In this article, you will find the resources to guide you though the cloud account onboarding process, as well as an overview of the information presented on the Orca dashboard.
- Connect Orca to your cloud provider
- Dashboard overview
- Invite other users
- Further recommended readings
Connect Orca to your cloud provider
Orca supports the three major cloud platforms: AWS, GCP, and Azure. Follow the written step-by-step onboarding articles to connect Orca to your cloud service provider account. Additionally, video walkthroughs are available for GCP and Azure account onboarding.
The initial scan time will vary and may take anywhere from a few minutes to a few hours. We recommend that you wait at least 24 hours after onboarding a new account to get the complete picture of your security posture. Subsequent scans take significantly less time.
Amazon Web Services onboarding
Written article: AWS Account Onboarding (SaaS Deployment)
Google Cloud Platform Onboarding
Written article: GCP Account Onboarding (SaaS Deployment)
Microsoft Azure Onboarding
Written article: Azure Account Onboarding (SaaS Deployment)
The first screen you see when logging into Orca is the Dashboard ( icon). This is a high-level perspective of your security posture that includes key metrics about your assets, alerts, and major risks. The dashboard page also displays the top 5 security issues based on the selected major risks category (Top 5 Malware in this case).
Learn more about navigating the Orca User Interface.
Don't worry that your Dashboard looks different. This image is from our Demo account and is loaded with example security issues.
Let's take a closer look at the three main sections of the Dasboard: Inventory (Assets), Alerts, and Major Risks.
The Inventory section gives you the total count of your cloud assets by asset type. Here, you can click on each asset type to get a complete list, or you can perform a custom search and export asset metadata by navigating to Inventory ( icon) from the main menu on the left.
The Alerts section is where we show you the findings from our scanning and analysis. Alerts have four risk categories:
|Compromise||Alerts for malicious code or activity present on the asset.|
|Imminent Compromise||Alerts where assets are at a high risk of being compromised based on our findings and a potentially viable external attack vector.|
|Hazardous||Alerts where the asset is at high risk, however, there is no known exploit or the asset cannot be reached externally.|
|Informational||Alerts with no clear attack vector and pose minimal risk to the organization, thus are deemed informational.|
The left panel of the dashboard will dynamically display the categories of Alerts from Orca's findings. The first category is selected by default, and the top 5 alerts from that category are shown in the cards to the right. These alerts are sorted by severity, so the dashboard will automatically surface your highest security risks first.
Invite other users
Now that you are familiar with the Orca dashboard, you should consider adding new users to your account.
Further recommended readings
- I’ve Added an Account. When Should I See Results?
- What Happens during Onboarding when the First Scan Is Initiated?
- How Often Does Orca Scan?
- How Can I Manually Initiate a Scan?
- How Do I Use Filters with Alerts?
- How do I Use Filters with Assets?
- How Can I View Reports and Export Data from Orca?
- Do You Have an API? How Can I Use It?