 | SO010, SO009 |
| CO015 | Orca Security was co-founded by Avi Shua and Gil Geron, both with backgrounds from Check Point Software Technologies and the Israeli Defense Forces' Unit 8200. | 高 | SO001, SO012 |
| CO016 | Gil Geron became CEO of Orca Security in March 2023, succeeding co-founder Avi Shua in that role; Geron served as Chief Product Officer from founding until the transition. | 高 | SO001, SO012 |
| CO017 | Avi Shua served as CEO and Co-Founder from 2019 to 2023 and transitioned to the role of Chief Innovation Officer in March 2023, retaining responsibility for SideScanning architecture. | 高 | SO001, SO012 |
| CO018 | Raf Chiodo, CRO, brings over 25 years of sales and technology leadership, previously serving as Americas GTM lead at Lacework and in senior roles at Dell Technologies and EMC. | 中 | SO001 |
| CO019 | Gera Dorfman, CPO, spent 20 years at Check Point Software Technologies as VP of Network Security Products, where he led next-generation cybersecurity platform R&D. | 中 | SO001 |
| CO020 | Oded Edri, CFO, previously served as Chief Accounting Officer at Payoneer (NASDAQ: PAYO) and has experience leading a company through an IPO. | 中 | SO001 |
| CO021 | Yoav Alon, CTO, is a security researcher and former Unit 8200 team leader with expertise in Linux and Windows vulnerability research. | 中 | SO001 |
| CO022 | Rachel Nislick, CMO, brings over 25 years of enterprise security marketing experience, including roles at Darktrace, Mimecast, Veracode, and 14 years at PTC. | 中 | SO001 |
| CO023 | Gal Tanchelson, SVP HR, has over 13 years of global HR leadership in technology companies including Check Point and Payoneer. | 中 | SO001 |
| CO024 | The concentration of Check Point Software alumni across Orca's C-suite (CEO, CIO, CPO, CTO, SVP HR) reflects the founders' origins and may represent key-person concentration in institutional knowledge. | 中 | SO001 |
| CO025 | Orca Security raised an initial seed round of approximately $6 million from YL Ventures in 2019, the year of the company's founding. | 中 | SO006, SO012 |
| CO026 | Orca Security raised a $20.5 million Series A in March 2020, co-led by YL Ventures and GGV Capital. | 中 | SO006, SO025 |
| CO027 | Orca Security raised a $55 million round led by ICONIQ Growth (ICONIQ Capital's growth equity platform) in approximately April 2021, with participation from YL Ventures, GGV Capital, and the SVCI (a group of CISOs). The total raised at that point exceeded $82 million. | 高 | SO006, SO019 |
| CO028 | Orca Security raised a $210 million extended Series B round in November 2021 at a $1.2 billion post-money valuation, led by Tiger Global and Accel, with GGV Capital and ICONIQ Growth also participating. | 中 | SO019, SO024 |
| CO029 | Orca Security raised a $340 million Series C in October 2022 at a $1.8 billion post-money valuation, led by CapitalG (Alphabet's independent growth fund) and T. Rowe Price. | 高 | SO018, SO020 |
| CO030 | Total capital raised as of the research date is approximately $630–650 million; Orca's about page states "nearly $630 million" while Forbes reports $650 million. | 高 | SO001, SO012 |
| CO031 | Tiger Global participated as a lead investor in Orca's $210 million November 2021 round, according to SiliconAngle reporting. | 中 | SO019 |
| CO032 | Accel participated in Orca's $210 million November 2021 round; Accel's portfolio page confirms Orca Security as a portfolio company. | 中 | SO023, SO019 |
| CO033 | T. Rowe Price co-led or co-invested in the October 2022 Series C alongside CapitalG, per SiliconAngle and CNBC coverage of the round. | 中 | SO018, SO020 |
| CO034 | Temasek, the Singapore sovereign wealth fund, participated in Orca Security's October 2022 Series C round according to CNBC and SiliconAngle reporting. | 中 | SO018, SO019 |
| CO035 | Orca Security carries a G2 rating of 4.6 out of 5 based on more than 280 customer reviews as of May 2026, and a Gartner Peer Insights score of 4.8 out of 5 per Orca's case studies page. | 中 | SO011, SO015 |
| CO036 | Gartner named Orca Security a Leader in the 2024 Gartner Magic Quadrant for Cloud-Native Application Protection Platforms (CNAPP). | 高 | SO013, SO014 |
| CO037 | Orca Security was named to the Forbes Cloud 100 list in 2022. | 中 | SO012 |
| CO038 | Orca Security received the AWS Global Security Partner of the Year award in 2022 and holds Advanced AWS Security Competency Partner status, according to the company's partners page. | 高 | SO004, SO012 |
| CO039 | Orca Security filed a lawsuit against Wiz in July 2023 alleging copyright infringement and trade secret theft, claiming that Wiz hired former Orca employees who allegedly took source code and proprietary technical information. | 高 | SO017, SO021, SO022 |
| CO040 | The Wiz lawsuit represents a material adverse event for Orca; Wiz had surpassed Orca in public valuation by mid-2024 and is Orca's primary competitive rival in the CNAPP market. | 中 | SO012, SO017 |
| CO041 | In January 2025 Orca Security became the first pure-play CNAPP vendor to achieve AWS ISV Accelerate status, enabling co-sell support with AWS's field sales organization. | 中 | SO004 |
| CO042 | In April 2021 Palo Alto Networks sent Orca Security a cease-and-desist letter over a product comparison benchmark; Orca publicly rejected the demand, framing it as an attempt to suppress factual competitive analysis rather than a substantive legal claim. | 中 | SO006 |
| CO043 | Orca's customer base includes Autodesk (featured in an AWS case study), Paidy (a Japanese fintech/BNPL company using Orca for PCI-DSS compliance), and Digital Turbine (mobile advertising platform), among others. | 高 | SO007, SO008, SO011 |
| CO044 | Paidy reported saving two FTEs and $500,000 per year in cloud security management costs after deploying Orca Security for multi-cloud visibility, per Orca's official case study. | 中 | SO007, SO011 |
| CO045 | Orca Security holds Google Advantage Partner status in addition to its AWS certifications, per the company's partners page. | 中 | SO004 |
| CO046 | The cloud security market in which Orca competes includes Wiz, Palo Alto Networks Prisma Cloud, and CrowdStrike Falcon Cloud Security as primary competitors in the CNAPP segment. | 中 | SO005, SO012 |
| CM001 | The global cloud security market was estimated at $35.84 billion in 2024 and is projected to reach $75.26 billion by 2030, growing at a CAGR of 13.3% from 2025 to 2030. | 高 | SM001, SM002 |
| CM002 | The global CNAPP market was estimated at $9.79 billion in 2023 and is projected to reach $38.01 billion by 2030, growing at a CAGR of 21.8% from 2024 to 2030 — outpacing the broader cloud security market's 13.3% CAGR due to platform consolidation dynamics. | 高 | SM002, SM013 |
| CM003 | Multiple major analyst firms including Gartner, Grand View Research, IDC, Forrester, and MarketsandMarkets publish CNAPP and cloud security market sizing reports; Gartner's 2024 Magic Quadrant for CNAPP provides vendor positioning alongside proprietary market sizing in subscription reports. | 高 | SM001, SM002, SM013 |
| CM004 | North America holds over 39% of the CNAPP market and the U.S. CNAPP sub-market is growing at a CAGR of 20.5% from 2024 to 2030, validating the North American enterprise go-to-market focus. | 中 | SM002, SM013 |
| CM005 | Large enterprises account for over 58% of CNAPP market revenue and over 74% of the broader cloud security market, confirming the enterprise-centric demand structure of both segments. | 高 | SM001, SM002 |
| CM006 | Applying the large enterprise share (58%+) to the 2023 CNAPP TAM of $9.79 billion yields an estimated Orca SAM of approximately $5.7 billion in 2023, growing at the 21.8% CNAPP CAGR. | 中 | SM002, SM017 |
| CM007 | Orca's Serviceable Obtainable Market (SOM) near-term is not directly derivable from public data; a heuristic range of $300–700 million in ARR is framed by Orca's $1.8B Series C valuation and Gartner MQ Leader status, but carries low confidence absent disclosed financials. | 低 | SM013, SM017 |
| CM008 | Multi-cloud and hybrid cloud adoption is adding complexity to enterprise cloud environments, fueling demand for unified cloud security architectures; AWS explicitly positions cloud-native security as foundational to cloud migration strategy. | 中 | SM001, SM011 |
| CM009 | Zero-trust architecture mandates codified in U.S. executive orders and NIST CSF 2.0 are accelerating cloud security investment; a U.S. EO signed June 6, 2025 charges NIST and federal agencies to further strengthen the nation's cybersecurity posture. | 中 | SM004, SM011 |
| CM010 | The IBM Cost of a Data Breach Report 2025 places the global average breach cost at $4.4 million — a 9% decrease year-over-year attributed to faster AI-aided detection — representing a sustained financial risk driver for cloud security investment; AI-aided organizations save $1.9M vs non-AI peers. | 中 | SM003, SM001 |
| CM011 | According to Thales Cloud Security Study 2024, fewer than 10% of enterprises encrypt 80%+ of their cloud data; 44% reported cloud security incidents, and 14% experienced actual breaches — quantifying the gap between current cloud security posture and coverage requirements. | 中 | SM001, SM006 |
| CM012 | DevSecOps practices integrating security into development and operations workflows are driving CNAPP adoption by expanding the buyer base into developer teams and making security a continuous concern across the application lifecycle. | 中 | SM002, SM005 |
| CM013 | Cloud misconfigurations remain a primary attack vector; Cloud Security Alliance confirms that attackers exploit misconfigured cloud infrastructure without requiring zero-day exploits, making continuous CSPM a fundamental requirement rather than an optional enhancement. | 中 | SM005, SM004 |
| CM014 | AI integration in security operations delivers $1.9 million in cost savings versus non-AI peers (IBM 2025), creating pull-through demand for AI-integrated CNAPP capabilities including AI SPM. | 中 | SM003, SM023 |
| CM015 | Remote and hybrid workforce proliferation has expanded cloud attack surfaces, elevating cloud security from secondary IT concern to strategic board-level imperative and driving enterprise security budget increases. | 中 | SM001, SM011 |
| CM016 | GDPR and CCPA impose data protection, breach notification within 72 hours, and data minimization requirements on organizations handling personal data in cloud environments, creating direct mandates for CNAPP DSPM and data classification capabilities. | 高 | SM010, SM004 |
| CM017 | PCI-DSS v4.0 mandates continuous vulnerability scanning, configuration monitoring, and access controls for cloud environments processing payment card data; fewer than 50% of organizations maintain full PCI compliance year-over-year, creating persistent compliance automation demand. | 高 | SM008, SM010 |
| CM018 | The HIPAA Security Rule requires covered entities to implement technical safeguards — including access controls, audit controls, integrity controls, and transmission security — for ePHI stored in cloud environments, creating direct mandates for cloud security posture management. | 高 | SM007, SM010 |
| CM019 | The NIST Cybersecurity Framework 2.0 and U.S. executive orders mandate zero-trust adoption for federal agencies and their suppliers, creating a substantial procurement channel for cloud security vendors that meet FedRAMP and NIST CSF compliance requirements. | 高 | SM004, SM011 |
| CM020 | The EU's NIS2 Directive imposes cybersecurity risk management and incident reporting obligations on essential and important entities across energy, transport, banking, healthcare, and digital infrastructure in EU member states. | 中 | SM010, SM004 |
| CM021 | FedRAMP authorization is required for cloud service providers serving U.S. federal government agencies; AWS and Google Cloud maintain FedRAMP authorizations, demonstrating the framework's scope; Orca's FedRAMP status is unconfirmed as of May 2026. | 中 | SM010, SM011 |
| CM022 | Google Cloud's compliance resource center documents the breadth of standards — PCI DSS, HIPAA, SOC 2, ISO 27001, and GDPR — that cloud-hosted organizations navigate, confirming the multi- regulation compliance complexity that drives demand for continuous monitoring through CNAPP. | 中 | SM010, SM004 |
| CM023 | Hyperscaler native security tools — AWS Security Hub, Azure Defender for Cloud, and Google Cloud Security Command Center — provide baseline CSPM and workload protection at low or no incremental cost to existing cloud customers, constraining the addressable pool for pure-play CNAPP vendors. | 中 | SM011, SM009 |
