Orca Cloud Infrastructure Entitlement Management (CIEM) provides visibility and management of cloud identities, entitlements, and permissions across multi-cloud environments. The platform monitors identities, roles, groups, permissions, and policies deployed in cloud environments and alerts when security best practices like least privilege are not followed. The solution offers centralized discovery and compliance tracking across multiple cloud platforms, with support for regulatory standards and CIS benchmarks. It includes thousands of controls across categories including authentication, data protection, logging and monitoring, IAM misconfigurations, and system integrity. The platform scans for unmanaged identities such as SSH keys, passwords, and account roles across the cloud estate. It detects insecurely stored keys, passwords in shell history, and creates hashes of discovered keys to identify matching authorized public key configurations across assets. Orca provides Just-in-Time (JIT) Access for AWS, enabling time-bound, role-specific access provisioning with centralized request management and audit logging. The platform includes an IAM policy optimizer that analyzes existing policies against 90 days of usage data to recommend optimal configurations with ready-to-use configuration files. The solution integrates identity risks with vulnerabilities, misconfigurations, malware, sensitive data location, and lateral movement risk for holistic risk prioritization. It includes attack path visualization that analyzes risks across cloud layers to identify dangerous combinations leading to critical assets. The platform supports advanced querying using built-in alert templates, query builder, query catalog, and natural language AI integration.