Sold by: Orca Security CNAPP
Deployed on AWS
Agentless Cloud Security in a Single, Complete Platform with 100% Coverage
4.3
Overview
Orca Security is the true Cloud Native Application Protection Platform (CNAPP) that identifies, prioritizes, and remediates risks and compliance issues across all of your workloads, configurations, and identities on AWS. Orca offers the industrys most comprehensive cloud security solution in a single platform, eliminating the need to deploy and maintain multiple point solutions.
FAST TIME TO VALUE: The Orca CNAPP Platform is agentless first, and connects to your environment in minutes using patented SideScanning™ technology that provides deep and wide visibility into your cloud environment, without requiring agents. In addition, Orca offers a lightweight agent for organizations that require real-time protection for critical workloads.
RISK PRIORITIZATION: Orca effectively prioritizes risks by applying a granular risk score to each alert, and recognizes when seemingly unrelated issues can be combined to create dangerous attack paths straight to your crown jewels.
FULL SDLC SECURITY: The Orca platform shifts security left by seamlessly integrating into the CI/CD process so that applications can be secured from code to cloud and back.
AI-POWERED: Orca is at the forefront of leveraging Generative AI for simplified investigations and accelerated remediation, reducing required skill levels and saving cloud security, DevOps, and development teams time and effort, while significantly improving security outcomes.
PURPOSE-BUILT CNAPP: Orca unifies many different point solutions in one platform, including CSPM, CWPP, CIEM, DSPM, Container security, API security, AI-SPM, and much more.
Sign up for a demo to uplevel your cloud security and get the fastest time to value available in the industry: https://orca.security/demo/
Additional platform licensing options are not shown in this listing but are available via Private Offer. Please email aws@orca.security .
Highlights
- Visibility to all your IAAS and PAAS assets including EC2, Containers, S3 buckets using account level read only permissions
- Detect compromises, vulnerabilities and risky configuration within minutes
- No impact on your assets, grows automatically with your cloud account
Details
Sold by
Categories
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/month |
|---|---|---|
Small (100) | up to 100 concurrent workloads (EC2) per month | $7,000.00 |
Small-medium (300) | up to 300 concurrent workloads (EC2) per month | $12,000.00 |
Medium (500) | up to 500 concurrent workloads (EC2) per month | $17,000.00 |
Large (1000) | up to 1000 concurrent workloads (EC2) per month | $30,000.00 |
Vendor refund policy
Contact Support: support@orca.security
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Support
Vendor support
Customer Success Manager support@orca.security
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Orca Security CNAPP
By Aqua Security Software Inc.
Top
25
In Application Development
Top
25
In Observability, Software Development
Top
10
In Container Workloads
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Agentless Cloud Security Architecture
Agentless-first approach using patented SideScanning technology that provides deep visibility into cloud environments without requiring agent deployment
Risk Scoring and Attack Path Analysis
Granular risk scoring applied to each alert with capability to identify and correlate seemingly unrelated issues into dangerous attack paths
Unified Cloud Security Platform
Single platform consolidating multiple security functions including CSPM, CWPP, CIEM, DSPM, Container security, and API security
CI/CD Pipeline Integration
Seamless integration into CI/CD process for shift-left security enabling application protection from code to cloud deployment
AI-Powered Investigation and Remediation
Generative AI capabilities for automated investigation and accelerated remediation workflows
Offensive Security Engine
Simulates external exploits to produce Verified Exploit Paths for prioritizing exposures that are reachable by outside attackers and reducing cloud attack surface.
Cloud Security Posture Management
Continuously monitors and manages security of AWS configurations to prevent public exposure and ensure compliance.
Secrets Scanning
Identifies more than 750 types of secrets across public and private repositories.
Cloud Infrastructure Entitlements Management
Detects and manages excessive or unused permissions to mitigate the risk of privilege escalation.
Real-Time Malware Detection
Detects malware including zero-days in milliseconds with scanning performed directly in cloud environment for object storage services like Amazon S3 and file storage services.
Multi-Workload Security Coverage
Unified platform securing containers, serverless, Kubernetes, and AI workloads across AWS, on-premises, and multi-cloud environments
Runtime Threat Detection and Enforcement
Runtime protection to detect threats, block malicious activity, and enforce compliance in production across all cloud native workloads
AI and LLM Security Governance
Purpose-built AI workload security to govern large language models and generative AI applications with model abuse detection and policy enforcement
Full Lifecycle Security
Security coverage across the entire software development lifecycle from code development through production deployment
Compliance and Authorization Standards
FedRAMP High authorization enabling compliance with rigorous security and regulatory standards
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
No security profile
No security profile
-
-
-
Standard contract
No
No
No
Customer reviews
Fabricio Galdino
Unified cloud insights have improved asset visibility and streamlined risk prioritization
Reviewed on Feb 08, 2026
Review from a verified AWS customer
What is our primary use case?
