Orchid Security is an identity observability platform designed to support incident response teams in detecting and responding to identity-based threats. The platform addresses visibility gaps in unmanaged identities and applications that exist outside traditional IAM coverage. The solution continuously discovers applications and identities across cloud, on-premises, legacy, and custom environments. It monitors authentication and authorization activity across all applications to map potential attack paths and identify suspicious behavior. The platform tracks credential utilization to help identify initial entry points and lateral movement during security incidents. Orchid Security provides infrastructure-wide observability, enabling security teams to view every application and account throughout an organization. The platform includes identity activity auditing capabilities that track how credentials are used across systems. It offers IAM orchestration features that allow teams to decommission compromised credentials across multiple instances. The platform is designed to integrate identity context into incident response and SOC workflows. It preserves identity evidence for post-incident review and reporting purposes. The solution focuses on providing visibility into non-human and machine identities, which often lack ownership and telemetry in traditional security tools. Orchid Security aims to reduce investigation time during security incidents by providing immediate visibility into identity behavior across managed and unmanaged systems.