Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
An invaluable tool for taming our cloud estate
What do you like best about the product?
When we started using Orca, our cloud estate was in disarray. Our developers had run wild. Before making a run at a disciplined environment, our users had tinkered and deployed in their individual accounts and in our shared production environment. After a couple of years of wild growth, we were introduced to Orca. After an incredibly easy setup, Orca immediately brought into focus how seriously exposed some of our assets were. We were able to address these quickly. We even caught a live breach in our sandbox environment during our evaluation period!
So the best part of Orca is the tool itself, its ease of use and detail. But a close second is the people behind it. Our cadence calls keep us informed and give us a chance to provide feedback and ask questions -- to which there are always fast answers. In our case, these have led to a few product improvements that have made Orca even better.
So the best part of Orca is the tool itself, its ease of use and detail. But a close second is the people behind it. Our cadence calls keep us informed and give us a chance to provide feedback and ask questions -- to which there are always fast answers. In our case, these have led to a few product improvements that have made Orca even better.
What do you dislike about the product?
It's hard to find fault with a tool that has helped us so much. At first, I found the interface a little unwieldy and confusing, but continued use led to clarity and comfort.
What problems is the product solving and how is that benefiting you?
- Telling us where serious (and minor) security holes exist
- Locating and identifying unused assets that can be removed (reducing those AWS and Google Cloud bills!)
- Enumerating over-permitted users, groups and roles
- Spelling out (via attack vectors) exactly how an alerting asset can lead to exposure
- Near future: Providing compliance guidance
- Locating and identifying unused assets that can be removed (reducing those AWS and Google Cloud bills!)
- Enumerating over-permitted users, groups and roles
- Spelling out (via attack vectors) exactly how an alerting asset can lead to exposure
- Near future: Providing compliance guidance
- Leave a Comment |
- Mark review as helpful
Easy to use, comprehensive platform
What do you like best about the product?
The onboarding experience is simple and the initial results are available very fast. The remediations are reflected within 24 hrs.
What do you dislike about the product?
Multisubscription onboarding is not super straight forward
What problems is the product solving and how is that benefiting you?
The solution provides visibility into the risks that exist with cloud implementations.
Powerful platform, lots of capabilities with a few rough edges
What do you like best about the product?
Orca is an excellent platform for assessing the security posture of all your cloud accounts in a single interface. The tool easily integrates with cloud accounts from AWS, GCP, Azure and more and makes it easy to scan those accounts for poor configurations, misconfigurations, security problems, etc.
In addition, the "side-scanning" feature for performing vulnerability scanning on your compute instances is compelling and has zero impact on your running workloads.
In addition, the "side-scanning" feature for performing vulnerability scanning on your compute instances is compelling and has zero impact on your running workloads.
What do you dislike about the product?
There are a few areas where the development of the tool lags behind what I would like to see. For example, there is a great feature to group cloud accounts by business unit, but you can't leverage that business unit association in many of the reports yet. For example, want to see an inventory of VMs grouped by Business Unit? Can't do it....in fact, the business unit field isn't available in the inventory report at all. The Orca team has told me that this feature is coming very soon, and based on past experience, I believe they will eventually deliver this capability.
What problems is the product solving and how is that benefiting you?
Main problems the tool is allowing me to solve:
1) Assess configuration of cloud accounts against industry standard security baselines as well as against custom baselines that I've created based on my business needs
2) Scan Virtual Machines for vulnerabilities, malware, missing patches etc. without having to directly scan a running VM.
3) build alerts based on governance rules that I have in place for my business and generate notifications to my ticketing system when there are violations.
1) Assess configuration of cloud accounts against industry standard security baselines as well as against custom baselines that I've created based on my business needs
2) Scan Virtual Machines for vulnerabilities, malware, missing patches etc. without having to directly scan a running VM.
3) build alerts based on governance rules that I have in place for my business and generate notifications to my ticketing system when there are violations.
Excellent CSPM/CWPP with great onboarding and features
What do you like best about the product?
100% visibility into cloud assets with both broad and deep vulnerability detection (along with contextual information to assist in prioritization).
What do you dislike about the product?
Findings aren't grouped for scaled assets so alert volume can rapidly increase
What problems is the product solving and how is that benefiting you?