I normally use Orca Security for AppSec, and one of the features that I use commonly is the application security. I love it because it's already covered in the same license, and I can get a good overview of all of my assets. I have a lot of accounts in cloud, and so it's sometimes hard to identify all activities or assets that have been used or not. Normally, some developers create some virtual machines and leave the VM on or don't remove it. Orca Security usually helps me to see these kinds of problems because I can see every asset in one platform.
I don't use the Cloud to Dev feature they mentioned, since I'm working with Orca Security directly.
I believe the feature referred to as Orca Sensor is cloud security detection. I use it frequently because it's very important. I really enjoy it because it's agentless. I don't need to install or build an agent in my assets in the cloud. Orca Security accomplished this safely and fast. It's pretty easy to identify security risks or security issues using Orca Security because it's totally agentless and I just need to connect my cloud environment. It's really good and pretty easy. They have one feature that I really like in this same vein; it's the news about security. For example, if a new vulnerability is found and it's not already published in a CVSS bug, Orca Security has new papers that already inform me, stating that I have this new issue and this asset has been affected by this new vulnerability, and it provides guidance on how I can fix it. I love it.
What is most valuable?
What I love most about Orca Security is the easy integration with other tools. I really like it because it's very easy to integrate with other tools that are important for the company. It's already set up in the platform easily. I don't need to do unusual modifications or create a script. It's pretty easy to integrate these tools.
It is easy to prioritize risks using Orca Security because they have already been categorized. The severity of some risks is delivered from Orca Security, and I can set some kind of high-value asset designation. I can define what is a high-value asset or not. The attack paths also help me to understand the prioritization of the risks of these assets.
Orca Security has helped my company reduce the time it needs to address cloud security alerts and make it faster. When one critical risk or high risk is identified in my environment, I already receive notifications, even in email or in Teams, Slack, or any channel that is integrable to Orca Security. I receive a very fast notification to address the vulnerability and security issues to the teams.
What needs improvement?
I think the downside of Orca Security is the reports. I don't have any good reports ready to deliver to an executive. If I need to deliver some reports to my account manager or an executive, I don't have anything ready. I need to extract information and put it in another tool to construct some reports or dashboards or to report to my manager.
For how long have I used the solution?
I've been using Orca Security for exactly one year and one month.
What do I think about the stability of the solution?
Normally, I don't have any problem with maintenance in Orca Security platform. I don't have any downtime using it for this one year. When I need any support, it's very fast to get an answer from the support team.
I don't have any lagging using Orca Security. As I said, using it for one year, I don't have any downtimes.
What do I think about the scalability of the solution?
From what I’ve seen, I think it’s really easy to scale your usage. I did a POC (Proof of Concept) where I extended some workloads and it was very easy, but I don't use it frequently in production, just in that Proof of Concept.
How are customer service and support?
Not so many people are required for the deployment of Orca Security; just one person can do it.
I have been in contact with technical support regarding Orca Security twice to solve some issues, but it wasn't an issue, just a wrong configuration that I made. I contacted them and they shared some documentation. After that, I could resolve it pretty well.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I tried similar solutions from Trend Micro. From Trend Micro, I also tried a new one that is called Wiz . Orca Security is the best one for me because it delivers all the things that I need and more.
How was the initial setup?
The initial deployment of Orca Security was pretty easy from my point of view.
What about the implementation team?
It took just one hour to create the roles and the credentials for Orca Security. Then I just need to wait for the time for Orca Security to enrich data and index data in the platform. On the first day, I can already use Orca Security fully and identify every resource.
What other advice do I have?
For my company, I don't use a huge workload. It's a small workload, around 90 workloads, but we have more. For this amount of workload, the price is high. When you have more workloads, the price is much better. I think it's not so expensive when you have the right amount of workloads. It's more directed toward big companies.
I have tried to use Cloud Cost Optimization with Orca Security. We used it to reduce some costs by removing some unused assets. It really helped us, but I don't think that is the main focus of Orca Security. I use other tools to do FinOps in a better way.
