I use Orca Security as a CSPM tool primarily for cloud security and posture management. I utilize its CIEM and CDR features extensively. CIEM focuses on cloud infrastructure and entitlement management, and CDR deals with cloud detection and response.
Orca Security CNAPP Cloud Security Platform
Orca Security CNAPPExternal reviews
227 reviews
from
and
External reviews are not included in the AWS star rating for the product.
A powerfule security tool for all cloud environments
What do you like best about the product?
Orca enabled us to have full visibility into our cloud environment. It is a powerful tool that provides the necessary details to properly secure your infrastructure. It gives you consistent up-to-date information. It is an incredibly easy to use platform. We were able to implement and start getting results within 24 hours. Orca is also extremely scalable.
What do you dislike about the product?
Orca provides a lot of information and can result in alert fatigue. There are some areas with vulnerability management that they can do better on. For instance, having the ability to not alert on vulnerabilities that are superseded.
What problems is the product solving and how is that benefiting you?
Orca is giving us a single pane of glass into our cloud environment. It gives us very detailed information on security alerts and our vulnerability posture.
Interesting vision
What do you like best about the product?
Risk oriented and vision to instantiate the risk with dynamic tools.
What do you dislike about the product?
KSPM might not be at par with some others
What problems is the product solving and how is that benefiting you?
Reducing alert fatigue and risk prioritisation
Cloud Security Architect
What do you like best about the product?
Alerts and Vulnerability
Malware files and the way presenting the attack paths.
Malware files and the way presenting the attack paths.
What do you dislike about the product?
Vulnerable package are not showing whether it's in use or not. Sometimes orca is detecting that stored files are vulnerable even though those flat files.
What problems is the product solving and how is that benefiting you?
As of now we are handling the alerts in good way and sometimes hard to handle the vulnerabilities.
Orca As an MSP
What do you like best about the product?
The platform is intuitive and clear with representing cloud findings. Providing valuable context to our customers and allowing improvement in cloud security posture. Easy and quick to implement with strong customer support team.
What do you dislike about the product?
Issues with the significant amount of data brought back from the platform can be slightly daunting but valuable in the long run.
What problems is the product solving and how is that benefiting you?
Identifying vulnerabilities and cloud issues within cloud environments.
Maximize cloud security management with effective CIEM and CDR features
What is our primary use case?
What is most valuable?
I find Orca Security's CIEM feature invaluable, as it focuses on entitlement and posture management, identifying assets with older OS versions, and asset misconfiguration.
The CDR feature is also critical, focusing on detection and response, triggering alerts like brute force attacks and malware. It provides alert and asset details, which include multiple remediation actions. It combines functionalities of multiple security tools and collects alerts and logs from them.
What needs improvement?
A notable limitation with Orca Security is its scanning feature. The automatic scan only runs every 24 hours, and if an alert is remediated within an hour, it still remains until the next scheduled scan. A more frequent or on-demand scanning option might mitigate this issue.
For how long have I used the solution?
I've been using Orca Security for one and a half years.
What do I think about the stability of the solution?
The stability of Orca Security is satisfactory, and I would rate it nine out of ten. I have experienced very little downtime.
What do I think about the scalability of the solution?
Orca Security is highly scalable, and I would rate its scalability as eight to nine. I have observed minimal downtime.
How are customer service and support?
I have had experiences where I needed to contact Orca support to address issues with alerts that remained active even after remediation. Based on my interactions, I would rate the support team a six out of ten.
How would you rate customer service and support?
Neutral
What's my experience with pricing, setup cost, and licensing?
Orca Security's pricing is known to be a bit high, however, I'm not directly involved in that aspect.
Which other solutions did I evaluate?
I have not used any alternatives to Orca Security.
What other advice do I have?
I would rate Orca Security overall as eight out of ten.
Agent-less Solutions, easy onboard, powerful CNAPP
What do you like best about the product?
Easy Onboarding, I don't need consider the agent implementation plan, or any rollback plan if any bad thing happens.
What do you dislike about the product?
lack of sandbox, or real-time protection
What problems is the product solving and how is that benefiting you?
Orca Security enhances cloud security by leveraging CNAPP benefits, offering comprehensive visibility and protection across environments. This approach enables organizations to identify vulnerabilities, prioritize risks, and ensure compliance, all while streamlining security operations and improving response times. Most important things are 1) no agent, I don't need to take care the installation and compatibility issues, 2) it helps me to prioritize the alerts and risks that I need deal with them immediately.
Seamless integration and side scanning optimize cloud security management
What is our primary use case?
I am primarily using Orca Security for cloud security. Being part of the vulnerability management team, I utilize Orca Security for generating vulnerability alerts on cloud assets.
What is most valuable?
One aspect that stands out is the seamless integration. Once our organization is configured, any cloud account under that organization is automatically detected in Orca Security, along with all the assets associated with it.
Another valuable feature is the side scanning technology using a snapshot mechanism. This technology allows for coverage of almost all cloud assets without interrupting their operations.
What needs improvement?
Orca Security could improve its ticket creation process. Currently, it allows for creating tickets in only one bucket, which requires monitoring to redirect tickets to the appropriate team. It would be beneficial to have segregation for different projects.
Additionally, Orca Security could improve in reporting OS package vulnerabilities, such as missing MS patches or Linux patches.
For how long have I used the solution?
I have been using Orca Security for one year.
What do I think about the stability of the solution?
I would rate the stability as nine out of ten. I personally have not encountered any bugs or issues with the console. It runs almost 24/7.
What do I think about the scalability of the solution?
I would rate the scalability as nine out of ten. The seamless integration allows us to automatically reflect any connected project from our cloud into the console.
How are customer service and support?
I would rate customer service between eight and nine out of ten. The support team assists with issues and provides information on new updates, helping us understand the product better.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Previously, we used Rapid7 for vulnerability management. We switched because we moved from on-premises to the cloud, which required a cloud security solution.
What's my experience with pricing, setup cost, and licensing?
I am not sure about the pricing, as all decisions related to pricing and configuration were made by a different department.
What other advice do I have?
I recommend Orca Security to others looking for a cloud security solution due to its seamless integration and side-scanning technology that does not hamper cloud asset performance. It also offers automation for ticket creation directly from alerts.
I'd rate the solution eight out of ten.
Great tool for measuring and improving cloud security posture
What do you like best about the product?
The tool provides an amazing level of insight in our cloud presence. It is orgranized in an intuitive way, allows for customization, and is easy to drill down into details on specific alerts.
What do you dislike about the product?
Scans sometimes fail and it's not always obvious that there is an issue.
What problems is the product solving and how is that benefiting you?
The largest benefit we're receicing from Orca is a much more complete vision of our cloud environments. Addtionaly, it has greatly increased our efficiency in identifying and correcting vulnerabilities and compliance issues.
Security engineer's perspective
What do you like best about the product?
Very intuitive, looks great, and easy to use
What do you dislike about the product?
might be a little expensive for small businesses
What problems is the product solving and how is that benefiting you?
Viewing the cloud posture, vulnerabilities, and how to resolve them.
New Orca Cloud Security User
What do you like best about the product?
Orca Security is very easy to use for new user or organization. The platform is intuitive.
What do you dislike about the product?
While orca ofers deep visbility, managing such an extensive platform without enmterprise support can be overwhelming.
What problems is the product solving and how is that benefiting you?
Comprehensive Coverage: It provides holistic visiblity across workloads, containers, and cloud infrastructure.
showing 11 - 20