Case Study: Cake achieves continuous PSD2 compliance and 100% AWS visibility with Orca Security

In a Regulated Financial Services Industry, Orca Security Helps Cake Become Proactive on PSD2 Compliance

Cake, a regulated European mobile banking app, needed to move from periodic manual security checks to automated, continuous monitoring to meet PSD2 requirements and manage a complex AWS estate (3 accounts, 240 containers, 100 databases, 50 buckets, 20 VMs, 360 policies). They engaged Orca Security to provide cloud-native, agentless visibility and compliance scanning (Orca’s SideScanning™ approach) so the team could get an “inside-out” view of their environment and prove compliance to auditors.

Orca Security delivered an instantaneous, read-only integration that continuously scans Cake’s AWS environment, surfacing misconfigurations and vulnerabilities and integrating findings into Cake’s release process. The result: full workload-level visibility without agents, automated daily checks that uncovered issues such as 49 default security group problems, eliminated the need for roughly two FTEs of manual work, and provided the evidence Cake needed for PSD2 audits.

Cake

Pieter Schelfhout

Head of Engineering