Orkus Applies AI to Enforce Cloud Security Governance

As more applications move into the cloud, it is clear governance has become a major issue. Cybersecurity criminals are now routinely looking for weak controls such as commonly used passwords that they can easily compromise. To provide cybersecurity teams tools to assess and maintain those controls, Orkus this week launched the Orkus Access Governance Platform.

Orkus CEO Manish Kalia said the company’s platform first analyzes the relationship between all the data and infrastructure that makes up the IT environment. It then employs machine learning algorithms in the form of a Graph AI capability using graph databases to determine who has access to what service and how frequently that service is being invoked.

The Orkus Access Governance Platform then allows cybersecurity teams to create “guardrails” that implement cybersecurity policies based on intent rather than requiring cybersecurity teams to manage low-level access control policies. For example, the platform can automatically generate guardrails to enforce various compliance mandates based on the type of data being stored in a cloud service.

Finally, there an Orkus Access Intelligence module that provides the ability to search, investigate and audit authorizations of cloud infrastructure both currently and historically.

Each of those capabilities is made available as part of a cloud service that is priced based on the number of workloads and applications that need to be secured.

Kalia said increased reliance on cloud services requires cybersecurity professionals to adopt new tools to protect data and make sure unauthorized individuals are not able to access it. Unfortunately, credentials are compromised all the time. The only way cybersecurity teams know is when a cybersecurity platform detects whether data is being accessed in an unusual manner. The Orkus Access Governance Platform detects that activity and enables cybersecurity teams to implement policies that allow data to only be accessed by specific individual in ways that are consistent with previous data interactions, he said.

In general, Kalia said it’s now apparent that cybersecurity teams are struggling to keep up with the pace at which applications are now being developed and deployed in the cloud. Rather than trying to slow down the rate at which applications are being deployed, Orkus is making a case of employing machine learning algorithms to enable cybersecurity teams to apply cybersecurity polices instantly based on intent, in the form of guardrails, and then run the forensics required to make sure those policies are being fired. None of that effort, however, requires cybersecurity teams to directly insert themselves into a DevOps process, said Kalia.

As more data pours into various cloud platforms, the amount of data at risk is increasing exponentially for each organization. Not too long ago a breach could be contained within the context of a single IT application or system running in an on-premises IT environment. Today, everything in the cloud is interconnected. Faced with that new IT reality, cybersecurity teams that are already chronically short-staffed are not able to manually check every configuration. The only way to level the proverbial playing field as the number of attack surfaces increases is to rely more on automation enabled by machine and deep learning algorithms.

Of course, not every cybersecurity team may fully trust those algorithms. But as the algorithms continue to learn over time, they increasingly will become more precise than most mere cybersecurity mortals could ever hope to accomplish on their own.

Featured eBook
Securing the Code: DevOps Security and AppSec

Securing the Code: DevOps Security and AppSec

DevSecOps represents a fundamental shift from the status quo by making security a much more collaborative effort. Applications are the business in this digital age. Securing the applications that drive your business is essential to providing safe digital experiences to your entire business ecosystem. With DevSecOps, security is automated and integrated into the development process. Security … Read More