Orca Security CNAPP Cloud Security Platform
Orca Security CNAPPExternal reviews
227 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Easy to use, powerful tool to gain insight into your cloud environments
What do you like best about the product?
I find that Orca's access into all of the machines within the cloud environment without having to log into each individual machine is one of the most powerful features. The integration with Jira allows us to generate tickets for others without needing to grant console access, and the automatic closure of tickets based on subsequent scans reduces the workload on the security and execution teams.
What do you dislike about the product?
Orca has generally been very fast to implement new features, however some of the reporting functionality can be challenging until you've learned the query language syntax. This has been improving and is no longer a product downside.
What problems is the product solving and how is that benefiting you?
Orca Security gives me complete visibility into the cloud environment and identifies misconfiguration risks, assets that haven't been patched and are generally neglected, and allows me to forward remediation quickly to the appropriate teams.
Orca has been doing really great in providing information on CSPM
What do you like best about the product?
CSPM, vuln, cloud misconfingg and what not
What do you dislike about the product?
SCA can be better, we are seeing many things missing on SCA
What problems is the product solving and how is that benefiting you?
CSPM, it's giving us insight on things that we missed during cloud setup
My experience with Orca Security has been pretty great overall
What do you like best about the product?
Orca has a lot of great features and and is very intuitive to use and integrate new machines onto the account.
What do you dislike about the product?
Orca Security does not have the capability to support on-prem systems.
What problems is the product solving and how is that benefiting you?
Orca is mainly helping in identifying vulnerabilities in the organizations cloud assets.
Orca Security is one of the original Cloud Security disrupptors and innovators.
What do you like best about the product?
Context-driven security was considered the future of Cloud Security, and Orca led the charge. The level of depth provided around resources and assets in your cloud is one of the best out there.
We love the ability to clone and customize "baked-in" alerts to meet our environmental needs, specifically around asset tagging/labeling. Their Code Security capabilities are starting to rival those of Synk and others in the space. The potential there is promising, and the product teams are constantly keeping us in the loop.
The Custmoziable Alerts dashboard, which meets my leadership needs, is easy to use. My team can also create and share customized views without much effort.
Searching and "Discovery" have greatly improved in the latest iteration of the product, and the speed at which we find assets and configurations has improved.
Orca provides very in-depth "attack path" visualizations that are easy to follow, clearly visualize risks, and tell an attack story. Although this would be considered intimidating to view, their visual representation is strong.
Side-scanning continues to provide tremendous value to us. It still amazes me how quickly they scan our entire environment and report back changes, threats, risks associated with "data" or storage.
There is a lot more to mention, but lastly, our customer support and sales team has been top-notch. One of the best we have worked with.
We love the ability to clone and customize "baked-in" alerts to meet our environmental needs, specifically around asset tagging/labeling. Their Code Security capabilities are starting to rival those of Synk and others in the space. The potential there is promising, and the product teams are constantly keeping us in the loop.
The Custmoziable Alerts dashboard, which meets my leadership needs, is easy to use. My team can also create and share customized views without much effort.
Searching and "Discovery" have greatly improved in the latest iteration of the product, and the speed at which we find assets and configurations has improved.
Orca provides very in-depth "attack path" visualizations that are easy to follow, clearly visualize risks, and tell an attack story. Although this would be considered intimidating to view, their visual representation is strong.
Side-scanning continues to provide tremendous value to us. It still amazes me how quickly they scan our entire environment and report back changes, threats, risks associated with "data" or storage.
There is a lot more to mention, but lastly, our customer support and sales team has been top-notch. One of the best we have worked with.
What do you dislike about the product?
Reporting on containerization vulnerabilities has improved, but it needs to be better. (Orca has been investing a lot in this space and the future is promising).
Infrastructure as Code custom policy creation is effective but challenging and needs to be more closely linked to the UI. (There might be technical challenges here but overall, we need more visualizations in the UI around this)
Identity-based reporting around "inactive" non-human accounts is an area that needs more attention. (GCP Support is a little behind.)
