Druva Protects its Workloads with Orca Security Agentless Monitoring

Executive Summary

Druva enables cyber, data and operational resilience for every organization with the Data Resiliency Cloud, the industry’s first and only at scale SaaS solution. However, Druva found that it needed stronger vulnerability management instead of a “point-in-time” approach that scans and obtains a report. Druva also wanted higher-level visibility into all its services and workloads that could keep up with increasing customer demands. The Druva team soon realized that addressing network exposures on a moment’s notice would require much deeper tracking of its own cloud environment.

Accelerating Vulnerability Management Beyond “Point-in-Time” Scanning

The Druva team soon realized that addressing network exposures on a moment’s notice would require much deeper tracking of its own cloud environment. This also pointed to the need for closer collaboration between cloud operations and security so both parties could easily assess new vulnerabilities and increase visibility across all cloud workloads. Without a new approach to securing its environment, Druva experienced increasing risk of a major data breach, compromised infrastructure, and interruption of services.

“Orca simply offers a great deal more visibility into how to protect Druva’s infrastructure and the availability of our core services,”

- Yogesh Badwe, CSO, Druva

Enabling a Cloud-Native Approach to Security and Compliance

The answer that Druva was looking for was agentless, cloud-first technology, and the solution provider was Orca Security on AWS Marketplace. Druva first engaged with Orca in September 2020. After only four months, the team was also sold on Orca’s agentless approach to the cloud.

Orca developed its security product when AWS, in 2018, opened its runtime block storage feature. This enabled Orca to obtain a read-only view of the required cloud metadata via Amazon’s application programming interfaces (APIs). The key to Orca’s agentless technology resides in obtaining this read-only snapshot of the data. Since this snapshot has zero impact on the production workload, Orca can detect risks across both the workload and control plane, achieving contextual and prioritized full-stack visibility. As Ty Murphy, director of technical product marketing at Orca, points out, “The benefits here are that we provide complete visibility into your cloud environment without getting overwhelmed by the runtime details.”

Orca’s comprehensive scanning process searches Druva’s file images for vulnerabilities, misconfigurations, malware, lateral movement risk, exploitable keys, weak passwords, and unsecured sensitive data. Druva chose Orca because it provided all this security and compliance monitoring without any time-consuming agents. At the end of the day, the value proposition was clear: Orca could help Druva protect its AWS workloads quickly, seamlessly, and at lower cost.

Immediate Protection for Existing AWS Workloads

Druva knew from experience that purchasing and deploying software solutions could be painstaking and time consuming. Procuring Orca turned out to be quite the opposite. After purchasing Orca directly and testing it for a few months, Druva’s security team realized the long-term value of the product and moved quickly to procure the product via AWS Marketplace.

Prior to purchasing Orca, Druva had a manual procurement process that was based off emails and more traditional communication channels. While Orca’s first procurement took between two and three weeks, Druva’s follow-up purchase on AWS Marketplace a few months later was significantly easier. Druva had already worked with AWS since 2013 and so it well understood the benefits of purchasing a product like Orca via AWS Marketplace.

Even though it was a large multi-year contract, Orca’s deployment took just a couple of hours to set up, which translated into significant time savings. One of the reasons for this quick setup was Druva’s tight integration with AWS through the runtime storage layer. This interoperability meant that any existing Amazon workloads, including Amazon Elastic Compute Cloud (Amazon EC2), Amazon Elastic Kubernetes Service (Amazon EKS), Amazon Elastic Container Service (Amazon ECS), AWS Fargate, and AWS Lambda instances were immediately protected.

With the deployment complete, Orca’s scanning technology reported to Druva not only critical vulnerabilities, but configuration issues, identity and access management, authorization issues, and obsolete routines embedded in applications. “Orca simply offers a great deal more visibility into how to protect Druva’s infrastructure and the availability of our core services,” according to Yogesh Badwe, CSO at Druva.

“The benefits here are that we provide complete visibility into your cloud environment without getting overwhelmed by the runtime details.”

- Ty Murphy, Director of Technical Product Marketing, Orca

Decreasing Mean-Time-to-Resolution

Orca’s agentless environment supported quicker cross-collaborations and resolution times. As Badwe confirms, “Orca’s easily accessible tool means that everyone can collaborate more seamlessly across the board.” This arrangement reduced the Druva team’s mean-time-to-resolution (MTTR) and optimized workflows for better efficiency and performance across the enterprise.

AWS Marketplace Provides Druva with Compliance Scalability and Success

Prior to engaging with Orca, Druva had vetted a number of platforms and services to solve the challenges of agentless compliance monitoring. Each one failed to handle the extreme workloads. Orca, on the other hand, offered several compelling features that made it a great match for Druva’s business needs. For example, Orca has an AWS security competency, is available in AWS Marketplace, and offers the AWS independent software vendor (ISV) Accelerate Program, along with Amazon Linux 2. It also integrates with Amazon Elastic Compute Cloud (EC2) Image Builder and was already part of the AWS Activate Startup program, which is designed to support new businesses on AWS. “I haven’t experienced any scalability problems with Orca,” Badwe added. “That excites me because I’m always looking for true partners that can help us scale.”

Looking Ahead

Druva has been thrilled at how Orca’s agentless, all-in-one compliance tool has helped it more seamlessly protect its AWS workloads across the enterprise. By providing easier procurement, quicker time to market, and better collaboration across teams, Orca has transformed Druva’s entire approach to compliance and vulnerability management. As Badwe summarizes, “I think Orca really is the wave of the future for addressing ephemeral cloud workloads.”

Druva

About Druva

Druva delivers data resilience via a single SaaS platform spanning multiple geographies and clouds and is trusted by thousands of enterprises, including 60 of the Fortune 500, to make data more resilient and accelerate their journey to the cloud.

About Orca Security

Dual headquartered in Los Angeles and Israel, Orca Security simplifies security operations with a single software as a service-based solution for workload and data protection, cloud security posture management, vulnerability management, and compliance management.

Published September 2022