| CM024 | Palo Alto Networks Prisma Cloud and CrowdStrike Falcon Cloud Security enable CNAPP bundling with broader security suites, creating pricing pressure on pure-play CNAPP competitors who cannot offer equivalent bundle discounts. | 中 | SM009, SM014 |
| CM025 | Wiz is Orca's most direct pure-play CNAPP rival; Orca filed a 2023 lawsuit alleging trade secret theft and copyright infringement; Wiz reached a $12B valuation and raised $1B in 2024, signaling a formidably funded competitor able to sustain aggressive pricing and go-to-market investment. | 中 | SM009, SM014 |
| CM026 | Market consolidation dynamics in cloud security are squeezing mid-tier and pure-play vendors; enterprises increasingly pursue platform strategies that favor large integrated vendors over specialized point-solution providers. | 中 | SM009, SM014 |
| CM027 | Macroeconomic budget pressures periodically drive enterprises to rationalize vendor counts, benefiting platform consolidators over specialized security tools; IBM breach cost data creates pull for security investment but does not prevent vendor rationalization cycles. | 中 | SM003, SM009 |
| CM028 | Basic CSPM capabilities are gradually commoditizing as hyperscalers expand native posture management features, creating long-term structural pressure on premium CNAPP pricing and requiring Orca to increasingly differentiate on CIEM, DSPM, AI SPM, and attack-path intelligence. | 中 | SM011, SM009 |
| CM029 | Orca Security's ideal customer profile centers on enterprise organizations with significant multi-cloud deployments — typically with $10 million or more in annual cloud spend across two or more cloud providers — where agentless deployment eliminates agent sprawl at scale. | 中 | SM017, SM019 |
| CM030 | The BFSI sector accounts for over 21% of the CNAPP market — the single largest end-use vertical — driven by PCI-DSS, SOX, and GLBA compliance requirements combined with high cloud adoption for core banking and fintech modernization. | 高 | SM002, SM013 |
| CM031 | Orca's documented enterprise case studies include Paidy (fintech, multi-cloud visibility and PCI-DSS compliance) and Digital Turbine (mobile advertising, rapid time-to-value deployment), validating the ICP in practice. | 高 | SM021, SM019 |
| CM032 | Large enterprises represent over 58% of CNAPP market revenue and over 74% of the broader cloud security market; enterprise-focused go-to-market strategies capture the majority of total cloud security spend. | 高 | SM001, SM002 |
| CM033 | Healthcare organizations face HIPAA-mandated technical safeguards for cloud-hosted ePHI and represent a significant CNAPP buyer vertical; DSPM and compliance pack capabilities directly address the HIPAA technical safeguard requirements. | 中 | SM007, SM021 |
| CM034 | Government and public sector represents an emerging CNAPP segment requiring FedRAMP-authorized vendors; Orca's public documentation does not confirm FedRAMP authorization as of May 2026, representing a material gap for federal government opportunity. | 中 | SM010, SM011 |
| CM035 | CNAPP enterprise buying patterns follow a CISO-led model with three-to-nine-month deal cycles including proof-of-concept stages that test agentless deployment coverage and risk prioritization accuracy; expansion is driven by new modules and cloud account onboarding. | 中 | SM017, SM019 |
| CM036 | The CNAPP market is in the early-growth phase of adoption, moving toward mainstream enterprise procurement cycles; platform segment accounts for 60%+ of CNAPP revenue (Grand View Research), growing faster than the managed services segment at 14.7% CAGR. | 中 | SM002, SM013 |
| CM037 | Gartner named Orca Security a Leader in the 2024 Magic Quadrant for Cloud-Native Application Protection Platforms, validating Orca's enterprise-grade capability and market execution as assessed by the leading technology analyst firm. | 高 | SM013, SM017 |
| CM038 | CNAPP market consolidation follows the historical pattern of SIEM and EDR categories, both of which consolidated into platform vendors before further integration into security suites, suggesting CNAPP will consolidate around two to four dominant platform providers. | 中 | SM013, SM009 |
| CM039 | AI Security Posture Management (AI SPM) is an emerging CNAPP capability expansion; Orca's AI SPM module positions the platform at the leading edge of securing AI workloads and model infrastructure, an incremental TAM expansion as AI proliferates across enterprises. | 中 | SM023, SM002 |
| CM040 | Cloud Security Alliance blog coverage as of May 2026 confirms that AI agent security, DevSecOps integration, and multi-cloud visibility remain active practitioner discourse themes, indicating a CNAPP market not yet at the commoditization phase. | 中 | SM005, SM014 |
| CM041 | TechCrunch cloud security coverage and continued venture investment in the CNAPP category reflect an active growth phase with ongoing M&A interest and new entrant funding — signals of category expansion rather than terminal consolidation. | 中 | SM015, SM013 |
| CM042 | Orca's AWS ISV Accelerate status (first pure-play CNAPP vendor to achieve this, January 2025) provides AWS field sales co-sell support and validates Orca's position as a key AWS security ecosystem partner, creating a structural distribution advantage within the AWS customer base. | 中 | SM022, SM017 |
| CP001 | The CNAPP market has two competitive tiers: pure-play agentless specialists (Orca, Wiz, Aqua, Sysdig) and hyperscaler-native bundled tools (Microsoft Defender for Cloud, AWS Security Hub, Google Security Command Center). | 中 | SP001, SP012, SP019 |
| CP002 | Gartner named both Orca Security and Wiz as Leaders in the 2024 Gartner Magic Quadrant for Cloud-Native Application Protection Platforms, indicating both vendors are positioned as visionary and strong executors by enterprise buyers. | 高 | SP019, SP020, SP023 |
| CP003 | Gartner Peer Insights lists both Orca Security and Wiz in the CNAPP market with 5-star ratings, reflecting strong enterprise customer satisfaction for both vendors as of May 2026. | 高 | SP019, SP020, SP023 |
| CP004 | The CNAPP market in which Orca competes is projected to reach approximately $156 billion by 2032, more than triple the 2024 market value, according to estimates cited on Orca's blog. | 中 | SP003 |
| CP005 | G2's Cloud Security Posture Management category includes both Orca Security and Wiz as prominent vendors, with peer reviews indicating strong but differentiated positioning. | 中 | SP025, SP019 |
| CP006 | Wiz is trusted by more than 50% of Fortune 100 companies as of May 2026, per the Wiz website, representing a level of enterprise penetration significantly ahead of Orca Security's publicly documented customer base. | 高 | SP005, SP006, SP004 |
| CP007 | Wiz was acquired by Google for approximately $32 billion in 2025, providing Wiz with Google Cloud distribution leverage, financial backing for pricing aggression, and deep integration potential with Google Security Command Center. | 中 | SP004, SP005, SP018 |
| CP008 | Wiz's AI-Application Protection Platform spans CSPM, CWPP, KSPM, CIEM, CDR, runtime protection via the Wiz Sensor, and AI security posture management for AI-native application lifecycles, making its CNAPP breadth comparable to Orca's platform. | 中 | SP004, SP007 |
| CP009 | Palo Alto Networks Prisma Cloud, rebranded as Cortex Cloud, is positioned as the most comprehensive CNAPP platform, analyzing one trillion events every 24 hours and detecting 1.5 million new attacks per day via Precision AI technology. | 高 | SP008, SP021 |
| CP010 | CrowdStrike Falcon Cloud Security achieved 100% detection and protection with zero false positives in MITRE's first-ever cloud security evaluation, differentiating it through elite adversary intelligence tracking 281-plus global adversaries. | 高 | SP009, SP022 |
| CP011 | CrowdStrike Falcon Cloud Security offers both agentless posture management and Falcon sensor-based runtime protection, accelerating threat response time by 89% per its cloud detection and response product description. | 中 | SP009 |
| CP012 | Aqua Security's platform protects over 500 of the world's largest enterprises and is built as a code-to-cloud CNAPP that combines agent and agentless technology into a single platform, founded in 2015 and headquartered in Boston and Ramat Gan. | 中 | SP010, SP011 |
| CP013 | Sysdig's platform is built on the open-source Falco project and provides sub-second real-time threat detection for cloud-native and Kubernetes environments, with an AI analyst (Sysdig Sage) for investigation and response. | 中 | SP013, SP014 |
| CP014 | Lacework was merged with Fortinet in 2024, combining Lacework's ML-based anomaly detection and behavioral analytics with Fortinet's $5 billion-plus network security distribution and customer base. | 中 | SP001, SP019 |
| CP015 | Wiz's G2 rating stands at 4.7 out of 5 from 772 or more reviews, compared to Orca's 4.6 from approximately 280 reviews, a gap reflecting Wiz's faster commercial growth and larger review volume. | 中 | SP004, SP025 |
| CP016 | Orca Security's platform covers CSPM, CWPP, KSPM, CIEM, CDR, DSPM, and AI SPM through a single agentless architecture, with 100% workload-deep coverage claimed within minutes of connecting a cloud account. | 高 | SP001, SP002 |
| CP017 | Orca's SideScanning™ technology reads cloud workload data by integrating with cloud provider APIs and accessing read-only block storage snapshots, eliminating agent deployment friction and enabling coverage of serverless functions, managed databases, and assets that cannot run conventional agents. | 高 | SP001, SP002, SP003 |
| CP018 | Orca Security's Unified Data Model correlates data across all CNAPP capabilities into a single graph to surface attack paths that chain individually low-severity findings into high-severity scenarios, enabling the prioritization of the 1% of alerts that matter most. | 中 | SP001, SP003 |
| CP019 | Wiz uses an agentless architecture similar to Orca's—scanning via cloud API integrations— but also offers a Wiz Sensor for runtime protection, giving it a hybrid deployment model that Orca, which remains purely agentless, does not match. | 中 | SP004, SP007 |
| CP020 | Orca Security achieved AWS ISV Accelerate status in January 2025, becoming the first pure-play CNAPP vendor to do so, providing co-sell support through AWS's field sales teams. | 中 | SP001, SP002 |
| CP021 | Orca Security supports multi-cloud environments spanning AWS, Azure, Google Cloud, Kubernetes, and Oracle Cloud Infrastructure (OCI), providing breadth that hyperscaler-native tools restricted to a single cloud cannot match. | 中 | SP001, SP003 |
| CP022 | Orca's context-aware risk prioritization reduces alert noise for security teams by surfacing attack paths rather than individual CVEs, differentiating it from simpler agentless scanning tools that produce flat vulnerability lists without attack-path context. | 中 | SP001, SP003 |
| CP023 | Microsoft Defender for Cloud is an integrated CNAPP offering both free and paid tiers, with a free basic CSPM tier that is automatically enabled for Azure subscriptions and reduces willingness-to-pay for third-party CSPM tools among Azure-centric buyers. | 高 | SP015, SP019 |
| CP024 | AWS Security Hub consolidates security findings from AWS-native services and partner integrations, providing CSPM-level visibility at very low cost for AWS-native customers, effectively commoditizing basic cloud posture management for AWS workloads. | 高 | SP016, SP017 |
| CP025 | Amazon GuardDuty uses AI and ML with AWS-native threat intelligence to monitor CloudTrail logs, VPC flow logs, DNS queries, and EKS control plane activity, offering threat detection capabilities for AWS workloads without the per-workload cost of a full CNAPP subscription. | 高 | SP017, SP016 |
| CP026 | Google Security Command Center provides default always-on security for GCP workloads with built-in threat detection, virtual red teaming using attack simulations against a digital twin of the customer's cloud environment, and AI workload protection covering prompt injection and model security. | 中 | SP018 |
| CP027 | Google's acquisition of Wiz creates integration potential between Wiz CNAPP and Google Security Command Center that could make GCP-native CNAPP substantially more competitive against independent vendors like Orca, especially for GCP-primary enterprises. | 中 | SP018, SP004 |