Infrastructure as Code custom policy creation is effective but challenging and needs to be more closely linked to the UI. (There might be technical challenges here but overall, we need more visualizations in the UI around this)
Identity-based reporting around "inactive" non-human accounts is an area that needs more attention. (GCP Support is a little behind.)
What problems is the product solving and how is that benefiting you?
Agentless cloud storage and data monitoring is benefiting us. We can confidently deploy compute as needed and still scan and detect at the file level.
Comprehensive coverage of all of our major cloud providers.
Context-aware risk prioritization is proving to have its benefits for minizing the overall organizational risk.
Comprehensive coverage of all of our major cloud providers.
Context-aware risk prioritization is proving to have its benefits for minizing the overall organizational risk.
Review Orca Security for Cloud Workload
What do you like best about the product?
Orca is a great tool to describe our cloud security posture. I like it that it supports the major cloud vendors - Azure, AWS, Google. I like it that it is also able to show vulnerabilities in a great dashboard.
What do you dislike about the product?
The dashboard can perform slowly at times. Saving of views seems quirky. Some bugs need to be addressed.
What problems is the product solving and how is that benefiting you?
Visibility into our multiple Cloud workload in terms of security, vulnerabilities, best practices, etc.
Ease of use and great visibility
What do you like best about the product?
Orca provides a great visibilty on our cloud assets, detects what needs to be improved and most important alerts on the severe findings that may be very risky.
Also, provides easy implementation and pretty simple guided process to add more cloud accounts to the subscription.
Also, provides easy implementation and pretty simple guided process to add more cloud accounts to the subscription.
What do you dislike about the product?
I would improve the calculation of the subscription and allow to exclude from the subscription the irrelevant assets types without engaging with the account manager.
What problems is the product solving and how is that benefiting you?
Orca presents in one place all the insights on our cloud assets in the different environments in multiple cloud vendors.
This provides a great visibility and configuring alerts to be sent to all stakeholders upon detection.
This provides a great visibility and configuring alerts to be sent to all stakeholders upon detection.
Orca makes it easy to assess your cloud security posture
What do you like best about the product?
I like that Orca does a thorough examination of our AWS deployment, and prioritizes the findings for us to have an actionable list of remediations to make.
What do you dislike about the product?
Sometimes I find it hard to understand how to query the underlying data store that Orca uses, but if I keep to standard reports I'm good (and their support has been excellent)
What problems is the product solving and how is that benefiting you?
Orca solves a number of problems: Which servers have unpatched software, which AWS services need to be tightened up, how we have been doing over time
Orca Review
What do you like best about the product?
The Security Features are perfect for Cloud Security.
We use Orca for scanning our cloud accounts in AWS, GCP and Azure.
Orca has some great Cloud Security features: Vulnerability Management, CSPM, and Shift Left Security.
We use Orca for scanning our cloud accounts in AWS, GCP and Azure.
Orca has some great Cloud Security features: Vulnerability Management, CSPM, and Shift Left Security.
What do you dislike about the product?
Sometimes the Engineered solutions seems to have issues. All of these are addressed in the new Orca architecture (Serving Layer 2).
What problems is the product solving and how is that benefiting you?
Cloud Scanning for Vulnerabilities and Shift Left Security.
Easy to use and accurate in covered resources, lacking some coverage areas
What do you like best about the product?
Well thought UI and accurate resource discovery.
What do you dislike about the product?
Issues with integration with AKS private clusters
What problems is the product solving and how is that benefiting you?
Fast vulnerability findings, helpful in planning security maintenance
Sales experience with orca
What do you like best about the product?
The platform and the compliance on cybersecurity rules
What do you dislike about the product?
nothing about orca on the tehcnology platform
What problems is the product solving and how is that benefiting you?
Compliance and cybersecurities issues
showing 31 - 40