I use Orca Security as a CSPM tool primarily for cloud security and posture management. I utilize its CIEM and CDR features extensively. CIEM focuses on cloud infrastructure and entitlement management, and CDR deals with cloud detection and response.
Orca Security CNAPP Cloud Security Platform
Orca Security CNAPPExternal reviews
224 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Interesting vision
What do you like best about the product?
Risk oriented and vision to instantiate the risk with dynamic tools.
What do you dislike about the product?
KSPM might not be at par with some others
What problems is the product solving and how is that benefiting you?
Reducing alert fatigue and risk prioritisation
Cloud Security Architect
What do you like best about the product?
Alerts and Vulnerability
Malware files and the way presenting the attack paths.
Malware files and the way presenting the attack paths.
What do you dislike about the product?
Vulnerable package are not showing whether it's in use or not. Sometimes orca is detecting that stored files are vulnerable even though those flat files.
What problems is the product solving and how is that benefiting you?
As of now we are handling the alerts in good way and sometimes hard to handle the vulnerabilities.
Orca As an MSP
What do you like best about the product?
The platform is intuitive and clear with representing cloud findings. Providing valuable context to our customers and allowing improvement in cloud security posture. Easy and quick to implement with strong customer support team.
What do you dislike about the product?
Issues with the significant amount of data brought back from the platform can be slightly daunting but valuable in the long run.
What problems is the product solving and how is that benefiting you?
Identifying vulnerabilities and cloud issues within cloud environments.
Great product with interesting product roadmap
What do you like best about the product?
It's simplicity and understanding of what its customers want out of the product
What do you dislike about the product?
What i dislike about Orca is that its scheduled reporting lost some features
What problems is the product solving and how is that benefiting you?
Orca is identifying the vulnerabilities in the organization's cloud environment which allows me to prioritize and remediate those vulnerabilities
Orca Security implementation in our ecosystem
What do you like best about the product?
Regular addition of new features
Everything is accessible by API
very intituive
Plug and play, user friendly and ergonomic
Partnership and relationship
Product evolution according to our needs
Everything is accessible by API
very intituive
Plug and play, user friendly and ergonomic
Partnership and relationship
Product evolution according to our needs
What do you dislike about the product?
RBAC model not enough granular
Not possible to have a deep hierarchical organization
Not possible to cusotmize the export feature
Limited automation of processes for compliance
Not possible to have a deep hierarchical organization
Not possible to cusotmize the export feature
Limited automation of processes for compliance
What problems is the product solving and how is that benefiting you?
Cloud visibility
Comprehensive tool at a very affordable price-point
What do you like best about the product?
Orca security has basically anything we could think of interms of CNAPP and CSPM capabilities. It gives us valuable insight and is truly an all in one cloud security package.
What do you dislike about the product?
We have not found many downsides of using Orca security, the only I could think of is the needd for competely different portals for our govcloud environments.
What problems is the product solving and how is that benefiting you?
Visibility, visibility, visibility. It is very hard to have accurate inventory without a specialized tool like orca. We are now able to see our infrastructure and how it is configured in a single pane of glass.
Orca is a game changer with Observability
What do you like best about the product?
Orca has really been a game changer helping accelerate our observably and security journey. The AI assisted search has increased our ability to quickly find and identify resources within our cloud subscriptions and identify vulnerabilities.
What do you dislike about the product?
The only missing offering is a cached dashboard to be used on team area kiosk dashboards within the team areas and displaying only that business unit's information.
What problems is the product solving and how is that benefiting you?
Security and observability in our multiple cloud subscriptions and environments.
Orca Security has led us to a greatly improved cloud security posture within days of use.
What do you like best about the product?
The interface is very intuitive and there was not a learning curve at all. Being able to create reports on pretty much any dashboard has been very helpful. Vulnerabilities and misconfigurations found by Orca give us more than enough information to be handed to our development team for remediation without having to do any additional research. Overall, this is a very well thought out platform.
What do you dislike about the product?
I honestly have not found anything I dislike yet.
What problems is the product solving and how is that benefiting you?
It was a very painful process to search for misconfigurations with IAM and networking in our environment. Orca has given us a way to have all of the data we need without having to spend hours searching and it most cases gives the instructions needed to remediate. It has also helped us add more shift left into our development process.
Maximize cloud security management with effective CIEM and CDR features
What is our primary use case?
What is most valuable?
I find Orca Security's CIEM feature invaluable, as it focuses on entitlement and posture management, identifying assets with older OS versions, and asset misconfiguration.
The CDR feature is also critical, focusing on detection and response, triggering alerts like brute force attacks and malware. It provides alert and asset details, which include multiple remediation actions. It combines functionalities of multiple security tools and collects alerts and logs from them.
What needs improvement?
A notable limitation with Orca Security is its scanning feature. The automatic scan only runs every 24 hours, and if an alert is remediated within an hour, it still remains until the next scheduled scan. A more frequent or on-demand scanning option might mitigate this issue.
For how long have I used the solution?
I've been using Orca Security for one and a half years.
What do I think about the stability of the solution?
The stability of Orca Security is satisfactory, and I would rate it nine out of ten. I have experienced very little downtime.
What do I think about the scalability of the solution?
Orca Security is highly scalable, and I would rate its scalability as eight to nine. I have observed minimal downtime.
How are customer service and support?
I have had experiences where I needed to contact Orca support to address issues with alerts that remained active even after remediation. Based on my interactions, I would rate the support team a six out of ten.
How would you rate customer service and support?
Neutral
What's my experience with pricing, setup cost, and licensing?
Orca Security's pricing is known to be a bit high, however, I'm not directly involved in that aspect.
Which other solutions did I evaluate?
I have not used any alternatives to Orca Security.
What other advice do I have?
I would rate Orca Security overall as eight out of ten.
Agent-less Solutions, easy onboard, powerful CNAPP
What do you like best about the product?
Easy Onboarding, I don't need consider the agent implementation plan, or any rollback plan if any bad thing happens.
What do you dislike about the product?
lack of sandbox, or real-time protection
What problems is the product solving and how is that benefiting you?
Orca Security enhances cloud security by leveraging CNAPP benefits, offering comprehensive visibility and protection across environments. This approach enables organizations to identify vulnerabilities, prioritize risks, and ensure compliance, all while streamlining security operations and improving response times. Most important things are 1) no agent, I don't need to take care the installation and compatibility issues, 2) it helps me to prioritize the alerts and risks that I need deal with them immediately.
showing 11 - 20