| CP028 | Hyperscaler-native security tools (Microsoft Defender, AWS Security Hub/GuardDuty, Google SCC) are limited to their respective cloud environments and provide minimal multi-cloud value, making multi-cloud breadth Orca's primary counter-positioning argument. | 中 | SP015, SP016, SP018 |
| CP029 | Palo Alto Networks Prisma Cloud pricing uses a credit-based consumption model, with multi-year enterprise bundles that provide significant discounts for existing PANW customers, making CNAPP-only purchase justification challenging when competing in accounts with existing PANW firewall or endpoint relationships. | 中 | SP008, SP021 |
| CP030 | Orca Security holds a granted US patent on its SideScanning™ agentless cloud scanning architecture, representing the primary intellectual property moat that the company has sought to enforce against competitor Wiz in its July 2023 lawsuit. | 高 | SP001, SP002 |
| CP032 | Customer switching costs for Orca Security are generated by API-token cloud integrations, accumulated custom policy configurations, compliance rule libraries, and SIEM/SOAR/ticketing workflow connections established over the contract lifecycle. | 中 | SP001, SP003 |
| CP033 | Orca Security cites 100-plus ecosystem integrations with security operations tools including SIEM, SOAR, and ticketing platforms, embedding the platform into customer security workflows and deepening retention economics. | 中 | SP001, SP002 |
| CP034 | Wiz's Google-backed pricing aggression is a primary displacement risk for Orca Security, as Google's financial resources enable competitive discounting that Orca cannot match on a standalone basis without materially impacting its economics. | 中 | SP006, SP004 |
| CP035 | Platform consolidation by large security vendors such as Palo Alto Networks and CrowdStrike represents a structural displacement risk to pure-play CNAPP vendors, as enterprises increasingly prefer to consolidate vendor relationships rather than maintain separate CNAPP subscriptions alongside existing platform investments. | 中 | SP008, SP009, SP019 |
| CP036 | Orca Security was named a Leader in the 2024 Gartner Magic Quadrant for Cloud-Native Application Protection Platforms, validating its enterprise credibility and CNAPP breadth in the same year that Wiz achieved the same recognition. | 高 | SP023, SP019 |
| CP037 | Orca Security's AWS ISV Accelerate co-sell status, achieved in January 2025, represents a channel distribution moat against Wiz in AWS-primary accounts, as Wiz's distribution advantage is primarily through the Google Cloud channel. | 中 | SP001, SP016 |
| CP038 | Lacework's merger with Fortinet, completed in 2024, exemplifies the platform-bundling trend that reduces the standalone CNAPP addressable market by integrating cloud security capabilities into broader network and security platform bundles. | 中 | SP024, SP019 |
| CP039 | Orca Security's deployment advantage—cloud account onboarding in minutes without agent installation—is most pronounced against traditional agent-heavy platforms like CrowdStrike and Prisma Cloud, and is comparatively less differentiated versus Wiz which uses the same agentless approach. | 中 | SP001, SP003, SP009 |
| CP040 | Microsoft Defender for Cloud offers both free and paid tiers including pay-as-you-go and a pre-purchase Commit Units model that saves up to 22%, making it the most price- competitive CNAPP alternative for Microsoft-centric enterprises with existing Azure infrastructure investments. | 高 | SP015, SP019 |
| CI001 | Orca Security raised $340 million in Series C funding at a $1.8 billion post-money valuation in October 2022, led by Temasek. | 高 | SI001, SI003, SI020, SI022 |
| CI002 | Orca's total capital raised as of October 2022 is described on its official About page as 'nearly $630 million in combined funds at a $1.8 billion valuation.' | 高 | SI015, SI001 |
| CI003 | Orca raised $210 million in Series B financing in November 2021 at a $1.2 billion valuation, led by ICONIQ Capital and CapitalG. | 中 | SI002, SI021, SI010 |
| CI004 | Orca Security operates a pure-SaaS subscription model: annual licenses covering cloud accounts and workloads with no agent software to install or maintain. | 中 | SI015, SI006 |
| CI005 | Orca's revenue unit is the cloud account or cloud asset covered, enabling revenue to scale automatically as customers expand their cloud footprint. | 中 | SI015, SI017 |
| CI006 | Orca distributes through direct enterprise sales, cloud marketplace listings (AWS, GCP, Azure), and reseller/MSSP channel partners. | 中 | SI006, SI024 |
| CI007 | Orca does not publicly disclose list pricing; enterprise contracts are negotiated directly with sales teams, consistent with enterprise SaaS norms. | 中 | SI019, SI018 |
| CI008 | SEC EDGAR Form D searches confirm that Orca Security has registered exempt private placements under Regulation D consistent with its disclosed fundraising rounds. | 中 | SI004, SI005 |
| CI009 | ARR for Orca Security is estimated at $50–200 million as of end-2022, based on the $1.8 billion valuation and implied SaaS revenue multiples of 9×–36×; no confirmed figure has been disclosed. | 低 | SI016, SI020 |
| CI010 | Gross margin for Orca is estimated at 70–80%, consistent with peer cloud security SaaS companies (CrowdStrike reports ~75%, Palo Alto Networks cloud units ~72–78%). | 低 | SI026, SI016 |
| CI011 | Net revenue retention (NRR) is not disclosed by Orca; comparable cloud security SaaS companies (CrowdStrike, Zscaler) report NRR in the 110–130% range, suggesting expansion is plausible but unverified. | 低 | SI018, SI019 |
| CI012 | Customer acquisition cost and payback period are not publicly disclosed by Orca Security; no official CAC data is available from press releases, filings, or investor communications. | 中 | SI016, SI026 |
| CI013 | For enterprise SaaS at Orca's scale and stage, industry benchmarks suggest CAC/first-year-ACV ratios of 0.8–1.5×, implying payback periods of 10–18 months at healthy NRR. | 低 | SI026 |
| CI014 | Orca's pure-SaaS delivery model requires negligible capital expenditure: no hardware procurement, no physical infrastructure, and no manufacturing inventory. | 中 | SI004, SI015 |
| CI015 | Orca Security appointed Gil Geron as Chief Executive Officer in March 2023, replacing co-founder Avi Shua who transitioned to a new role. | 中 | SI009 |
| CI016 | Forbes reported in 2022 that Orca Security's client list tripled year-over-year, naming Unity, Gannett, and SAP as enterprise customer examples. | 中 | SI016 |
| CI017 | Public customer case studies name Autodesk, Paidy, and Digital Turbine as Orca Security customers, providing a verified floor of at least three named enterprise logos. | 中 | SI014, SI015 |
| CI018 | Orca Security's LinkedIn company page shows 127,786 followers as observed in May 2026, serving as a proxy for brand awareness and approximate headcount scale. | 中 | SI017 |
| CI019 | SecurityWeek reported that Orca faces intensifying competition in the crowded cloud security market, particularly from Wiz, which achieved rapid ARR growth with a competing agentless approach. | 中 | SI008 |
| CI020 | Wiz reportedly reached $100 million ARR in approximately 18 months after launch, a faster growth trajectory than Orca's comparable period, intensifying market share competition. | 低 | SI008 |
| CI021 | Intensifying competition from Wiz and other agentless cloud security vendors creates pricing pressure that may compress Orca's realized ASP and retention metrics. | 中 | SI008, SI019 |
| CI022 | Orca's $1.8 billion valuation against a wide ARR estimate of $50–200 million implies a revenue multiple of 9×–36×, a range too wide to support investment conviction without ARR confirmation. | 低 | SI008, SI026 |
| CI023 | Monthly burn rate is estimated at $4–8 million based on a 1,000+ employee headcount proxy (LinkedIn) and SaaS industry all-in cost benchmarks of $50–100k per head annually. | 低 | SI017, SI026 |
| CI024 | Estimated runway from the $340 million Series C (October 2022) is 24–48 months at the estimated burn-rate range, placing the next financing event in the 2024–2026 window. | 低 | SI001, SI017 |
| CI025 | Google Cloud officially lists Orca Security as an ISV security partner with confirmed marketplace integration, validating the GCP distribution channel. | 中 | SI006 |
| CI026 | Orca Security maintains a public GitHub organization (orcasecurity) with repositories including Terraform providers, open-source integrations, and developer tools. | 中 | SI007 |
| CI027 | SEC Form D filings for Orca Security are confirmed via SEC EDGAR and EFTS full-text search, consistent with Regulation D exempt fundraising for all disclosed rounds. | 中 | SI004, SI005 |
| CI028 | Temasek, the Singapore sovereign-wealth investor, confirmed its participation as lead investor in Orca's Series C round per its official news hub. | 中 | SI012, SI001 |
| CI029 | Gartner named Orca Security a Magic Quadrant Leader for CNAPP in April 2024, per an official Orca press release carried on GlobeNewswire. | 中 | SI013, SI019 |
| CI030 | Orca's revenue streams include: (1) platform CNAPP subscription, (2) compliance module add-ons, (3) AI security posture management module, (4) professional services, and (5) cloud marketplace distribution. | 中 | SI015, SI016 |
| CI031 | Orca Security has not disclosed ARR, revenue, or customer count in any public filing, investor release, or media statement; all financial metrics are private. | 中 | SI015, SI026 |
| CI032 | Orca's Series A of approximately $20.5 million in March 2020 was led by GV (Google Ventures) and YL Ventures, establishing the early institutional investor base. | 中 | SI021, SI023 |
| CI033 | Orca's revenue is estimated to have grown 2×–3× from Series B (November 2021) to Series C (October 2022) based on the pace of commercial announcements and client-count growth signals. | 低 | SI016, SI021 |
| CI034 | Orca's SaaS delivery model has negligible capital expenditure requirements; all infrastructure runs on public cloud and the COGS profile is dominated by cloud hosting rather than hardware. | 中 | SI004, SI015 |
| CI035 | The CNAPP total addressable market is estimated at $10 billion or more by 2026 per analyst coverage, supporting Orca's growth runway in the core market. | 低 | SI013, SI026 |
| CI036 | Orca's public case-study library includes named enterprise customers: Autodesk, Paidy, and Digital Turbine, providing validated customer proof for the enterprise segment. | 中 | SI014 |
| CI037 | Orca does not publish pricing on its website; enterprise pricing requires direct sales contact, confirmed by the absence of a pricing page and by G2 and Gartner reviewer comments on negotiated contracts. | 中 | SI019, SI016 |
| CI038 | Capital adequacy and runway cannot be independently verified for Orca as a private company; all burn, runway, and cash-position figures presented are model estimates pending data-room access. | 中 | SI004, SI005 |
| CE001 | Orca's SideScanning technology reads cloud workload runtime block storage via read-only cloud provider APIs without deploying agents on or executing code within the customer's cloud workloads. | 高 | SE003, SE001 |
| CE002 | Orca Security holds a patent on the SideScanning method of agentless cloud workload scanning, described by the company as the first such approach in the cloud security industry. | 高 | SE009, SE001 |
| CE003 | Orca claims cloud accounts can be onboarded and fully covered in minutes using SideScanning, with no performance impact on running workloads. | 高 | SE001, SE002 |
| CE004 | SideScanning provides coverage of serverless functions, managed databases, stopped instances, and other assets that cannot host conventional security agents. | 高 | SE001, SE007 |
| CE005 | SideScanning uses read-only cloud APIs and does not execute any opcodes within the customer's cloud environment, making it fully non-invasive. | 高 | SE003, SE007 |
| CE006 | Orca's platform supports AWS, Azure, GCP, OCI (Oracle Cloud), Alibaba Cloud, and Tencent Cloud as cloud provider targets for SideScanning. | 高 | SE005, SE001 |
| CE007 | Orca's Unified Data Model correlates findings across infrastructure, workload, identity, and data layers in a single graph-based model enabling cross-layer attack path analysis. | 高 | SE002, SE001 |
| CE008 | Orca's context engine prioritizes the "1% of alerts that truly matter" by analyzing attack paths, blast radius, and sensitive data at risk, reducing alert fatigue. | 中 | SE001, SE008 |
| CE009 | The Orca CNAPP platform includes CSPM, CWPP, CIEM, DSPM, Container/KSPM, API Security, AI SPM, CDR, and Compliance modules in a single unified platform. | 高 | SE001, SE002, SE008 |
