SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Secure digital cloud with protective barriers over australia outline
#
Virtualisation
#
Data Protection
#
Hyperscale

Orca Security achieves IRAP PROTECTED for Australian cloud sector

Fri, 15th Aug 2025
Author image
By Catherine Knowles, Journalist

Orca Security has completed the Australian Information Security Registered Assessors Program (IRAP) assessment at the PROTECTED classification level for its Orca Cloud Security Platform, enabling Australian public sector organisations to access enhanced cloud security capabilities.

The IRAP assessment, overseen by the Australian Signals Directorate (ASD), is designed to ensure that technology providers who manage sensitive government data adhere to security protocols outlined in the Australian Government Information Security Manual (ISM). These independent assessments verify the appropriateness and effectiveness of a system's security controls, and results are documented in a Security Assessment Report (IRAP report) to help agencies determine the best solutions for their needs.

Orca Security completed the IRAP assessment in collaboration with Tesserent, an approved IRAP assessor and auditing partner, presently part of Thales Cybersecurity Services ANZ.

Avi Shua, Chief Innovation Officer and Co-founder of Orca Security, commented, "This accreditation affirms our platform's capability to safeguard Australia's most sensitive cloud environments. The accomplishment also underscores our commitment to protecting critical government data in Australia, and broader mission to support public sector organisations globally with cloud security excellence - fortifying critical infrastructure and safeguarding national interests against emerging cyber threats."

The IRAP accreditation follows a recent authorisation under the Federal Risk and Authorization Management Program (FedRAMP) in the United States. Achieving PROTECTED status emphasises Orca's compliance with rigorous international security standards required in public sector environments.

Cyber security policy

The Australian government's 2023-2030 Cyber Security Strategy sets out to improve national cyber resilience in the face of escalating cybercrime threats. The strategy seeks to foster trust in digital products, secure valuable datasets, and ensure that government agencies can safely leverage emerging technologies. Part of the government's recent digital initiatives included strengthening its relationship with AWS in an effort to expand access to secure cloud solutions for all levels of government.

Cloud security platform

Orca Security's platform offers government agencies an agentless solution to cloud security. It uses SideScanning technology to provide rapid asset inventory and risk assessment of public cloud environments, supporting platforms such as AWS, Azure, Google Cloud, Oracle Cloud, Alibaba Cloud, and Kubernetes. Orca's Unified Data Model enables comprehensive contextual analysis across an entire cloud estate, including misconfigurations, vulnerabilities, malware, lateral movement, data and API exposure, AI risks, and active breaches.

According to the company, the platform's capabilities allow organisations to uncover potential attack paths and prioritise threat mitigation to protect mission-critical data and align with security objectives.

These features, alongside recent endorsements, have contributed to Orca's expansion in Australia, where it reports more than 100% year-over-year growth across both government and enterprise markets.

Government access

The IRAP report provides Australian public sector agencies with a tool to assess the suitability of Orca's platform for sensitive operations and manage risk accordingly. By meeting IRAP PROTECTED security requirements, Orca is positioned to support agencies with their evolving cyber security strategies and compliance obligations.

The IRAP program continues to play a central role in the Australian government's approach to securing digital infrastructure. As agencies further integrate cloud technologies, security certification helps ensure trust and compliance across mission-critical services.

Orca Security's IRAP assessment was conducted by Tesserent, now under Thales Cybersecurity Services ANZ, which is qualified to carry out independent evaluations against the ISM for solutions intended to protect government data.

Orca states that its presence in the region and alignment with government requirements demonstrate a long-term commitment to supporting the protection of national interests as cyber threats continue to evolve.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Backslash unveils MCP Security to safeguard AI coding
AI agents spark new identity security fears for 2026
Advancing our secure by design pledge: What’s new in SonicOS 7.3 and NSM 3.1
AI projects face long delays amid rising security risks
Can we trust AI? Australia’s industrial sector offers the blueprint

Top stories

AI-native attacks drive shift to continuous cyber tests
Cybersecurity, AI set to shake IT leaders in 2026
CrowdStrike hits 100% in latest MITRE ATT&CK tests
Armis, KODE & IntelliBuild unite to secure smart buildings
Agentic AI set to turbocharge cybercrime automation