I use a reseller that is a partner that helps me with Orca Security. I am just a client, but we have a company that sold Orca Security to us, and they are the bridge between my company and Orca Security company.
I would rate this product a 10 out of 10.
Kaue Ribeiro
Cloud security posture has improved as I manage risks and vulnerabilities more effectively
Reviewed on Feb 04, 2026
Review from a verified AWS customer
What is our primary use case?
I implement Orca Security on B3 to improve my security maturity in cloud environments, mitigate risks, and correct vulnerabilities and resolve some issues.
What is most valuable?
I appreciate Orca Security because I can see CSPM, KSPM, and DSPM. Orca Security works with major frameworks on security, such as NIST and CIS, allowing me to see comprehensive insights on my cloud environment. I appreciate the Orca Security CI/CD integration, the shift-left configuration, which helps me improve cloud maturity and DevSecOps maturity. From my perspective, Orca Security is a complete CNAPP platform with the most capabilities to work with cloud security.
What needs improvement?
For how long have I used the solution?
I have used Orca Security for one year.
What do I think about the stability of the solution?
I do not see any lagging, crashing, or downtime in Orca Security. In my time working with Orca Security, I have not experienced downtime on the platform.
What do I think about the scalability of the solution?
I think the scalability of Orca Security is good. I did not have a problem with scalability, as it works effectively for my scenario and environment.
How are customer service and support?
In my case, I had technical support, and it is easy to contact the technical support. The quality of the support is good. If I were to rate the support on a scale from one to ten, I would give it an eight.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I worked with Prisma Cloud, an alternative platform for cloud security from Palo Alto, and I worked with the Rapid7 platform as well as Tenable, so there are other vendors with the same concept platform as Orca Security.
How was the initial setup?
The initial deployment of Orca Security is easy; it is just plug-and-play on the cloud environment. When I deployed Orca Security for the first time, it took me around two days for cloud environments, no more.
What about the implementation team?
A team is needed for deployment; one person cannot deploy it.
What was our ROI?
I see the benefits of Orca Security immediately because you can see the issues right after deployment, and you can correct the critical issues, so the proof of value is immediate.
What's my experience with pricing, setup cost, and licensing?
Compared with other vendors, the Orca Security pricing is very competitive, and I think it is a good price compared with the other vendors.
What other advice do I have?
I do not use Orca Security agentless exclusively for vulnerabilities. I appreciate Orca Security because it is a complete platform and its cost is very small compared with other vendors. I think the user interface of Orca Security is very intuitive, friendly, and easy to use. It takes me very little time to learn how to use Orca Security; I find it very easy to learn, and the documentation is online and intuitive. Overall, I would rate Orca Security at a nine out of ten.
RicardoEscriba Robles
Cloud visibility has improved and risk prioritization provides faster, more focused security work
Reviewed on Feb 01, 2026
Review from a verified AWS customer
What is our primary use case?
Orca Security provides three main strategic advantages. First, there is 100% visibility because it does not require agents. It can see everything, even shadowing or abandoned servers that the security team did not know existed. The main responsibility is side scanning, which is the first technology by Orca Security. Second, there is context-aware risk prioritization. Instead of drowning security teams in a sea of maybe 10,000 alerts, Orca Security uses a graph-based engine. It understands that a vulnerability on a web-facing server with access to a database is much more dangerous than the same vulnerability on a test server with no internet access. Third, there is operational efficiency. It saves hundreds of hours for DevOps teams who no longer have to install, update, or troubleshoot security.
What is most valuable?
I find Orca’s secret scanning and 'Shift Left' capabilities to be most valuable. The platform integrates directly into our GitHub and Azure DevOps pipelines, which allows us to automatically analyze pull requests for hardcoded passwords, API keys, and other sensitive credentials.
What needs improvement?
I see vulnerabilities as an area for improvement. In my opinion, the other platforms, such as Qualys and Prisma Cloud, have more efficiency in vulnerability detection, but Orca Security is not as strong in this area.
It is necessary to have a team because there is more responsibility, more activities, and it is necessary to have different opinions.
For example, when I have subscriptions by Azure or accounts by AWS , it is necessary to perform maintenance because you have to add a new subscription or new accounts in Orca Security. This configuration is not automatic; it is manual.
For how long have I used the solution?
I have been working with Orca Security for one year.
What do I think about the scalability of the solution?
It is necessary to have a team because there is more responsibility, more activities, and it is necessary to have different opinions.
How are customer service and support?
