Orca Security CNAPP Cloud Security Platform
Orca Security CNAPPExternal reviews
227 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Probably the best Cloud Native Application Protection Platform on the market
What do you like best about the product?
Orca's agentless side-scanning techniques mean that all assets are automatically scanned - even if not running. Their dashboards provide an intuitive, easy to digest view of the current state of application security without being swamped by alerts and information. Orca provides an excellent way of producing an inventory of assets - particularly useful for ephemeral assets that are perpetually being created and destroyed. The compliance feature is also useful for auditing purposes. The recently introduced attack paths feature shows graphically how an attacker could gain access and potentially pivot through the system.
What do you dislike about the product?
Because of the way Orca's side-scanning technology works using snapshots, the downside is that the scanning is not performed in real-time so cannot provide true xDR capabilities. It would also be useful if older alerts were automatically dismissed after a while when the vulnerability is no longer detected. This would help to reduce the total number of vulnerabilities and alerts that are displayed in the dashboards.
What problems is the product solving and how is that benefiting you?
Orca solves several problems we regularly face including producing asset inventories, helping with compliance, and providing focussed mitigation of security vulnerabilities. Orca's dashboards provide the necessary insights into the latest threats to allow a more focused application of security resources.
Recommendations to others considering the product:
Orca is a great product that can help with your organization's application security and governance.
Very quick implementation and great visibility.
What do you like best about the product?
Their data posture has been a good update. Further attack path visibility is a great help.
What do you dislike about the product?
Not as much advancement in vulnerability validations as I would like to see but great product.
What problems is the product solving and how is that benefiting you?
Configuration vulnerabilities is a primary business use. On three occasions, Orca identified malware that landed on a server. One occasion it was a completely exposed server that was spun up for weekend testing.
Orca is awesome for multi cloud strategy
What do you like best about the product?
Multicloud
Usability
Risk management
Prioritization scale
Usability
Risk management
Prioritization scale
What do you dislike about the product?
So far it seems Orca does not yet have an advanced CIEM capability
What problems is the product solving and how is that benefiting you?
Cloud security posture management
Vulnerability management
Multicloud security
CWPP
Vulnerability management
Multicloud security
CWPP
Orca Security Review - Cloud Scanning
What do you like best about the product?
The ability for Orca to scan cloud compute instances without agents and Orca's constant updates, including cloud security posture management.
What do you dislike about the product?
There are a lot of sub-menus on the website, and it's hard to discover what you're looking for initially.
What problems is the product solving and how is that benefiting you?
Scanning EC2 instances dynamically without the need for agents. Orca uses AWS account access to scan EC2 instances without agents.
Very Useful tool
What do you like best about the product?
1.It is very quick and easy while deploying.
2.it has SaaS model.
3. Easy to setup.
2.it has SaaS model.
3. Easy to setup.
What do you dislike about the product?
UI can be improved a bit.
Also, I find it's a bit costly for their new technology.
Also, I find it's a bit costly for their new technology.
What problems is the product solving and how is that benefiting you?
It gives full visibility towards our account. We can access, add additional capabilities.
I also use this for vulnerability management.
I also use this for vulnerability management.
Orca Security - very useful tool!
What do you like best about the product?
It is incredibly thorough and scans so many resources. As you don't need to install agents onto all of your instances, it is painless to set up, allowing for quick onboarding.
There is a deep JIRA integration which helps me action findings quickly and to the right team.
The UI is modern and well-designed.
There is a deep JIRA integration which helps me action findings quickly and to the right team.
The UI is modern and well-designed.
What do you dislike about the product?
There is a lot of information presented which can be hard to jump into sometimes, it can talk some time to navigate the product but the vast amount of data and insight is invaluable and outweighs this drawback.
What problems is the product solving and how is that benefiting you?
I work on the infosec team at my company as a Program Manager, I use Orca to assess our vulnerabilities help me prioritize the most important work for the Engineering and Operations teams.
The basis of my cloud security strategy.
What do you like best about the product?
How easy it was to implement and operationalize. When you're dealing with the cloud agents suck and frankly getting to a point where you have full coverage can be very difficult but not with Orca.
What do you dislike about the product?
The only thing I could possibly say is that the risk categorization takes some getting used to (Compromised, Imminent Compromise, Hazardous)
What problems is the product solving and how is that benefiting you?
Recently I shared with an interested party who asked me this question and I found nine different and unique things that Orca had shown me in just four months.
Review
What do you like best about the product?
Inventory of all resources not just VM's
What do you dislike about the product?
So far there really is not anything notable that we do not like.
What problems is the product solving and how is that benefiting you?
Cloud resource inventory - We cannot secure what we do not know about.
Recommendations to others considering the product:
Do a PoC and it will prove itself by finding things you are missing today.
Up and coming VM Security product
What do you like best about the product?
Exceptionally easy to onboard accounts for cloud providers. Orca enumerates assets throughout the cloud accounts with a simple service account which reduces the likelihood of overlooking assets or of Shadow IT.
What do you dislike about the product?
Vulnerabilities that are remediated either vanish without record or remain with no indication that they have been remediated. It is not very clear when a scan was last run or if a scan is currently running. There were some false positives and some assets were incorrectly marked as being Internet facing.
What problems is the product solving and how is that benefiting you?
We use Orca security to provide vulnerability management and cloud posture management for some AWS accounts.
Agent less solution is the future in security vulnerability and container security monitoring.
What do you like best about the product?
Agent less no installation required. Simple 3 step process to connect the account and start monitoring. Very extensive deep insight into install packages within container. Clear categorization of alerts as Imminent compromises, Hazardous, Informational with color coding for clear visibility. Also builds digital asset inventory for tracking different types cloud based assets ex: S3 buckets, EC2 instances.
Very easy to connect multiple accounts across AWS, Azure, GCP.
Under Vulnerability management some of the key features to highlight are Asset Discovery, Asset Tagging, Network Scanning, Patch Management,Vulnerability Assessment,Web Scanning, Risk Management and Policy Management.
Couple of the key cloud security features to highlight are Endpoint Management,Threat Intelligence,Vulnerability Management,
Intrusion Detection System, Behavioral Analytics, Encryption and Application Security. Ease of integration was one of the reason to consider Orca security solution.
Very easy to connect multiple accounts across AWS, Azure, GCP.
Under Vulnerability management some of the key features to highlight are Asset Discovery, Asset Tagging, Network Scanning, Patch Management,Vulnerability Assessment,Web Scanning, Risk Management and Policy Management.
Couple of the key cloud security features to highlight are Endpoint Management,Threat Intelligence,Vulnerability Management,
Intrusion Detection System, Behavioral Analytics, Encryption and Application Security. Ease of integration was one of the reason to consider Orca security solution.
What do you dislike about the product?
Not real time. This is near real time solution dependent on how frequently scanning is performed. VM specific details if consolidated as actionable insights will be very helpful to narrow our focus to relevant issues (ex: identified affected packages within a container is great, giving link to specific patches will be very helpful.
What problems is the product solving and how is that benefiting you?
We were trying to solve container security challenges. Actively monitoring what is going on within container. Benefit of agent less solution is two fold, 1) Do not have to install agents on the host machine. 2) Effective in monitoring workloads running in managed containers.
Orca security, ability of side-scanning technology examines block storage out of band via a software-as-a-service (SaaS) platform.
Orca security, ability of side-scanning technology examines block storage out of band via a software-as-a-service (SaaS) platform.
Recommendations to others considering the product:
If you are looking for agent less solution. Orca Security is go to solution.
showing 101 - 110