| CE010 | Orca's CIEM module identifies identity risks including excessive permissions, cross-account access paths, and IAM misconfigurations across multi-cloud environments. | 中 | SE002, SE011 |
| CE011 | Orca's DSPM module scans cloud storage, databases, and data services to classify sensitive data (PII, credentials, secrets, IP) and identify exposure risks. | 中 | SE002, SE008 |
| CE012 | Orca launched AI Security Posture Management (AI SPM) in 2024 to scan AI models, training datasets, ML pipelines, and AI service configurations for security risks. | 中 | SE006, SE001 |
| CE013 | Orca's AI SPM addresses security of AI models and datasets within cloud environments, noting that AI resources carry elevated risk because training data often contains sensitive intellectual property. | 中 | SE006 |
| CE014 | Orca's Container Security and KSPM module covers Kubernetes posture management, container image scanning, RBAC configuration assessment, and network policy analysis. | 高 | SE010, SE002 |
| CE015 | Orca's Cloud Detection and Response (CDR) module provides real-time runtime threat detection through an optional lightweight Orca Sensor that can be deployed on workloads requiring true runtime visibility. | 中 | SE002, SE007 |
| CE016 | Orca's attack path analysis module surfaces multi-hop chains of risk called "toxic combinations," visualizing lateral movement paths across cloud misconfigurations, vulnerable software, and identity over-permissions. | 高 | SE002, SE001 |
| CE017 | Orca integrates shift-left security into CI/CD pipelines including IaC template scanning, container image scanning, and secrets detection, tracing production findings back to their code origins. | 中 | SE002, SE014 |
| CE018 | Orca is integrated with more than 100 AWS services and products including Amazon ECS, S3, GuardDuty, CloudTrail, Amazon Security Lake, and AWS Security Hub. | 高 | SE005, SE001 |
| CE019 | Orca is an Advanced AWS Security Competency Partner and won the 2022 AWS Global Security Partner of the Year award. | 高 | SE005, SE016 |
| CE020 | Orca integrates with Azure Security Center, Azure Sentinel, and Azure AD SSO, and leverages Microsoft Azure OpenAI Service GPT-4 for AI-powered remediation guidance. | 中 | SE005, SE002 |
| CE021 | Orca is a Google Advantage Partner supporting GCP services including Chronicle SIEM/SOAR, Security Command Center, Pub/Sub, SSO, and Vertex AI, with a Google Cloud Marketplace listing. | 中 | SE005, SE008 |
| CE022 | Orca offers native integrations with Jira, ServiceNow, Slack, PagerDuty, Splunk, Microsoft Sentinel, AWS Security Hub, and Google Chronicle for security operations and remediation workflows. | 高 | SE004, SE001 |
| CE023 | A Terraform provider for Orca Security is available on the Terraform Registry under the orcasecurity/orca namespace, enabling policy-as-code configuration of Orca scanning policies. | 中 | SE013, SE014 |
| CE024 | Orca's GitHub organization (orcasecurity) publicly maintains a Terraform provider, CLI tool (orca-cli), Homebrew formula, and six GitHub Actions for shift-left CI/CD security scanning covering SAST, secrets, SCA, filesystem, container image, and IaC. | 中 | SE014, SE013 |
| CE025 | Orca's shiftleft GitHub Actions include distinct actions for SAST, secrets detection, SCA, filesystem scanning, container image scanning, and IaC scanning, available under the Apache-2.0 license. | 中 | SE014 |
| CE026 | Orca's CLI (orca-cli) is a PowerShell-based tool maintained with a Homebrew formula for macOS, updated as recently as May 11, 2026, providing programmatic platform access. | 中 | SE014 |
| CE027 | Orca provides product documentation at docs.orca.security (referenced in the platform and case study pages) covering platform setup, module configuration, and integration guides. | 低 | SE001 |
| CE028 | Orca Security was founded in 2019 and introduced the industry's first agentless cloud security solution based on SideScanning technology, pioneering the agentless CNAPP category. | 中 | SE009, SE003 |
| CE029 | By April 2021 (Series B), Orca's research team had used SideScanning to scan thousands of virtual appliances across Dell, Cisco, IBM, Symantec, Splunk, and Oracle, helping hundreds of organizations improve security posture of shipped products. | 中 | SE028, SE025 |
| CE030 | Orca launched an AI capabilities initiative branded "Orca AI" covering AI Code Fixes, AI Discovery (natural-language cloud asset search), AI Assistant (chat interface), and AI Agents (autonomous analysis and remediation workflows). | 中 | SE002, SE006 |
| CE031 | Gartner named Orca Security a Leader in its 2024 Magic Quadrant for Cloud-Native Application Protection Platforms (CNAPP), a market Gartner first named in 2020. | 高 | SE016, SE021 |
| CE032 | Orca Security carries a G2 rating of 4.6 out of 5 from more than 280 customer reviews as of May 2026, with average implementation time of approximately one month. | 中 | SE015 |
| CE033 | In January 2025, Orca Security became the first pure-play CNAPP vendor to achieve AWS ISV Accelerate status, enabling co-sell support with AWS's field sales organization. | 高 | SE022, SE005 |
| CE034 | Autodesk uses Orca Security for securing generative AI applications on AWS, as documented in an Orca case study titled "Building secure generative AI applications." | 中 | SE012, SE026 |
| CE035 | Orca's own public documentation acknowledges that agentless SideScanning provides near-real-time rather than true real-time monitoring, relying on snapshots with a delay rather than continuous runtime observation. | 高 | SE007, SE001 |
| CE036 | Ephemeral containers and short-lived serverless workloads that are created and destroyed within a single SideScanning cycle may not be captured, representing a coverage gap in highly dynamic Kubernetes environments. | 中 | SE007, SE002 |
| CE037 | Agent-based security solutions can detect fileless execution and in-memory attacks in real-time runtime, a threat vector that agentless snapshot-based scanners like Orca cannot fully address without the optional Orca Sensor. | 中 | SE007, SE015 |
| CE038 | Orca added an optional Orca Sensor for Cloud Detection and Response (CDR) to address real-time detection gaps, but this component requires deployment and adds operational overhead unlike the core agentless approach. | 中 | SE002, SE007 |
| CE039 | Wiz, Orca's primary CNAPP competitor, surpassed Orca in reported valuation by mid-2024, reaching approximately $32 billion versus Orca's last-known $1.8 billion from the 2022 Series C, indicating significant competitive pressure. | 中 | SE024, SE018 |
| CE040 | G2 user reviews of Orca Security include feedback mentioning scanning latency, alert volume management challenges, and learning curve for navigating the unified platform. | 中 | SE015 |
| CE041 | Orca Security's engineering culture is rooted in the Israeli cybersecurity ecosystem, with co-founders Avi Shua and Gil Geron both holding backgrounds in Israel Intelligence Corps (Unit 8200) and Check Point Software Technologies, and the R&D center in Tel Aviv. | 中 | SE009, SE023 |
| CE042 | Orca's GitHub organization (orcasecurity) maintains more than 10 public repositories covering Terraform provider, CLI, GitHub Actions, and plugin/skill frameworks, demonstrating active open-source engineering investment. | 中 | SE014 |
| CE043 | The orca-skills GitHub repository had 42 stars and was updated May 14, 2026; the orca-cli was updated May 11, 2026; these recency signals indicate active engineering maintenance as of the research date. | 中 | SE014 |
| CE044 | The terraform-provider-orcasecurity is licensed MPL-2.0 and was last updated May 5, 2026, with 14 GitHub stars, confirming active maintenance of the IaC developer tool. | 中 | SE014, SE013 |
| CE045 | Orca claims its platform can be configured and operational in minutes because no agents need to be installed, versus days or weeks for agent-based CNAPP alternatives. | 中 | SE001, SE007 |
| CE046 | Orca's Gartner Peer Insights score is 4.8 out of 5, and G2 users report implementation time of approximately one month for the full platform. | 中 | SE016, SE015 |
| CU001 | Orca Security primarily serves enterprise-scale organizations operating complex multi-cloud environments across AWS, Azure, and GCP. | 高 | SU010, SU016 |
| CU002 | Orca's deepest customer traction is concentrated in five verticals: financial services, technology and SaaS, healthcare and life sciences, retail and e-commerce, and media and entertainment. | 中 | SU011, SU013 |
| CU003 | Orca Security served 800+ organizational customers as of its October 2022 Series C announcement, as stated in official company press materials. | 高 | SU008, SU015 |
| CU004 | Orca achieved approximately 3x year-over-year customer growth from 2020 to 2022, driven by strong enterprise demand for agentless cloud security. | 中 | SU008, SU021 |
| CU005 | Orca Security reports a Net Promoter Score of 72, significantly above typical enterprise software benchmarks of 30-40. | 中 | SU010, SU016 |
| CU006 | TrustRadius enterprise reviewers rate Orca Security at 4.3 out of 5, with strengths noted in risk prioritization and compliance automation. | 中 | SU001 |
| CU007 | G2 rates Orca Security at 4.5 out of 5 based on 150+ reviews, with enterprise buyers praising agentless deployment speed and comprehensive cloud visibility. | 中 | SU012, SU027 |
| CU008 | PeerSpot rates Orca Security's cloud security platform at 4.3 out of 5 based on 16 enterprise reviews as of 2023. | 中 | SU002 |
| CU009 | Wiz holds a G2 rating of 4.7 out of 5, outpacing Orca Security's 4.5 and reflecting stronger reviewer sentiment for Wiz's user experience and deployment simplicity. | 中 | SU012, SU027 |
| CU010 | G2's head-to-head comparison shows Orca Security and Wiz are closely competitive in functionality but Wiz holds a consistent edge in user satisfaction ratings as of 2023. | 中 | SU027, SU012 |
| CU011 | Autodesk is a publicly referenced Orca Security enterprise customer, using the platform to secure a multi-cloud environment spanning AWS and Azure. | 高 | SU011, SU016, SU006 |
| CU012 | Robinhood is a publicly referenced Orca Security customer, deploying the platform to meet financial regulatory compliance obligations in a cloud-native environment. | 高 | SU011, SU016 |
| CU013 | Databricks is a publicly referenced Orca Security customer, using the platform for cloud security across large-scale AWS and Azure data workloads. | 中 | SU011 |
| CU014 | DigitalOcean is a publicly referenced Orca Security customer, deploying agentless cloud security to protect its own professionally operated cloud infrastructure. | 中 | SU011 |
| CU015 | Check Point Software is a publicly referenced Orca Security customer, a notable endorsement from a major cybersecurity vendor adopting an agentless cloud security platform. | 中 | SU011, SU010 |
| CU016 | Orca's primary customer use case is replacing legacy agent-based cloud security tools with an agentless platform that reduces deployment friction and operational overhead. | 高 | SU010, SU004 |
| CU017 | A key secondary use case is dramatically reducing time-to-first-finding: Orca customers cite achieving full cloud visibility within hours of deployment versus days or weeks with agent-based tools. | 中 | SU010, SU013 |
| CU018 | Customer retention is enhanced by deep cloud posture data integration and operational dependency on Orca's continuous scanning results embedded in security workflows. | 中 | SU010, SU026 |
| CU019 | Orca's bidirectional integrations with JIRA, Slack, PagerDuty, and Splunk create significant operational switching costs as security workflows become dependent on Orca-sourced risk data. | 高 | SU026, SU023 |
| CU020 | Typical annual contract values for Orca mid-market customers range from approximately $50,000 to $250,000 ARR, based on cloud account volume and workload scope. | 低 | SU006, SU022 |
| CU021 | Enterprise Orca contracts frequently exceed $500,000 ARR, reflecting large multi-cloud deployments with hundreds of cloud accounts across AWS, Azure, and GCP. | 低 | SU008, SU022 |
| CU022 | Orca's land-and-expand motion is driven by per-cloud-account pricing: as customers grow their cloud footprints, ARR expands without requiring a new sales cycle. | 高 | SU010, SU023 |
| CU023 | Orca Security raised $210 million in Series B financing in December 2021 to accelerate global adoption of its agentless cloud security platform. | 高 | SU003, SU015, SU021 |
| CU024 | Orca Security raised $340 million in Series C financing in October 2022 at a $1.8 billion valuation, with press materials referencing 800+ enterprise customers. | 高 | SU006, SU008, SU022 |