Technical support is very good, but customer support is very poor, in my opinion, because when I have a few problems, the customer support says your solution is bad or it is easier. However, the technical support is very good.
For example, the technical support has more experience in the solution, but customer support does not have more experience in the solution. Customer support does not know Orca Security in general. I think they have different skill sets.
How would you rate customer service and support?
Negative
Which solution did I use previously and why did I switch?
Orca Security is easier to use than other alternatives. You need a little skill to dominate Orca Security compared to other options. For example, when I use Prisma Cloud or Qualys solution, you need more experience. Orca Security is more user-friendly and in this case is more enjoyable.
How was the initial setup?
The deployment of Orca Security depends on the context because, for example, when I deploy in virtual machines, Kubernetes , or any resource, it is very easy. However, when I use other solutions by Orca Security, such as AppSec, it is more difficult.
What's my experience with pricing, setup cost, and licensing?
Currently the pricing for Orca Security is good, but it is probable that in the future the price will increase and I will analyze another alternative. For now, it is acceptable.
Which other solutions did I evaluate?
Similar solutions to Orca Security are Prisma Cloud, Microsoft Defender for Cloud , Wiz , and Qualys. However, I think Prisma Cloud is the same as Orca Security, but Prisma Cloud is more expensive than Orca Security.
What other advice do I have?
Cloud security analyzes vulnerabilities or alerts by IaaS or PaaS because Orca Security analyzes these items very well. Side scanning is, in my opinion, the best tool by Orca Security. However, it is necessary to deploy the sensor agent in new tools, such as Kubernetes , Lambda functions, and other services.
The sensor feature is good, but I prefer to use another alternative. For example, CSA by Cloud Security Alliance or by PCI or by CIS control is not optimized in Orca Security. I prefer to use another platform because these frameworks are more structured than Orca Security.
AppSec by Orca Security is the most interesting feature because it analyzes keys, passwords, and any methods for pull requests because it has integration with GitHub , Azure DevOps , and other platforms.
Orca Security continues to remodel the look and feel of the solution. In my opinion, it is very good. I would rate this review an eight out of ten.
reviewer2800203
Cloud posture management has improved remediation and optimizes costs with contextual risk insights
Reviewed on Jan 30, 2026
Review from a verified AWS customer
What is our primary use case?
In my previous company, I used Orca Security as a CSPM tool, which stands for Cloud Security Posture Management. The tool is very nice, and with it, we achieved a lot of our remediation activities. Orca Security looks good in terms of Kubernetes and in terms of telling us about cloud misconfigurations and many other things.
I used Orca Security for approximately one and a half years, or roughly 11 to 12 months. Orca Security proved to be a good tool in my previous company.
I did not use the Cloud to Dev feature because it was recently rolled out at that time. At that point, we were moving to secure code and code review processes.
We did not use Orca Security sensor because we installed Orca Security API integration with our Azure Entra ID, in which all devices on our cloud infrastructure were scanned every 24 hours. However, after I left, the team considered using sensors because they have some limitations, particularly on legacy devices.
What is most valuable?
The standout part of Orca Security is the package approach. When they provide remediation or alerts, they also provide the exact path for a particular vulnerability or alert. They show us the specific path that needs to be fixed in order to remove the vulnerability or alert. They provide path information directly from the systems, so sometimes we don't need to log in directly and investigate ourselves. This feature is valuable, though there are occasional false positives, which is a normal part of security.
Regarding prioritization and assigning risk, Orca Security was good at analyzing risks contextually and holistically. As the tool and product mature, they will definitely announce new features. On a scale of ten, I would rate this around seven or eight. I have not given a ten because there are a few false positives and some areas where the product needs improvement on a regular basis. Sometimes they release the product, but modifications could still be required on their side.
It is good to prioritize risks with Orca Security because they are not only targeting the CVSS score but also the EPSS, which is the Exploit Prediction Scoring System. They monitor particular assets based on both approaches. On the CVSS side, they reference the National Vulnerability Database, and on the EPSS side, they target the Exploit Prediction Scoring System. So they are targeting both risk-based approaches as well as the CVSS approach.
What needs improvement?
Since I have not used Orca Security for 10 months, I am uncertain what areas still need improvement, as they may have rolled out features that addressed issues I faced in the past. However, I can say the tool is good. A few things could potentially be improved, particularly regarding false positives and the UI. What I observed is that they release updates to the platform without notifying the customer. Every time the UI is upgraded, they release something without notification. This could be a slight improvement. If they released some kind of notification to just inform the customer about UI changes, the customer would be aware of the changes that Orca Security is making in the backend.
