Case Study: Turnitin achieves 100% multi-cloud visibility and stronger security governance with Orca Security

Orca Security Helps Instill Security Discipline and Governance for Turnitin’s Multi-Cloud Estate

Turnitin, a global education-technology SaaS used by more than 30 million students, needed to strengthen security across its AWS, Azure, and Google Cloud estates to support M&A due diligence, regulatory compliance (GDPR, CCPA, PCI DSS), and close governance gaps—especially where agent-based tools were missing high‑risk cloud assets. Turnitin engaged Orca Security, using Orca’s agentless SideScanning cloud security service, to gain comprehensive, impact‑free visibility and assessment.

Orca Security’s agentless solution delivered instantaneous, read‑only visibility and prioritized risk findings, giving Turnitin 100% visibility of its multi‑cloud estate: Orca uncovered 650 block storage devices versus the 150–400 the team had counted and exposed cases where agent-based tools showed only 300 machines while Turnitin actually had about 3,500. Those results sped M&A assessments, helped demonstrate a proper security program to regulators, drove DevOps adoption and a security budget increase, and materially improved governance and risk prioritization.

Turnitin

Jack Roehrig

Chief Information Security Officer