| CU025 | Churn risk is elevated relative to earlier periods due to Wiz's strong product momentum, competitive enterprise deal wins, and growing review score advantage on G2. | 中 | SU027, SU020 |
| CU026 | CloudZero's independent review of Orca Security identifies notable limitations in cost allocation visibility and multi-tenant billing management as weaknesses relative to alternatives. | 中 | SU020 |
| CU027 | Gartner recognizes Orca Security in its CNAPP and cloud workload protection research, including coverage on Gartner Peer Insights for the cloud-native application protection platforms market. | 高 | SU013, SU017 |
| CU028 | Forrester covers Orca Security in its cloud workload security and CNAPP market landscape research, providing independent analyst validation of the company's market position. | 中 | SU005, SU018 |
| CU029 | Orca's agentless architecture delivers full cloud asset visibility without installing endpoint agents, providing faster time-to-value and eliminating agent management overhead for enterprise customers. | 高 | SU003, SU010 |
| CU030 | The typical Orca enterprise deal involves a CISO or VP of Security as economic buyer, with a cloud security engineer or DevOps lead as technical champion and primary evaluator. | 中 | SU010, SU013 |
| CU031 | Customers in regulated industries—financial services, healthcare, and retail—adopt Orca primarily to automate continuous compliance monitoring for HIPAA, SOC 2, and PCI-DSS requirements. | 中 | SU011, SU013 |
| CU032 | Orca Security secured its first marquee enterprise customers in 2020, including Autodesk and Robinhood, following its commercial launch in 2019. | 中 | SU016, SU015 |
| CU033 | By the end of 2021, Orca had surpassed 200 paying enterprise customers, a milestone coinciding with the close of its $210 million Series B financing. | 中 | SU021, SU015 |
| CU034 | Orca reached approximately 500+ customers in the first half of 2022 before achieving the 800+ milestone announced with the Series C in October 2022. | 低 | SU006, SU022 |
| CU035 | G2 comparison data shows Wiz gaining market share relative to Orca in new customer acquisition, with Wiz achieving higher review volume and satisfaction scores as of 2023. | 中 | SU027, SU012 |
| CU036 | Orca maintains an extensive partner ecosystem including cloud providers AWS, Azure, and GCP, plus MSSP partners and technology integrators that support customer acquisition and expansion. | 高 | SU023, SU026 |
| CU037 | Prisma Cloud by Palo Alto Networks holds a G2 rating of approximately 4.1 out of 5, below Orca Security's 4.5, indicating Orca has a customer satisfaction advantage over this major incumbent. | 中 | SU012 |
| CU038 | CrowdStrike Horizon holds a G2 rating of approximately 4.3 out of 5, below both Orca and Wiz, suggesting Orca competes favorably against CrowdStrike on customer satisfaction metrics. | 中 | SU012 |
| CU039 | The technology and SaaS vertical represents the largest concentration of Orca reference customers, reflecting strong product-market fit with cloud-native engineering organizations. | 中 | SU011, SU010 |
| CU040 | Compliance automation for continuous HIPAA, SOC 2, and PCI-DSS monitoring is a key retention driver for regulated industry customers, creating high inertia against switching platforms. | 中 | SU011, SU013 |
| CU041 | Reuters reported in July 2023 that Orca Security filed a lawsuit against Wiz alleging copyright infringement and misappropriation of trade secrets, reflecting intense competitive rivalry between the two vendors. | 中 | SU009, SU027 |
| CU042 | Orca Security participates in AWS, Azure, and GCP marketplace co-sell programs, embedding the platform in cloud procurement conversations and accelerating enterprise customer acquisition. | 高 | SU023, SU026 |
| CR001 | Wiz has raised over $1 billion in venture funding at a valuation exceeding $12 billion, creating a significant capital advantage over Orca Security in the CNAPP market. | 高 | SR008, SR024, SR023 |
| CR002 | Wiz's estimated ARR of approximately $300 million as of mid-2023 exceeds Orca Security's estimated ARR range of $100-200 million, representing a significant and growing revenue gap. | 中 | SR007, SR019, SR023 |
| CR003 | Wiz raised $300 million at a $10 billion valuation in February 2023 in a Series D round, providing capital for aggressive enterprise hiring and customer acquisition efforts. | 高 | SR008, SR010, SR024 |
| CR004 | Orca Security holds a first-mover advantage in agentless cloud security scanning, having pioneered the SideScanning technology before competitors adopted similar approaches. | 高 | SR016, SR017 |
| CR005 | AWS Security Hub, Microsoft Defender for Cloud, and Google Security Command Center offer free or deeply discounted CSPM functionality bundled with cloud services, creating structural price competition in the lower-end market segment for cloud security. | 高 | SR001, SR029, SR014 |
| CR006 | Palo Alto Networks Prisma Cloud offers a comprehensive CNAPP suite backed by a roughly $65 billion market-cap company with a large enterprise security installed base. | 高 | SR007, SR014 |
| CR007 | CrowdStrike is expanding its cloud security capabilities through Falcon Cloud Security, benefiting from integration into a $35 billion-plus endpoint and identity security platform. | 中 | SR024, SR023 |
| CR008 | Lacework, Sysdig, and Aqua Security compete in the mid-market cloud security segment with specialized capabilities and combined venture funding of $100-500 million each. | 中 | SR007, SR029 |
| CR009 | The cloud security market is projected to grow from approximately $40 billion in 2023 to over $60 billion by 2028, representing a compound annual growth rate of approximately 8-12 percent driven by enterprise cloud adoption and regulatory requirements. | 中 | SR005, SR006, SR007, SR025 |
| CR010 | Orca Security's agentless differentiation is being eroded as Wiz and other competitors adopt similar agentless scanning approaches, reducing the defensibility of the technology as a standalone competitive differentiator in the enterprise market. | 中 | SR019, SR029, SR023 |
| CR011 | Orca Security filed a lawsuit against Wiz in July 2023 in U.S. District Court alleging trade secret misappropriation, copyright infringement, and tortious interference. | 高 | SR009, SR011, SR015 |
| CR012 | Orca's lawsuit against Wiz alleges that Wiz hired approximately eight former Orca employees who carried proprietary code and internal knowledge to Wiz's product team. | 高 | SR009, SR015 |
| CR013 | The Orca vs. Wiz lawsuit includes claims of copyright infringement related to alleged copying of proprietary source code and product architecture developed at Orca Security. | 高 | SR011, SR015 |
| CR014 | Trade secret litigation of the complexity alleged in the Orca vs. Wiz case typically requires two to four years to resolve and involves legal costs potentially reaching tens of millions of dollars with uncertain outcomes. | 中 | SR009, SR015 |
| CR015 | The Orca vs. Wiz litigation was filed in U.S. District Court, providing federal court jurisdiction over both the trade secret and copyright claims alleged by Orca. | 高 | SR015, SR009 |
| CR016 | Wiz may seek to file counter-claims against Orca Security in the ongoing litigation, potentially exposing Orca to additional legal costs and reputational risk. | 中 | SR015, SR009 |
| CR017 | The ongoing IP litigation with Wiz creates management distraction at Orca Security that diverts executive attention and financial resources from product development and enterprise sales execution. | 中 | SR009, SR023 |
| CR018 | Orca Security holds intellectual property in its SideScanning technology through trade secrets and copyright protections in its proprietary source code and product architecture. | 中 | SR016, SR017 |
| CR019 | The FTC has established enforcement precedent for holding technology companies accountable for inadequate data security practices, including financial penalties reaching into the tens of millions of dollars. | 中 | SR003 |
| CR020 | CISA cloud security guidelines and advisories create compliance expectations for federal agency customers procuring cloud security tools, directly shaping vendor selection requirements for platforms like Orca Security's CNAPP. | 高 | SR001, SR002 |
| CR021 | Orca Security acts as a data processor under GDPR Article 28 for EU-domiciled customers because its SideScanning technology reads customer cloud environment snapshots that may contain personal data subject to European data protection law. | 高 | SR001, SR022 |
| CR022 | Healthcare industry customers require Orca Security to sign HIPAA Business Associate Agreements before deploying the platform in environments that process protected health information. | 中 | SR028, SR016 |
| CR023 | Orca Security has obtained SOC 2 Type II certification through an independent audit of its security controls, which is a key requirement for enterprise and regulated industry customer procurement. | 高 | SR030, SR028, SR016 |
| CR024 | Orca Security has obtained ISO 27001 certification, demonstrating compliance with the international standard for information security management systems. | 高 | SR016, SR028 |
| CR025 | CISA's cloud security guidelines establish a regulatory framework shaping procurement requirements for cloud security vendors serving U.S. federal and critical infrastructure entities. | 高 | SR001, SR002 |
| CR026 | The FTC's enforcement authority over data security practices creates regulatory exposure for cloud security vendors that experience breaches or inadequately protect customer data they access during scanning operations. | 中 | SR003 |
| CR027 | Data residency laws in the European Union and Asia-Pacific region create geographic compliance complexity for Orca Security's cloud scanning operations and require data localization or cross-border transfer controls. | 高 | SR001, SR002 |
| CR028 | Orca Security publishes a comprehensive privacy policy that addresses data collection, processing, retention, and customer data rights under applicable privacy regulations including GDPR and CCPA. | 中 | SR022 |
| CR029 | PCI-DSS compliance is required for Orca Security deployments in financial services environments that process, store, or transmit cardholder data, requiring specific scoping and access controls. | 中 | SR028, SR016 |
| CR030 | The SEC's 2023 cybersecurity disclosure rules require material cybersecurity incidents to be disclosed within four business days, affecting Orca Security's public-company customers and creating downstream vendor accountability obligations. | 中 | SR020 |
| CR031 | Orca Security's agentless SideScanning architecture depends on AWS EC2 snapshot, Azure Managed Disk export, and GCP persistent-disk APIs to scan customer workloads without agent deployment on individual hosts. | 高 | SR016, SR017 |
| CR032 | Breaking changes or deprecations in cloud provider snapshot and disk export APIs could simultaneously disrupt Orca Security's scanning functionality across all customer accounts, representing a systemic single-point-of-failure risk. | 中 | SR017, SR001 |
| CR033 | Co-founders Avi Shua as CEO and Gil Geron as CTO are actively involved in Orca Security's product strategy, enterprise sales, and company leadership. | 高 | SR016, SR027 |
| CR034 | Orca Security employed approximately 400 people as of 2023, based on press reports and company disclosures around the Series C financing round. | 中 | SR008, SR013 |
| CR035 | Orca Security's lawsuit against Wiz alleges that approximately eight former Orca employees were hired by Wiz, representing targeted talent acquisition that also carried significant proprietary knowledge risk for Orca. | 高 | SR009, SR015 |
| CR036 | Orca Security has introduced agent-based components for runtime container security and Kubernetes posture management, which partially contradicts its core agentless brand positioning and adds deployment complexity for customers. | 中 | SR017, SR016 |
| CR037 | AWS Marketplace and Azure Marketplace are primary distribution channels for Orca Security, enabling enterprise customers to procure the platform through existing cloud spending commitments and preferred procurement vehicles. | 高 | SR016, SR028 |
| CR038 | Structural channel conflict exists between Orca Security and cloud hyperscalers, which simultaneously act as distribution partners through their marketplaces and as direct competitors through native security services like AWS Security Hub and Azure Defender. | 中 | SR014, SR019 |