What do I think about the stability of the solution?
Regarding stability, I would rate Orca Security an eight.
What do I think about the scalability of the solution?
In terms of scalability, I would rate it an eight because it performed well with what I worked with at that point in time.
How are customer service and support?
I would rate the technical support of Orca Security as eight. The customer success manager was also very helpful in terms of resolving issues.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I am currently using Wiz as well, and Wiz is also good. I think both Orca Security and Wiz are comparable and can work hand-in-hand. I would not say one is better than the other. I have started using Wiz and I like it because they also do similar things. I am yet to explore more on the Wiz side of things, but both are comparable and good.
How was the initial setup?
Orca Security is deployed in the cloud.
What was our ROI?
I can say Orca Security roughly reduced the operating expenses by around 20-50%.
What's my experience with pricing, setup cost, and licensing?
Orca Security was cheap.
Which other solutions did I evaluate?
Regarding the extent to which Orca Security helps in preventing risks and attacks across application lifecycles, I think it is the same scenario because there are many CSPM tools available. We have Wiz, Orca Security, and Lacework . All CSPM tools do the same work by scanning the infrastructure and providing reports either through API or through sensors. Definitely, the risk is more important on the cloud misconfiguration side because they tell us about the misconfigurations. CSPM is not a vulnerability management tool. It is more on the cloud side where they provide misconfigurations related to that. After you have deployed something on your infrastructure or cloud infrastructure, once you put a CSPM in your infrastructure, it will tell you how effectively you can remove those misconfigurations. That is the edge that CSPM is giving.
What other advice do I have?
I would recommend Orca Security to other users because it was good at the point in time I used the product.
Regarding how Orca Security has helped reduce the time it takes to address cloud security alerts, this is a complex scenario because it is totally dependent on the situation of the alert. I cannot say it takes one or two minutes because it depends on how critical the alert is and how critical it is in our environment. Some of the time, based on our infrastructure, we have to keep things as exceptions. We cannot fix all things. But many times we got the right alert and fixed it by checking and updating the risk provided by Orca Security in my previous organization.
We used the cloud cost optimization feature and it was very effective. We used it alongside Microsoft Azure where we had a specific subscription for cloud cost optimization. They provided better features showing us which features we were not utilizing much and could turn off, or which features we were utilizing more so we could adjust the bandwidth level. For every feature there is a cost associated with it. In that way, we used it effectively.
Orca Security saves resources because it provides the actual output on the screen with the package path. The resources aspect is definitely valuable because of how it uses Linux and goes deep down into the assets. It provides that particular information directly on the portal itself.
Orca Security was used by approximately 50 to 100 users. I believe Orca Security was purchased through the AWS Marketplace .
I rate Orca Security an overall eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
DARSHAN-R
Agentless cloud security has provided deep visibility and now simplifies risk prioritization
Reviewed on Jan 26, 2026
Review from a verified AWS customer
What is our primary use case?
In my previous organization, where I worked with Orca Security , it was a product-based company, and only a select few, such as our CISO and cybersecurity architect, had admin access. The rest of us had read-only access as analysts, and the tool was deployed across all our EC2 instances.
I did not have any exposure in deploying or developing with Orca Security , as I was just analyzing the alerts, which included Sophos and Orca Security alerts. We had access to the Orca Security dashboard where we received alerts, and my company was a product-based company securing our infrastructure using Orca Security. I did not have any experience or exposure in deploying Orca Security, but I had experience in deploying Wazuh in many AWS accounts, adding agents to those accounts.
I monitor cloud assets for misconfigurations or vulnerabilities, and Orca Security connects to AWS via API permissions instead of deploying agents or running servers as CrowdStrike does. We use side-scanning to analyze snapshots and metadata, build attack paths, and prioritize risk based on exploitability.
What is most valuable?
My experience with Orca Security is recent, as I used it about two months back while still in the previous organization, and I have recently switched jobs.
In my opinion, the best features of Orca Security are that it is very easy to deploy, primarily because it does not have agents, which are used in many other SIEM solutions or security solutions such as SentinelOne, Sentinel , Wazuh , or AlienVault . Those benefits include faster onboarding and reduced alert noise via intelligent prioritization. It also has better DevSecOps integrations with code scanning and SDLC visibility. The main advantages are that it is easy to set up with user-friendly dashboards, and the agentless design reduces operational friction. It also offers excellent visibility and exhaustive scanning of the cloud accounts, and Orca Security can be used on any cloud platform, whether it is AWS, Azure , GCP, or Oracle.