We needed full cloud asset visibility and automatic vulnerability detection. We're working towards automatic remediation and shifting left, both of which are Orca features.
Very informative tool and helps to protect the cloud environment
What do you like best about the product?
The graphic UI and the ability to provide insights about vulnerabilities on OS level without installing an agent
What do you dislike about the product?
Integrations might take a bout time to configure
What problems is the product solving and how is that benefiting you?
Cloud security posture management, ability to oversee everything that happens on cloud infra
Great product with great support
What do you like best about the product?
1. Deployment & integration - easy to deploy in all of your cloud accounts no matter if AWS/Azure.
2. Support - technical support are on call and ready to provide the user with anything he might have on his mind and also open jira requests on their side to fix/add features.
2. Support - technical support are on call and ready to provide the user with anything he might have on his mind and also open jira requests on their side to fix/add features.
What do you dislike about the product?
1. Bugs - there are some bugs in a few features that are a bit confusing but until I report about it its already fixed or requested already via jira
2. network exposure - need some work on the graphical side and network exposure side for inventory and architecture diagrams
2. network exposure - need some work on the graphical side and network exposure side for inventory and architecture diagrams
What problems is the product solving and how is that benefiting you?
overall vulnerabilities management in the cloud derives from old packages and bad hygiene of infrastructure configurations.
Also dealing with compliance frameworks and being mindful about fixing related issues.
Also dealing with compliance frameworks and being mindful about fixing related issues.
Orca - The Cloud Security Posture Management Tool that does more than you could ever imagine!
What do you like best about the product?
The support from the team is incredible, the dashboard and tool is incredibly user friendly, and the new developments are on point to what is needed to protect your cloud environment.
What do you dislike about the product?
There is nothing to dislike; the team is accommodating on price. They also listen to their customer on development opportunities. Will be keen to see what integrations occur in the future.
What problems is the product solving and how is that benefiting you?
It gives our organization visibility into our cloud security posture. On top of that, it also helps the security team identify where an asset is and who owns it, driving efficiencies in threat remediation.
Great vulnerability management platform
What do you like best about the product?
Orca Security is revolutionizing cloud security with its innovative features, including the newly introduced shift-left functionality and AI-driven analysis. This shift-left approach allows for early scanning of code security, significantly reducing vulnerabilities in the development phase. Coupled with AI features, Orca provides a more intelligent and proactive security posture.
What do you dislike about the product?
Wish for more automatic remediation options.
What problems is the product solving and how is that benefiting you?
Vulnerabilitymanagement, FIM, code scanning, among others
Consolidation of different tools in one dashboard (integrations)
Consolidation of different tools in one dashboard (integrations)
Orca Security Ahead of the Rest!
What do you like best about the product?
The most important consideration for us to use Orca Security was their "Side-scanning Technology". No agents on endpoints, no sensors to manage, and no added containers that only add to our cloud spend.
What do you dislike about the product?
At this time I really don't have anything I dislike, but the software provides a TON of information, so if I had to pick something I would say it's a bit of information overload, but I think that will be less of an issue as we use it more and remediate more issues.
What problems is the product solving and how is that benefiting you?
Orca Security is providing several use case solutions. First, it's solving several compliance requirements from endpoint security, IDS functionality, File Integrity Monitoring and internal vulnerablity scanning. It also integrates with Jira, Slack, our CI/CD pipeline (via Github Actions) and other areas. The new API security dashboard is an awesome new enhancement. Total security package.
Orca is a one-of-a-kind platform that is lightweight, easy to setup, and incredibly useful.
What do you like best about the product?
Orca makes it easy for me to collaborate across teams to remediate issues in our cloud environments. The UI and integrations are simple to use and make it easy to find what is most important for us to work on.
What do you dislike about the product?
Orca is fast growing, and with that comes the growing pains of new features and the resulting pitfalls. The new features don't always work as expected, but their support quickly responds and assists with any issues we may have.
What problems is the product solving and how is that benefiting you?
Orca solves the problem of monitoring our cloud workloads for vulnerabilities or security misconfigurations. It also helps us prioritize what issues to work on first.
showing 131 - 140