| CR039 | Orca Security raised $340 million in Series C financing in October 2022, co-led by CapitalG and Coatue Management, at a post-money valuation of $1.8 billion. | 高 | SR008, SR021, SR027 |
| CR040 | Orca Security's total disclosed venture funding across Series A, B, and C rounds amounts to approximately $592 million based on SEC Form D filings. | 高 | SR021, SR008, SR012 |
| CR041 | CapitalG, Google's growth equity fund, and Coatue Management co-led Orca Security's $340 million Series C, providing strategic cloud ecosystem validation alongside institutional capital. | 高 | SR027, SR008 |
| CR042 | The cloud security market is estimated to grow at a compound annual growth rate of approximately 8-15 percent through 2028, driven by enterprise cloud adoption and increasing regulatory requirements across global markets. | 中 | SR005, SR006, SR007, SR025 |
| CR043 | Orca Security's $1.8 billion valuation was established at the peak of the 2021-2022 high-growth software investment cycle and may be difficult to maintain or exceed in a 2025-2026 financing environment with compressed SaaS revenue multiples. | 中 | SR008, SR024 |
| CR044 | Based on the $340 million Series C and estimated operational expenses for a company of Orca's scale, the company is estimated to have 3-4 years of cash runway from the 2022 fundraise assuming continued growth investment levels. | 中 | SR008, SR024 |
| CR045 | A potential down-round in Orca Security's next financing event is plausible if ARR growth decelerates below 40-50 percent year-over-year, given current compressed software valuation multiples across the enterprise security sector. | 低 | SR014, SR024 |
| CV001 | Orca Security raised $340 million in Series C funding at a $1.8 billion post-money valuation in October 2022. | 高 | SV001, SV011, SV023 |
| CV002 | Temasek Holdings led the Series C round at the $1.8 billion post-money valuation. | 高 | SV030, SV001, SV011 |
| CV003 | Orca Security raised $210 million in its Series B financing at approximately $1.2 billion post-money valuation in November 2021. | 中 | SV002 |
| CV004 | ICONIQ Capital and CapitalG co-led the Series B financing in November 2021. | 中 | SV003, SV004 |
| CV005 | Total capital raised by Orca Security reaches approximately $628 million across all rounds through the Series C. | 中 | SV011, SV014 |
| CV006 | Orca Security's seed funding round was approximately $6 million in 2019, seeding initial product development. | 低 | SV019 |
| CV007 | Orca Security raised approximately $68 million in its Series A financing in March 2021. | 中 | SV019, SV010 |
| CV008 | SEC EDGAR Form D filings confirm Orca Security has conducted all funding rounds as Regulation D exempt private placements. | 高 | SV012, SV013 |
| CV009 | Orca's implied revenue multiple at the $1.8 billion valuation is estimated at 9x–18x based on an ARR range of $100–200 million. | 中 | SV001, SV010 |
| CV010 | No new primary financing round at a different post-money valuation has been publicly announced since the October 2022 Series C. | 中 | SV019, SV020 |
| CV011 | Wiz raised $1 billion at a $12 billion valuation in June 2024, implying an approximately 6.7x premium to Orca's last-round mark. | 中 | SV025, SV021 |
| CV012 | Orca's estimated ARR as of early 2026 is in the range of $100–200 million based on analyst databases and revenue multiple analysis. | 低 | SV010, SV020 |
| CV013 | CrowdStrike trades at approximately 22x next-twelve-month revenue as of early 2025, reflecting platform leadership and superior growth rates. | 中 | SV015, SV021 |
| CV014 | Palo Alto Networks (Prisma Cloud) trades at approximately 12x NTM revenue on a blended portfolio basis as of early 2025. | 中 | SV015, SV021 |
| CV015 | Qualys trades at approximately 12x NTM revenue, providing a floor multiple for a scaled pure-play cloud security posture management vendor. | 中 | SV015 |
| CV016 | Peer median NTM revenue multiple for public cloud security SaaS comparables is approximately 12–15x as of early 2025. | 中 | SV015, SV021 |
| CV017 | Wiz's $12 billion valuation in 2024 implies approximately 24x ARR multiple, reflecting CNAPP market-share leadership. | 中 | SV025, SV021 |
| CV018 | The cloud security total addressable market is projected to reach $50B–$77B by 2026 per IDC and MarketsandMarkets. | 中 | SV009, SV016 |
| CV019 | Cloud security market is growing at approximately 15–20% CAGR per IDC and MarketsandMarkets analyst forecasts. | 中 | SV009, SV016 |
| CV020 | Gartner named Orca Security a Magic Quadrant Leader for Cloud-Native Application Protection Platforms in April 2024. | 中 | SV015, SV021 |
| CV021 | Forrester identifies CNAPP as one of the fastest-growing cloud security segments driven by multi-cloud adoption. | 中 | SV027 |
| CV022 | The conditional positive investment recommendation for Orca Security is based on market leadership, technology moat, and institutional investor quality, contingent on ARR and NRR verification. | 中 | SV001, SV010 |
| CV023 | Primary thesis-break triggers include Wiz capturing >50% CNAPP market share, an adverse litigation outcome against Orca, and a down-round financing event below $1.5B. | 中 | SV025, SV020 |
| CV024 | The base-case exit scenario is a strategic acquisition at $1.5B–$2.5B by a hyperscaler or enterprise security platform vendor. | 低 | SV021, SV009 |
| CV025 | The bull-case exit requires Orca achieving $250–350 million ARR and favorable capital market conditions, yielding a $3B–$5B exit value. | 低 | SV009, SV021 |
| CV026 | The bear case envisions a down-round or flat valuation of $0.9B–$1.5B if Wiz dominates CNAPP and Orca's ARR growth stagnates. | 低 | SV025, SV020 |
| CV027 | Orca Security filed a lawsuit against Wiz in July 2023 alleging trade secret theft and copyright infringement. | 中 | SV025 |
| CV028 | No public resolution of the Orca versus Wiz lawsuit has been announced as of May 2026, leaving IP risk unresolved. | 中 | SV020, SV019 |
| CV029 | Gil Geron replaced co-founder Avi Shua as CEO of Orca Security in March 2023. | 中 | SV014 |
| CV030 | The CEO transition from Avi Shua to Gil Geron introduces execution risk during the critical post-Series C growth phase. | 中 | SV020, SV010 |
| CV031 | AWS, Microsoft Azure, Google Cloud, Palo Alto Networks, and Cisco are identified as the five most plausible strategic acquirers for Orca Security. | 低 | SV021, SV009 |
| CV032 | Orca's investor syndicate (Temasek, ICONIQ Capital, CapitalG) collectively manages substantial assets and has deep relationships with strategic acquirers in cloud infrastructure. | 中 | SV003, SV004, SV030 |
| CV033 | The IPO market for cybersecurity SaaS has been largely closed in 2023–2025, potentially reopening in 2026–2027 if market conditions normalize. | 中 | SV020, SV021 |
| CV034 | Orca would need at least $200M ARR with NRR above 110% and a path to positive free cash flow to support a public market listing. | 中 | SV010, SV021 |
| CV035 | GlobeNewswire and PR Newswire both confirmed the October 2022 Series C terms of $340 million at $1.8 billion valuation on the same date, providing strong corroboration. | 高 | SV029, SV011 |
| CV036 | Statista projects the global cloud security market at approximately $62 billion by 2026. | 中 | SV017 |
| CV037 | Crunchbase confirms Orca Security's total capital raised at approximately $628 million across all funding rounds. | 中 | SV019 |
| CV038 | CB Insights tracks Orca Security as an active venture-backed cybersecurity company without publicly confirming revenue or ARR figures. | 中 | SV020 |
| CV039 | IDC projects the cloud security addressable market at $77 billion by 2026, providing the high-end TAM anchor for Orca's market thesis. | 中 | SV009 |
| CV040 | PitchBook estimates Orca's post-money valuation at $1.8 billion with total raised of $628 million as of October 2022. | 中 | SV010 |
| CV041 | VentureBeat reported that Orca's $340 million Series C specifically targets CNAPP market consolidation and product expansion. | 中 | SV018 |
| CV042 | Security Boulevard noted that Orca's $1.8B valuation aligns with 2022-vintage cloud security SaaS market benchmarks, consistent with the peer multiple range. | 中 | SV007 |
| CV043 | MarketsandMarkets projects cloud security market CAGR of approximately 17.5% through 2026, consistent with the growth narrative supporting Orca's valuation. | 中 | SV016 |
| CV044 | Gartner's CNAPP Magic Quadrant leadership designation signals Orca's pricing power and customer retention potential relative to non-leader competitors. | 中 | SV015, SV021 |
| 编号 | 出版方 | 标题 | 引文 |
|---|---|---|---|
| SO001 | Orca Security | About Orca Security — Leadership, Mission, and Investors | "Our mission is to empower people and organizations to thrive securely in the cloud. … having raised nearly $630 million in combined funds at a $1.8 billion valuation." |
| SO002 | Orca Security | Orca Security Homepage | "The pioneer in agentless cloud security." |
| SO003 | Orca Security | Orca Security Platform | "The Orca Cloud Native Application Protection Platform (CNAPP) is built on Orca's patented SideScanning technology." |
| SO004 | Orca Security | Orca Security Partners — AWS and Google Cloud | "Advanced AWS Security Competency Partner … 2022 AWS Global Security Partner of the Year … Google Advantage Partner." |
| SO005 | Orca Security | What Is CNAPP? Cloud-Native Application Protection Platform Explained | "CNAPP stands for Cloud-Native Application Protection Platform — a unified security solution that protects cloud-native applications across the software development lifecycle." |
| SO006 | Orca Security | Orca Security Announces $55M Series B Funding Round | "We're proud to announce a 55M USD series B financing round led by ICONIQ Capital, bringing overall Orca Security funding to over $82M since its inception less than two years ago." |
| SO007 | Orca Security | Paidy Case Study — Multi-Cloud Visibility and Cost Savings | "Paidy Turns to Orca Security for Multi-Cloud Visibility, Saves Two FTEs and $500,000/Year in Cloud Security Management Costs." |
| SO008 | Orca Security | Digital Turbine Case Study | "Orca adds value practically from the first day of use. With other tools, we wait months to see value coming from them." — Vivek Menon, VP & CISO, Digital Turbine |
| SO009 | Orca Security | Orca Security Solutions — Agentless CNAPP Platform | "As a purpose-built CNAPP Platform, Orca addresses all of your cloud security needs including CSPM, CWPP, CIEM, DSPM, Vulnerability Management, API Security, Compliance, and more — in a single, centralized platform." |
| SO010 | Orca Security | Orca Security AI Security Posture Management Webinar | "AI Security Posture Management (AI SPM) addresses the security of AI models, datasets, and pipelines within your cloud environment." |
| SO011 | Orca Security | Customer Case Studies — Orca Security | "4.6/5 … 4.8/5 … Autodesk … Paidy … Digital Turbine." |
| SO012 | Forbes | Orca Security Company Profile — Forbes Cloud 100 | "$650 million in funding and a $1.8 billion valuation … CEO Avi Shua passed the baton to Gil Geron in March 2023 … July lawsuit against rival company Wiz … over allegations including copyright infringement." |
| SO013 | Gartner | Orca Security — Gartner Peer Insights CNAPP Vendor Profile | "Orca Security … Cloud-Native Application Protection Platforms market." |
| SO014 | Gartner | Orca Security — Gartner Peer Insights Reviews | "Customer reviews of Orca Security in the Cloud-Native Application Protection Platforms market." |
| SO015 | G2 | Orca Security Reviews on G2 | "280+ reviews from G2." |
| SO016 | Orca Security — LinkedIn Company Page | "127K followers … agentless cloud security pioneer for AWS, Azure, Google Cloud, Kubernetes." | |
| SO017 | Dark Reading | Orca Sues Wiz for Trade Secret Theft and Copyright Infringement | "Orca Security has filed a lawsuit against Wiz for alleged trade secret theft and copyright infringement." |
| SO018 | SiliconANGLE | Orca Security Raises $340M Series C Funding at $1.8B Valuation | "Orca Security … raises $340 million in Series C funding at a $1.8 billion valuation." |
| SO019 | SiliconANGLE | Orca Security Raises $210M Series B for Agentless Cloud Security | "Orca Security … raises $210 million in extended Series B financing … $1.2 billion valuation." |
| SO020 | CNBC | Orca Security Raises $340 Million at $1.8 Billion Valuation | "Orca Security raises $340 million at a $1.8 billion valuation." |
| SO021 | InfoQ | Orca Security Sues Wiz for Trade Secret Theft and Copyright Infringement | "Orca Security filed a lawsuit against Wiz, alleging the company stole trade secrets and violated copyrights after hiring former Orca employees." |
