orca.security

A+
Pass · 98/100
Demonstrates a solid security posture with minor gaps. Positive signals: TLS Configuration, Known Breaches, and DMARC / Email Security all passed. 1 action item identified, including 0 critical. The issues are configuration gaps, not architectural problems. A focused remediation effort of 1–2 days could address all findings.
Trust Score Trend
→ No change 1 scan · Last scanned February 15, 2026
Score
100 75 50 25 0
A+
orca.security
98/100
Compliance & Certifications
Not yet verified
SOC 2 TYPE II
SOC 2 Type II
Audit report not on file
3rd party · AICPA
Pro subscribers only
ISO 27001
ISO 27001
Certificate not on file
3rd party · accredited body
Pro subscribers only
GDPR
GDPR
DPA not on file
Self-reported
Pro subscribers only
CCPA
CCPA
Privacy policy not on file
Self-reported
Pro subscribers only
Incident History
None in 12 months
March 2026
ChatGPT data exposure
1 source
Resolved
Pro subscribers only
April 2023 – Feb 2026
ChatGPT data exposure
1 source
Resolved
Pro subscribers only
Security Posture
1 item need attention
9 passed
Turn on DNSSEC for your domain
DNS Configuration
1–3 days (mostly waiting, not active work)

This allows an attacker to silently redirect your visitors to a fake site. DNSSEC is a signature system that stops attackers from forging DNS answers — without it, someone could redirect visitors of orca.security to a fake site without them noticing. Turning it on takes coordination between your DNS provider and your domain registrar, but it's a one-time setup.

NIST 800-53SC-20
Secure name/address resolution service
How to fix this
1Check whether your DNS provider supports DNSSEC in your DNS provider's dashboard (whichever company manages this domain's DNS — often your registrar, e.g. GoDaddy, Namecheap, or Cloudflare) — most major ones do (Cloudflare, Route53, GoDaddy, Namecheap).
2Turn on DNSSEC signing there — it will generate a DS record for you.
3Copy that DS record into your domain registrar's DNSSEC settings for the .security domain.
4Confirm it worked: search "dnssec checker" and enter orca.security.
View all 9 passed checks
TLS Configuration
Known Breaches
DMARC / Email Security
MX Records & Mail Provider
HSTS Header
Security Headers
CVE Exposure
Certificate Hygiene
Subprocessors & Tech Stack
Company Signals
Claim profile →
Operational risk
Low
11 yrs operating. Well-funded
Lynxradar · Composite signal
Last funding
$40B
Series F · Mar 2025 · SoftBank-led
Crunchbase ↗
Employees
~3,000
+40% YoY growth
LinkedIn ↗
Trust Resources
Claim profile →
SafeBase Trust Center
trustcenter.orca.security
Security page
orca.security/security ↗
Privacy Policy
orca.security/privacy ↗
DPA (Data Processing Agreement)
orca.security/dpa ↗
Updated recently
Subprocessors List
orca.security/policies/subprocessors ↗
Tech Stack Detected
Subprocessors
Cloudflare
Similar companies
Appears in
Claim profile →
SOC 2 Type II certified vendors
847 companies · Updated weekly by LynxRadar
Track
ISO 27001 certified SaaS
312 companies · Updated weekly by LynxRadar
Track
Top AI vendors by trust score
94 companies · LynxRadar ranking
Track
Enterprise-ready SaaS · Trust score A or above
203 companies · LynxRadar ranking
Track