Using Orca Sensors has been beneficial since by default, Orca Security's cloud platform employs a side-scanning technology that connects cloud accounts via APIs. It offers workload block storage without needing to deploy a traditional agent on each workload. Orca Sensor is a lightweight sensor designed to supplement the agentless platform with runtime visibility. It uses EBPF for deep system-level observability, making it easy to deploy. The reason we use Orca Sensor is that it provides broad cloud-wide visibility and prioritized risk. Orca Sensor adds real-time monitoring and detects malicious behavior similar to other SIEM products. By using Orca Sensor, we can confirm if potential vulnerable code is executed in runtime. There are many features for Orca Sensors, as it fits into an agentless model, is easy to deploy via cloud APIs, and offers deep, real-time processing and network visibility.
Providing runtime visibility with Orca Sensor has been effective, as it complements Orca Security's core platform, which uses agentless side-scanning. This allows us to see what processes are running and detect real-time threats such as malware execution or privilege escalation. The hybrid approach lets organizations maintain agentless coverage for the entire cloud estate while applying deep runtime protection to critical workloads.
Prioritizing risks using Orca Security is generally easy and effective, especially compared to other tools I have used such as SentinelOne and Sentinel . Orca Security provides a risk score for everything, including attack path visualization and business impact context. This helps us propose risks while correlating multiple signals such as common CVEs and cloud misconfigurations. For example, a public EC2 instance with an admin IAM role running malicious scripts could be a critical risk. Compared to other cybersecurity tools, Orca Security's agentless architecture enhances its risk prioritization capabilities.
I have not seen many alerts in Orca Security during my tenure since the architecture was well-structured by our cybersecurity architect, leading to very few alerts. Some alerts were related to possibly malicious activity installed by our team or older versions of Java. However, I believe that Orca Security reduces alert volume because it combines vulnerability data into a unified view, speeding up cloud security workflow. It significantly reduces alert noise and accelerates alert handling by correlating risks with workloads, showing prioritized issues so the team can focus on remediation.
What needs improvement?
In my opinion, after using Orca Security for seven to eight months, areas for improvement could include automating processes as other solutions do. I have a background in automation and think that if Orca Security had its own automation capabilities for repetitive tasks, it could enhance the user experience. The dashboards and reports focus on security and are strong, but automation remains my suggestion for improvement.
The workflow and automation aspect would be beneficial, similar to having playbooks indicating steps for alerts, such as creating tickets or providing remediation steps that could be automated.
The only limitation I see is in auto-remediation capabilities, but Orca Security excels in risk prioritization and has a balance of visibility and operational efficiency.
For how long have I used the solution?
I have been working with Orca Security for around seven to eight months in my previous organization.
What do I think about the stability of the solution?
For stability, I would rate Orca Security an eight or nine, as I have not experienced any downtime, bugs, or glitches.
What do I think about the scalability of the solution?
I find Orca Security to be scalable, as it takes very little time to deploy, and I would give it a ten for scalability.
What about the implementation team?
I was not a part of the deployment team; I was just an analyst trying to explore the tool. When Orca Security came online, it was seamless, as we had been informed beforehand.
Which other solutions did I evaluate?
When comparing Orca Security with other solutions, the main advantage is its agentless architecture, which I find to be a significant unique selling point. Deploying other tools such as Wazuh involves manual commands and server creation, whereas Orca Security is easier to manage. While there are other agentless architectures, such as Wiz , they lack some of the features such as side-scanning that Orca Security offers.
What other advice do I have?
Regarding the cloud cost optimization feature in Orca Security, I have not explored it yet, and I would not be the right person to answer questions about it, as I am not aware of it.
I am not aware of any maintenance requirements for Orca Security, as I have not received any communication regarding maintenance from the team.
I would recommend Orca Security to other users, especially for cloud users, as it is easy to deploy. For small organizations, I would give it a ten, highlighting its agentless architecture that simplifies maintenance.
Overall, comparing to other tools, I would rate Orca Security around an eight or nine, primarily due to its agentless architecture, so I would say nine. My overall review rating for Orca Security is nine.
In my assessment, the risk detection and identification capabilities of Orca Security are very good, accurately reflecting vulnerabilities and processes running in the backend. The risk score provided is also very impressive.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)