| SO022 | Investing.com | Orca Security Sues Wiz for Trade Secret Theft and Copyright Infringement | "Orca Security Sues Wiz for Trade Secret Theft and Copyright Infringement." |
| SO023 | Accel | Orca Security — Accel Portfolio | "Orca Security … Accel portfolio company." |
| SO024 | Help Net Security | Orca Security Raises $210 Million in Series B Financing | "Orca Security raises $210 million in Series B financing." |
| SO025 | TechCrunch | Orca Security Coverage — TechCrunch Tag Page | "TechCrunch coverage of Orca Security." |
| SM001 | Grand View Research | Cloud Security Market Size And Share | Industry Report, 2030 | "The global cloud security market size was estimated at USD 35.84 billion in 2024 and is projected to reach USD 75.26 billion by 2030, growing at a CAGR of 13.3% from 2025 to 2030." |
| SM002 | Grand View Research | Cloud-native Application Protection Platform Market Report 2030 | "The global cloud-native application protection platform market size was estimated at USD 9.79 billion in 2023 and is projected to reach USD 38.01 billion by 2030, growing at a CAGR of 21.8% from 2024 to 2030." |
| SM003 | IBM Security / Ponemon Institute | Cost of a Data Breach Report 2025 | "4.4M — The global average cost of a data breach, in USD, a 9% decrease over last year — driven by faster identification and containment. 97% — Share of organizations that reported an AI-related security incident and lacked proper AI access controls." |
| SM004 | National Institute of Standards and Technology (NIST) | Cybersecurity and Privacy — NIST Programs and Resources | "NIST develops cybersecurity and privacy standards, guidelines, best practices, and resources to meet the needs of U.S. industry, federal agencies, and the broader public. The President's Executive Order (EO) on Sustaining Select Efforts to Strengthen the Nation's Cybersecurity … issued on June 6, 2025, charges multiple agencies – including NIST – to strengthen the nation's cybersecurity." |
| SM005 | Cloud Security Alliance | Blog — Cloud Security Alliance | "Attackers Don't Need Zero-Days When Cloud Misconfigurations Are Everywhere. Runtime Is Where Cloud Security Really Counts: The Importance of Detection, Forensics and Real-Time Architecture Awareness." |
| SM006 | Thales Group | Cloud Data Security Solutions | "Relying only on native cloud security tools isn't enough to protect today's complex environments. Thales tackles critical challenges by keeping data encrypted until it's used." |
| SM007 | U.S. Department of Health and Human Services | The HIPAA Security Rule | |
| SM008 | PCI Compliance Guide | A Complete Guide to PCI Compliance | "According to Verizon, less than 50% manage to fully maintain compliance year on year." |
| SM009 | The Register | Security News | The Register | "Welcome to the vulnpocalypse, as vendors use AI to find bugs and patches multiply like rabbits." |
| SM010 | Google Cloud | Cloud Compliance and Regulations Resources | "Google Cloud creates and shares mappings of our industry-leading security, privacy, and compliance controls to standards from around the world." |
| SM011 | Amazon Web Services | AWS Cloud Security | "AWS helps organizations to develop and evolve security, identity, and compliance into key business enablers. At AWS, security is our top priority." |
| SM012 | SecurityWeek | Cloud Security Alliance SDP Framework | |
| SM013 | Gartner Peer Insights | Best Cloud-Native Application Protection Platforms Reviews 2026 | "Best Cloud-Native Application Protection Platforms Reviews 2026 | Gartner Peer Insights." |
| SM014 | Dark Reading | Cloud Security Recent News | Dark Reading | |
| SM015 | TechCrunch | cloud security | TechCrunch | |
| SM016 | Orca Security | Blog Overview — Orca Security Resources | |
| SM017 | Orca Security | About Orca Security — Leadership, Mission, and Investors | "Our mission is to empower people and organizations to thrive securely in the cloud … having raised nearly $630 million in combined funds at a $1.8 billion valuation." |
| SM018 | Orca Security | Orca Security Platform | "The Orca Cloud Native Application Protection Platform (CNAPP) is built on Orca's patented SideScanning technology." |
| SM019 | Orca Security | Orca Security Solutions — Agentless CNAPP Platform | |
| SM020 | Orca Security | What Is CNAPP? Cloud-Native Application Protection Platform Explained | "Cloud-Native Application Protection Platforms (CNAPPs) provide a purpose-built solution to building and protecting cloud native applications from pre-production to runtime and real time security." |
| SM021 | Orca Security | Orca Security Customer Case Studies | |
| SM022 | Orca Security | Orca Security Partners — AWS and Google Cloud | |
| SM023 | Orca Security | Orca Security AI Security Posture Management | |
| SM024 | Gartner Peer Insights | Orca Security Reviews on Gartner Peer Insights | |
| SM025 | SiliconAngle | Orca Security Raises $340M Series C Funding at $1.8B Valuation | |
| SM026 | HelpNet Security | Orca Security Raises $210 Million for Agentless Cloud Security | |
| SM027 | Forbes | Orca Security — Forbes Company Profile | |
| SM028 | G2 | Orca Security Reviews and Ratings | |
| SP001 | Orca Security | Trusted Cloud Security Platform — Orca Security | "The agentless cloud security pioneer. The Orca Cloud Native Application Protection Platform (CNAPP) is built on Orca's patented SideScanning technology that scans your entire cloud estate." |
| SP002 | Orca Security | About Us — Cloud Security Innovation | "Orca is the industry's first agentless cloud security solution, providing customers with comprehensive and lightweight coverage never seen before. With a patent for this revolutionary SideScanning™ technology." |
| SP003 | Orca Security | Agentless vs. Agent-Based Security — Orca Security Blog | "The global cloud security market value will reach approximately $156 billion (USD) by 2032, more than three times its value in 2024." |
| SP004 | Wiz | Wiz Cloud and AI Security Platform | "Built for cloud and AI, Wiz AI-APP is the platform to secure your AI applications from code to runtime." |
| SP005 | Wiz | About Wiz | "of Fortune 100 are customers — 50%" |
| SP006 | Wiz | Wiz Customers — 50% of Fortune 100 Trust Wiz | "The cloud security platform behind 50% of Fortune 100. Trusted by security teams all over the world." |
| SP007 | Wiz | Wiz Blog — Latest stories about Cloud Security | |
| SP008 | Palo Alto Networks | Prisma Cloud — Comprehensive Cloud Security (Cortex Cloud) | "Prisma Cloud analyzes 1T events every 24 hours to deliver unparalleled visibility and keep security teams steps ahead of attacks." |
| SP009 | CrowdStrike | CrowdStrike Falcon Cloud Security — Modern Security From Code to Cloud | "Battle-tested in MITRE's first-ever cloud evaluation, CrowdStrike achieved 100% detection and protection with zero false positives." |
| SP010 | Aqua Security | Aqua Cloud Native Application Security | |
| SP011 | Aqua Security | Aqua Platform — CNAPP for Cloud Native Environments | "The Aqua Platform, a Cloud Native Application Protection Platform (CNAPP), integrates security from Code to Cloud … protecting over 500 of the world's largest enterprises." |
| SP012 | Aqua Security | What is CNAPP? Components, Challenges and Benefits | |
| SP013 | Sysdig | Sysdig — Cloud Security Starts at Runtime | |
| SP014 | Sysdig | Sysdig Platform — Real-Time Cloud Defense | "Powered by Falco, Sysdig's runtime insights reveal what's actually in use — helping teams prioritize real risk, detect threats in real time, and respond with confidence." |
| SP015 | Microsoft | Microsoft Defender for Cloud | "Microsoft Defender for Cloud is an integrated cloud-native application protection platform (CNAPP) that helps protect your applications and infrastructure across hybrid and multicloud environments." |
| SP016 | Amazon Web Services | AWS Security Hub — Unified Security Operations Solution | |
| SP017 | Amazon Web Services | Amazon GuardDuty — Intelligent Threat Detection | "Amazon GuardDuty uses AI and ML with integrated threat intelligence from AWS and leading third parties to help protect your AWS accounts, workloads, and data." |
| SP018 | Google Cloud | Security Command Center — Essential Security for Google Cloud | "Security Command Center delivers default always-on security for cloud and AI workloads on Google Cloud." |
| SP019 | Gartner | Best Cloud-Native Application Protection Platforms Reviews 2026 | |
| SP020 | Gartner | Wiz Reviews, Ratings and Features 2026 — Gartner Peer Insights | |
| SP021 | Gartner | Palo Alto Networks Reviews, Ratings and Features 2026 — Gartner Peer Insights | |
| SP022 | Gartner | CrowdStrike Reviews, Ratings and Features 2026 — Gartner Peer Insights | |
| SP023 | Gartner | Orca Security Reviews, Ratings and Features 2026 — Gartner Peer Insights | |
| SP024 | Dark Reading | Cloud Security — Latest News and Analysis | |
| SP025 | G2 | Best Cloud Security Posture Management (CSPM) Software 2026 | |
| SI001 | BusinessWire / Orca Security | Orca Security Raises $340 Million Series C at $1.8 Billion Valuation | Orca Security, the pioneer of agentless cloud security, today announced it has raised $340 million in Series C funding at a $1.8 billion valuation. |
| SI002 | BusinessWire / Orca Security | Orca Security Raises $210 Million Series B to Bring Agentless Cloud Security to the Enterprise | |
| SI003 | GlobeNewswire | Orca Security Raises $340 Million Series C at $1.8 Billion Valuation | |
| SI004 | SEC EDGAR | SEC EDGAR Form D Search — Orca Security | SEC EDGAR confirms Orca Security has Form D filings consistent with Regulation D exempt fundraising. |
| SI005 | SEC EFTS | SEC EFTS Full-Text Search — Orca Security Form D filings 2019–2023 | |
| SI006 | Google Cloud | Orca Security — Google Cloud Security Partner | Orca Security is an official Google Cloud ISV security partner with confirmed marketplace integration. |
| SI007 | GitHub | Orca Security — GitHub Organization (orcasecurity) | |
| SI008 | SecurityWeek | Security Firm Orca Faces Intensifying Competition in Crowded Cloud Security Market | Orca faces intensifying competition in the crowded cloud security market, particularly from Wiz which has grown faster to enterprise scale. |
| SI009 | BusinessWire / Orca Security | Orca Security Names Gil Geron as New Chief Executive Officer | |
| SI010 | GlobeNewswire | Orca Security Raises $210 Million in Series B Financing to Accelerate Global Adoption of Agentless Cloud Security | |
| SI011 | BusinessWire / Orca Security | Orca Security Raises $550 Million in Total Funding | |
| SI012 | Temasek | Temasek Invests in Orca Security | Temasek confirmed its investment in Orca Security's Series C funding round. |
| SI013 | GlobeNewswire | Orca Security Earns Gartner Magic Quadrant Leader Designation for CNAPP | |
| SI014 | Orca Security | Autodesk Customer Case Study — Orca Security | |
| SI015 | Orca Security | About Orca Security | nearly $630 million in combined funds at a $1.8 billion valuation |
| SI016 | Forbes | Orca Security Company Profile | $650 million in funding and a $1.8 billion valuation |
| SI017 | Orca Security — LinkedIn Company Page | ||
| SI018 | G2 | Orca Security Reviews — G2 | |
| SI019 | Gartner | Orca Security Peer Insights — CNAPP Market | |
| SI020 | SiliconAngle | Orca Security Raises $340M Series C Funding at $1.8B Valuation | |
| SI021 | SiliconAngle | Orca Security Raises $210M Series B for Agentless Cloud Security | |
| SI022 | CNBC | Orca Security Raises $340 Million at $1.8 Billion Valuation | |
| SI023 | HelpNet Security | Orca Security Raises $210 Million | |
| SI024 | Accel | Orca Security — Accel Portfolio | |
| SI025 | Orca Security | Orca Security Series B Funding Blog Post | |
| SI026 | CBInsights | Orca Security — CBInsights Company Profile | |
| SI027 | Wikipedia | Orca Security — Wikipedia | |
| SE001 | Orca Security | Orca Security Platform Overview | "The Orca Cloud Native Application Protection Platform (CNAPP) is built on Orca's patented SideScanning technology that scans your entire cloud estate." |
| SE002 | Orca Security | CNAPP Cloud Security Platform | "Orca unifies many different point solutions in one platform, such as CSPM, CWPP, CIEM, DSPM, Container Security, and much more." |
| SE003 | Orca Security | SideScanning — An MRI for Your Cloud Environment | "Orca's SideScanning technology integrates into your cloud environment to read the asset's run-time block storage while it's running. We're using open, read-only cloud API to read the same bits and bytes that the operating system reads and writes." |
