WashU IT is implementing a new cloud tool called Orca Security to provide robust protection across WashU’s cloud environments—including Amazon Web Services (AWS), Google Cloud (GCP), and Microsoft Azure.
Orca Security scans our cloud environments daily, actively identifying potential risks such as misconfigurations, vulnerabilities, identity issues, data security concerns, API exposures, and other issues.
When a risk is detected in a WashU cloud resource, the owners of that resource will receive a detailed email from Information Security outlining the issue. All critical findings must be remediated within 7 days. Please let us know if you have questions or concerns.
For more information about Orca Security, click here.