Orca Security Cloud Workload Protection Platform (CWPP) provides security for virtual machines, containers, and Kubernetes environments using an agentless-first approach. The platform uses SideScanning technology to collect data directly from cloud configuration and workload runtime block storage out-of-band, eliminating the need for agent deployment on every workload. The platform performs vulnerability scanning across cloud workloads by leveraging 20+ vulnerability data sources and provides workload inventory including OS packages, applications, libraries, and versions. It prioritizes vulnerabilities based on context beyond CVSS scores, considering cloud asset connections and risks. The CWPP includes sensitive data detection capabilities that scan for personally identifiable information (PII), protected healthcare information, credit card numbers, and Social Security identifiers across running, idle, paused, or stopped workloads. Malware detection uses signature-based scanning, heuristic file analysis, dynamic scanning, and genetic signature detection. The platform offers reachability analysis for containers to identify which vulnerable software packages are reachable by attackers. It includes both agentless reachability analysis and dynamic runtime reachability analysis through Orca Sensor. Orca Sensor provides optional lightweight runtime protection using eBPF-based technology for VMs and containers, offering real-time visibility into activity, threats, and malicious behavior. The platform combines workload telemetry with cloud configuration metadata to provide visibility across cloud configurations, identities, and workloads.