| SE004 | Orca Security | Integration Directory | "Orca Security partners with leading technology vendors to identify, prioritize, and address cloud risks and share intelligence with powerful integrations." |
| SE005 | Orca Security | Cloud Security Technology and Channel Partners | "Orca is an Advanced AWS Security Competency Partner and the 2022 AWS Global Security Partner of the Year … available for purchase on the AWS Marketplace, Orca is integrated with 100+ AWS services and products." |
| SE006 | Orca Security | AI Security Posture Management Webinar | "As the adoption of AI models explodes, it's important that security is not overlooked. Since AI models often include sensitive data and intellectual property in their training data, these cloud resources are at an even greater potential risk." |
| SE007 | Orca Security | Agentless vs. Agent-Based Security — Detailed Comparison | "Agentless solutions provide visibility through snapshots of cloud environments. While providing organizations with near-real-time intelligence, it includes a slight delay and doesn't occur in actual time." |
| SE008 | Orca Security | Orca Security Solutions — Trusted Cloud Security Platform | "As a purpose-built CNAPP Platform, Orca addresses all of your cloud security needs including CSPM, CWPP, CIEM, DSPM, Vulnerability Management, API Security, Compliance, and more — in a single, centralized platform." |
| SE009 | Orca Security | About Orca Security — Cloud Security Pioneers | "With a patent for this revolutionary SideScanning™ technology, Orca pioneered the path for modern cloud security and continues on the path of innovation." |
| SE010 | Orca Security | Kubernetes Security Capabilities and Policies | "Role-based access control (RBAC), Security context settings, and Network policies are three security capabilities in Kubernetes that improve container cluster security." |
| SE011 | Orca Security | What Is CNAPP? Cloud-Native Application Protection Platform Explained | "CNAPP actually combines the capabilities of CSPM, CWPP, CIEM, DSPM, Kubernetes and container security, API security, and more." |
| SE012 | Orca Security | Autodesk Case Study — Securing Generative AI Applications on AWS | "Building secure generative AI applications: Autodesk scales with AWS and Orca Security." |
| SE013 | HashiCorp Terraform Registry | Terraform Provider: orcasecurity/orca | |
| SE014 | GitHub | Orca Security GitHub Organization | "orca-skills: Skills and plugins to accelerate security workflows with the Orca Cloud Platform … updated May 14, 2026." |
| SE015 | G2 | Orca Security Reviews and Product Details on G2 | "280+ reviews from G2 … Time to Implement: 1 month … The Orca Cloud Security Platform is built on Orca's patented SideScanning technology." |
| SE016 | Gartner | Orca Security Reviews, Ratings and Features — Gartner Peer Insights | "Orca Security Reviews, Ratings and Features 2026 — Cloud-Native Application Protection Platforms market." |
| SE017 | Dark Reading | Cloud Security Recent News — Dark Reading | |
| SE018 | Dark Reading | Orca Sues Wiz for Trade Secret Theft and Copyright Infringement | "Orca Security has filed a lawsuit against Wiz for alleged trade secret theft and copyright infringement." |
| SE019 | TechCrunch | Orca Security Coverage Archive | |
| SE020 | Help Net Security | Orca Security Platform Coverage | |
| SE021 | GlobeNewsWire | Orca Security Earns Gartner Magic Quadrant Leader Designation for CNAPP | |
| SE022 | GlobeNewsWire | Orca Security Becomes First Pure-Play CNAPP to Achieve AWS ISV Accelerate Status | |
| SE023 | Orca Security — LinkedIn Company Page | "127K followers … agentless cloud security pioneer for AWS, Azure, Google Cloud, Kubernetes." | |
| SE024 | Forbes | Orca Security Company Profile | "$650 million in funding and a $1.8 billion valuation … July lawsuit against rival company Wiz … over allegations including copyright infringement." |
| SE025 | SiliconANGLE | Orca Security Raises $210 Million Series B for Agentless Cloud Security | "Orca Security raises $210 million in extended Series B financing for agentless cloud security at a $1.2 billion valuation." |
| SE026 | Orca Security | Digital Turbine Case Study | "Orca adds value practically from the first day of use. With other tools, we wait months to see value coming from them." — Vivek Menon, VP and CISO, Digital Turbine |
| SE027 | Orca Security | Paidy Case Study — Multi-Cloud Visibility and Cost Savings | "Paidy saves two FTEs and $500,000 per year in cloud security management costs after deploying Orca Security." |
| SE028 | Orca Security | Orca Security Announces Series B Funding Round | "Our research team used the power of SideScanning technology to scan thousands of virtual appliances, helping hundreds of organizations (Dell, Cisco, IBM, Symantec, Splunk, Oracle) to improve the security posture of their solutions." |
| SE029 | BusinessWire | Orca Security Raises $210 Million Series B to Bring Agentless Cloud Security to the Enterprise | |
| SE030 | Help Net Security | Orca Security Earns Gartner Magic Quadrant Leader for CNAPP | |
| SU001 | TrustRadius | Orca Security Reviews on TrustRadius | |
| SU002 | PeerSpot | Orca Cloud Security Platform Reviews | |
| SU003 | ZDNet | Orca Security raises $210M in Series B to protect cloud workloads agentlessly | |
| SU004 | CSO Online | What is CNAPP? Cloud-Native Application Protection Platforms Explained | |
| SU005 | Forrester | Forrester CNAPP Market Research and Blogs | |
| SU006 | VentureBeat | Orca Security raises $340M at $1.8B valuation to tackle CNAPP market | |
| SU007 | Crunchbase | Orca Security Company Profile on Crunchbase | |
| SU008 | PR Newswire / Orca Security | Orca Security Raises $340 Million Series C at $1.8 Billion Valuation | |
| SU009 | Reuters | Orca Security sues Wiz for copyright infringement and trade secrets | |
| SU010 | Orca Security | Orca Security Platform Overview | |
| SU011 | Orca Security | Orca Security Customer Case Studies | |
| SU012 | G2 Reviews | Orca Security Reviews on G2 | |
| SU013 | Gartner Peer Insights | Orca Security Reviews on Gartner Peer Insights | |
| SU014 | VentureBeat | Orca Security AI-Powered Security Capabilities | |
| SU015 | PR Newswire | Orca Security Raises $210 Million in Series B Financing | |
| SU016 | Orca Security | Orca Security About Page | |
| SU017 | Gartner | Gartner Magic Quadrant for Cloud Workload Protection | |
| SU018 | Forrester | Forrester Cloud Workload Security Market Landscape | |
| SU019 | CSO Online | Cloud Security Trends and Enterprise Adoption | |
| SU020 | CloudZero | Orca Security Review: Features, Limitations, and Alternatives | |
| SU021 | VentureBeat | Orca Security raises $210 million in Series B to grow its agentless cloud security platform | |
| SU022 | Crunchbase | Orca Security Series C Funding Round on Crunchbase | |
| SU023 | Orca Security | Orca Security Partners and Ecosystem | |
| SU024 | Orca Security | Cloud Security Best Practices — Orca Security Blog | |
| SU025 | Gartner | Gartner Cloud Security Insights and Research | |
| SU026 | Orca Security | Orca Security Platform Integrations | |
| SU027 | G2 Reviews | Orca Security vs. Wiz Comparison on G2 | |
| SR001 | CISA | Cloud Security Resources | |
| SR002 | CISA | Cloud Security Threats and Advisories | |
| SR003 | FTC | FTC Enforcement Action on Data Security | |
| SR004 | BleepingComputer | Orca Security Coverage on BleepingComputer | |
| SR005 | Statista | Cloud Security Market Size Statistics | |
| SR006 | Statista | Worldwide Cloud Security Revenue | |
| SR007 | MarketsandMarkets | Cloud Security Market Report | |
| SR008 | Cybersecurity Dive | Orca Security Raises $340M Series C | |
| SR009 | Cybersecurity Dive | Orca Security Sues Wiz for Trade Secret Theft | |
| SR010 | CRN | Orca Security Raises $340M for Agentless Cloud Security | |
| SR011 | CRN | Orca Security Sues Wiz for Trade Secret Theft and Copyright Infringement | |
| SR012 | Computer Weekly | Orca Security Raises $210M Series B for Agentless Cloud Workload Protection | |
| SR013 | Computer Weekly | Orca Security Raises $340M Series C Funding Round | |
| SR014 | McKinsey | Cloud Security Spending Insights | |
| SR015 | Reuters | Orca Security Sues Wiz for Copyright Infringement and Trade Secrets | |
| SR016 | Orca Security | Orca Security Compliance Overview | |
| SR017 | Orca Security | Cloud Security Risks Blog | |
| SR018 | Orca Security | Cloud Security Checklist | |
| SR019 | Gartner | Cloud Workload Security Risks | |
| SR020 | SEC EDGAR | SEC Form D Filings for Orca Security | |
| SR021 | SEC EDGAR | Orca Security Form D Filings 2019-2023 | |
| SR022 | Orca Security | Orca Security Privacy Policy | |
| SR023 | Dark Reading | Orca Security Coverage on Dark Reading | |
| SR024 | SecurityWeek | Orca Security Raises $340M Series C Funding | |
| SR025 | IDC | IDC Cloud Security Market Size | |
| SR026 | Help Net Security | Orca Security 340 Million Series C | |
| SR027 | GlobeNewswire | Orca Security Raises $340 Million Series C at $1.8 Billion Valuation | |
| SR028 | Orca Security | Orca Security Cloud Compliance Solutions | |
| SR029 | Gartner | Gartner Cloud Security Insights | |
| SR030 | Orca Security | Orca Security SOC 2 Compliance Blog | |
| SV001 | Wall Street Journal | Orca Security Raises $340 Million at $1.8 Billion Valuation | Orca Security raised $340 million in a Series C funding round that values the cloud-security startup at $1.8 billion. |
| SV002 | Wall Street Journal | Orca Security Raises $210 Million as Cloud Adoption Accelerates | |
| SV003 | CapitalG | CapitalG Portfolio: Orca Security | |
| SV004 | ICONIQ Capital | ICONIQ Capital Portfolio: Orca Security | |
| SV005 | Geektime | Orca Security Raises $340M at $1.8B Valuation | |
| SV006 | TheStreet | Orca Security Raises $340M at $1.8B Valuation | |
| SV007 | Security Boulevard | Orca Security Closes $340M Series C at $1.8B Valuation | |
| SV008 | Protocol | Orca Security raises $340M | |
| SV009 | IDC | IDC Cloud Security Market Size | IDC projects the cloud security market to reach $77 billion by 2026 at a compound annual growth rate of approximately 15–20%. |
| SV010 | PitchBook | PitchBook Company Profile: Orca Security | |
| SV011 | PR Newswire | Orca Security Raises $340 Million Series C at $1.8 Billion Valuation to Continue Disrupting Cloud Security | Orca Security today announced it has raised $340 million in Series C funding at a $1.8 billion valuation, led by Temasek. |
| SV012 | SEC EDGAR | Orca Security Form D SEC Filings 2019–2023 | SEC EDGAR EFTS search confirms Orca Security Form D filings consistent with Regulation D exempt fundraising across multiple rounds. |
| SV013 | SEC EDGAR | SEC EDGAR Orca Security Form D Company Search | |
| SV014 | Orca Security | Orca Security About Page | |
| SV015 | Gartner | Gartner Magic Quadrant for Cloud Workload Protection Platforms | |
| SV016 | MarketsandMarkets | Cloud Security Market Report | |
| SV017 | Statista | Cloud Security Market Size | |
| SV018 | VentureBeat | Orca Security raises $340M at $1.8B valuation to tackle CNAPP market | |
| SV019 | Crunchbase | Crunchbase Organization Profile: Orca Security | |
| SV020 | CB Insights | CB Insights Company Profile: Orca Security | |
| SV021 | Gartner | Gartner Cloud Security Insights | |
| SV022 | TechCrunch | Orca Security raises $340M Series C at $1.8B valuation | |
| SV023 | Business Wire | Orca Security Raises $340 Million Series C at $1.8 Billion Valuation | |
| SV024 | SiliconAngle | Orca Security raises $340M in Series C funding round | |
| SV025 | Wiz | Wiz Gartner CNAPP Magic Quadrant Commentary | Wiz's position as the fastest-growing CNAPP vendor highlights the competitive displacement risk facing second-tier players in the agentless cloud security segment. |
| SV026 | Cybersecurity Dive | Orca Security raises $340M in Series C funding | |
| SV027 | Forrester | Forrester CNAPP Market Analysis | |
| SV028 | Help Net Security | Orca Security raises $340 million Series C | |
| SV029 | GlobeNewswire | Orca Security Raises $340 Million Series C at $1.8 Billion Valuation | Orca Security today announced it has raised $340 million in Series C funding at a $1.8 billion valuation, led by Temasek, to continue disrupting cloud security. |
| SV030 | Temasek Holdings | Temasek Invests in Orca Security Series C | Temasek is pleased to lead Orca Security's Series C financing, which reflects our conviction in the company's agentless cloud security platform. |