Orca Security CNAPP Cloud Security Platform
Orca Security CNAPPExternal reviews
237 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Orca Security’s Agentless Side-Scanning Makes Multi-Cloud Deployments Easy
What do you like best about the product?
We manage multiple client cloud environments, and Orca Security’s side-scanning technology is a major advantage for our deployment teams because it is completely agentless. We don’t have to spend weeks negotiating with the client’s internal developers to install security agents on the workloads. Instead, we simply connect Orca to the AWS or Azure accounts via the IAM role.
What do you dislike about the product?
Managing multi-tenant environments is a little hard in this. We can have separate client environments, but the overall dashboard approach doesn’t provide a clear multi-tenant view.
What problems is the product solving and how is that benefiting you?
Onboarding new clients for cloud security assessments used to be a highly abrasive process, filled with technical friction. Otrca solves this by providing instantaneous, zero-impact visibility.
Agentless Scanning That Makes Cloud Security Manageable
What do you like best about the product?
Agentless scanning is ideal because getting hundreds of independent research departments to install a security agent in their cloud environments is basically impossible. Orca side-scanning also helps us identify unpatched operating systems and exposed databases.
What do you dislike about the product?
The alert noise caused by forgotten projects is a constant struggle. Faculty members often leave the lab server running for years after a grant expires, and the platform ends up flagging very outdated libraries as critical vulnerabilities.
What problems is the product solving and how is that benefiting you?
We suffer from an incredibly decentralized cloud usage setup: dozens of departments, each with their own cloud space and their own grant money. This has created a massive shadow IT problem. Orc connects at the root level and instantly shows us every misconfigured storage bucket or other workload storing sensitive academic data.
Agentless Workload Scanning with Solid Coverage
What do you like best about the product?
We rely on Orca for workload scanning and for identifying exposed credentials. Its side-scanning approach provides solid coverage without adding agents or impacting performance.
What do you dislike about the product?
The initial scan produced a very large number of findings, and it took time to go through them and decide which ones were relevant.
What problems is the product solving and how is that benefiting you?
We needed better visibility into our cloud environment, along with a clearer way to properly prioritize the security issues.
Orca Unifies Scanning, Compliance, and Risk Assessment in One Platform
What do you like best about the product?
Orca has vulnerability scanning, compliance checks, and risk assessment in a single platform, which has made a big difference for our team. Previously, we were using multiple tools and then trying to combine the reports manually.
What do you dislike about the product?
There were so many alerts because the platform shows everything it finds. We need to tune it for better performance.
What problems is the product solving and how is that benefiting you?
We needed better visibility into our cloud environment, along with a way to properly prioritize security issues.
Agentless Orc Delivers Easy Cloud Integration and Broad Workload Visibility
What do you like best about the product?
The agentless model makes Orc easier to integrate into our cloud because we didn’t have to deploy agents on every workload or server. It also gives us visibility across all workloads, including storage, virtual machines, and cloud configurations.
What do you dislike about the product?
At the beginning, we received many alerts until we adjusted our policies and the alert threshold to better match our environment and our actual risk level.
What problems is the product solving and how is that benefiting you?
We needed better visibility into our cloud environment, along with a clearer way to properly prioritize the security issues.
Orca Security Simplifies Cloud Security Management at Scale
What do you like best about the product?
Orca Security simplifies cloud security management at scale. The agentless scanning provides complete coverage, from workloads to configurations and secrets, without deploying agents across hundreds of instances. The contextual risk scoring and prioritized alerts have now reduced
What do you dislike about the product?
At the beginning, there were a lot of alerts, but that issue has been resolved now.
What problems is the product solving and how is that benefiting you?
We needed better prioritization of our security risk, so we chose Orca.
Seamless Side-Scanning and Unified Multi-Cloud Security Visibility
What do you like best about the product?
We adopted Orca Security to unify security across AWS, Azure, and GCP. The side-scanning approach is very seamless and doesn’t impact performance, which was important for our production environment. We now have continuous visibility into vulnerabilities, misconfigurations, and data exposure across multiple cloud platforms, all in one place.
What do you dislike about the product?
The initial setup required the right permissions and configuration for each cloud provider, so the deployment took planning and close coordination between teams.
What problems is the product solving and how is that benefiting you?
We needed centralized cloud security visibility across multiple providers, and this has reduced the time we spent tracking risks manually.
Fast, Agentless Cloud Visibility for Migration Risk Assessment
What do you like best about the product?
This gives visibility into a cloud environment without installing agents. During cloud migration projects, we often need to assess a client’s environment quickly to identify risks and exposed storage. Instead of deploying multiple tools, we can connect to the cloud account in a short time and get the information we need.
What do you dislike about the product?
The dashboard shows a lot of information, which is good, but it doesn’t feel very beginner-friendly.
What problems is the product solving and how is that benefiting you?
We needed a faster, more efficient way to assess security risk in our clients’ cloud environments during migration and audit projects.
Agentless Visibility with Actionable, Context-Rich Alerts
What do you like best about the product?
The agentless visibility across workloads is a major advantage. It performs well across our mix of containers, VMs, and serverless environments. Alerts are contextual and include clear remediation guidance, which makes them far more actionable than a typical CVE list.
What do you dislike about the product?
There’s a bit of a learning curve when you first start navigating the platform. Also, some of the remediation suggestions could be better tailored to specific environments.
What problems is the product solving and how is that benefiting you?
It gives us a unified view of risks across all workloads, instead of having to rely on multiple tools. We can focus on the most important, prioritized issues rather than spending time sorting through long lists of findings. Overall, it has improved our efficiency and shortened our response time.
Agentless Setup and Unified Cloud Risk Visibility in One Place
What do you like best about the product?
The biggest advantage for us is the agentless setup. We didn’t have to install anything on our workloads, which saved a lot of time and helped us avoid disruption. The side-scanning provides full visibility into vulnerabilities, misconfigurations, and exposed secrets across all of our cloud accounts. I also like that everything is presented in one place, which makes it easier to understand our overall risk posture and see where we need to focus.
What do you dislike about the product?
The platform is very feature-rich, so it takes a bit of time to get fully comfortable with all the different views and capabilities. A few dashboards could be simplified to make navigation quicker and more intuitive, especially for new users who are still learning their way around.
What problems is the product solving and how is that benefiting you?
It addresses the challenge of managing cloud security across multiple environments without adding operational overhead. We now have continuous monitoring across our cloud infrastructure, and we can do it without touching production systems. It also helps us quickly identify and prioritize real risks, so we’re not stuck chasing every alert.
showing 1 - 10