We use the solution to show misconfiguration. Often, users lack knowledge about their assets' fingerprints and their cloud provider's configurations.
Orca Security CNAPP Cloud Security Platform
Orca Security CNAPPExternal reviews
227 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Deep insights at an affordable price
What do you like best about the product?
The visibility into cloud workloads is unparalleled. You can get complete visibility into everything in your public cloud provider in 15 minutes, except for Kubernetes workloads, which require another 30 minutes to set up. Orca finds vulnerabilities and misconfigurations.
What do you dislike about the product?
Orca has indicated that it has no intention of expanding into on-prem workloads. If you have offices with network gear or servers, you must split your risk identification and prioritization process - one for each environment.
Additionally, Orca does not proactively communicate upcoming changes to its internal data model. If you're using advanced searches or automation that depend on the Orca data model, these can break or return unexpected results when the underlying data model changes.
Additionally, Orca does not proactively communicate upcoming changes to its internal data model. If you're using advanced searches or automation that depend on the Orca data model, these can break or return unexpected results when the underlying data model changes.
What problems is the product solving and how is that benefiting you?
Orca identifies and prioritizes risk in cloud environments. It detects risks on VMs, in containers, and in how you configure your public cloud provider. These are prioritized based on a number of factors, such as reachability, blast radius, the classification of data on the resource, what cloud privileges the resource has, etc.
Extremely capable cloud security product
What do you like best about the product?
Automatic prioritization and contextualization of findings, continually adding new features
What do you dislike about the product?
It doesn't aggregate findings across multiple generations of ephemeral assets
What problems is the product solving and how is that benefiting you?
We needed a comprehensive cloud asset inventory and vulnerability scanner, and Orca solves those problems and many more
The tool is comprehensive and covers all key aspects of cloud security needed for our organization
What do you like best about the product?
We're able to better prioritize risks, the AI enabled remediation guide is particularly very useful to help guide our product and development teams.
ORCA provides us ability to see the most important security risks across our multi cloud and application footprint- this helps us know what to focus on.
ORCA provides us ability to see the most important security risks across our multi cloud and application footprint- this helps us know what to focus on.
What do you dislike about the product?
The vulnerability management and reporting can be improved upon. There is a minor disconnect between data presented on the dashboard and downloaded reports.
The downloaded reports sometimes need additional tuning to make it presentable.
The downloaded reports sometimes need additional tuning to make it presentable.
What problems is the product solving and how is that benefiting you?
ORCA provides us ability to see the most important security risks across our multi cloud and application footprint- this helps us know what to focus on.
Great Product for a quick win regarding all things AWS
What do you like best about the product?
Easy implementation Launch. Quick Win. The overall purchase and onboarding of this product have been exceptional. The countless number of features and easy of SSO Integration were simple.
What do you dislike about the product?
I don't have anything bad to say about this product.
What problems is the product solving and how is that benefiting you?
AWS insight is critical to ensure the environment not only has controls but we can also leverage the compliance piece of the tool to find what gaps we have.
Find Vulnerabilities Even Software Vendors Miss
What do you like best about the product?
Excellent detection capabilities led to the detection of Log4J hidden in a Zip file inside of a Zip file that even our software vendor did not detect.
What do you dislike about the product?
Product would be improved with an option of agent based scanning for even improved run-time protection. Hoping this will be on the roadmap.
What problems is the product solving and how is that benefiting you?
How to scan multiple public clouds platforms and workloads via a single, consolidated interface. How to prioritize and remedy threats. Orca made this possible and is easy to use making our administration effort easy.
Improve Cloud Security Posture With Orca Security
What do you like best about the product?
Orca is a great tool for improving the security posture of your cloud infrastructure. It provide visibility in all aspects of your cloud workloads' security. All findings are presented in clear and actionable format, categorized and risk-graded, with details remediation instructions included. Orca is well documented and easy to configure, and support team provides prompt responses. It provides great integrations with a variety of 3rd-party tools. Excellent value for its features and capabilities.
What do you dislike about the product?
Issues with custom access roles.
Occasional problems with user's authentication.
I wish better reporting capabilities.
Occasional problems with user's authentication.
I wish better reporting capabilities.
What problems is the product solving and how is that benefiting you?
Orca Security provides comprehensive visibility and management of security risks across our cloud infrastructure.
it helps you identify and prioritize vulnerabilities, misconfigurations, and other security threats, improving our overall security posture and ensuring compliance with industry standards.
it helps you identify and prioritize vulnerabilities, misconfigurations, and other security threats, improving our overall security posture and ensuring compliance with industry standards.
An emerging cloud security technology with strong foundation
What do you like best about the product?
The biggest challenge in cloud security is the known unknowns. And Orca solves that problem by discovering a wide variety of assets and modeling their interrelationships. This helps organisations solve for the root cause of problems and saves huge amount of time spent merging excel sheets. The platform's capability to search for datasets and relations using queries is immensely powerful.
What do you dislike about the product?
Adoption of the platform is difficult for big organisations habitated their own toolsets.
What problems is the product solving and how is that benefiting you?
Orca solves for the tool consolidation goal of our organisation. With the use of risk scoring, our organisation is now able to better align resources solving for the true problem. The ease of using the platform has helped us roll out Orca in our organisation as a self serving security tool enabling businesses to drive security goals independently and faster.
Orca Security: Continuous Innovation Keeps Us Ahead of Threats
What do you like best about the product?
Orca Security has truly been a game-changer for our organization's cloud security. The platform consistently exceeds our expectations, thanks to its continuous development and improvement. Orca's ability to proactively identify and remediate vulnerabilities and threats has significantly strengthened our security posture.
What do you dislike about the product?
While Orca is incredibly powerful, there is a bit of a learning curve to fully utilize all of its features. The interface can be overwhelming at first, and it takes some time to master the platform's full capabilities.
What problems is the product solving and how is that benefiting you?
Orca Security has truly been a game-changer for our organization's cloud security. The platform consistently exceeds our expectations, thanks to its continuous development and improvement. Orca's ability to proactively identify and remediate vulnerabilities and threats has significantly strengthened our security posture.
CSPM at it's best
What do you like best about the product?
OrcaSecurity's data driven approach is really good, the amount of data it can scrape and provide insight itself is intriguing.
What do you dislike about the product?
It needs a bit improvement on it's end suer data usability.
What problems is the product solving and how is that benefiting you?
It's agentless meethod of scanning decreases the overhead of installing agents on different server and seamless data gathering. It benifits us a lot to read and resolve the gaps we had in the whole cloud coverage.
It contacts your account provider and fetches metadata, eliminating the need for snapshots or reserved space to copy client infrastructure
What is our primary use case?
What is most valuable?
Orca Security has patented technologies. It's an agentless solution, so you don't need to install an agent. Instead, it contacts your account provider and fetches metadata, eliminating the need for snapshots or reserved space to copy client infrastructure.
The multi-cloud capability displays essential information and potential vulnerabilities with granular detail. For instance, it identifies paths that attackers might exploit to gain root or admin access to machines.
It is comprehensive, covering a wide range of software needs. They also integrate with CI/CD pipelines, enabling developers to ensure security from the early stages of code deployment. This integration provides a 100% guarantee on security, safeguarding images, configurations, and other crucial information throughout the development process.
What needs improvement?
The company is managed by industry veterans. It's a cloud-based product. They handle misconfigurations and analyse your runtime to detect malware. They're at the forefront regarding developer security. The platform is vast, inundated with information. One can easily feel overwhelmed by the sheer volume of data.
The solution is very detail-oriented, which can be overwhelming for nontechnical people. On the other hand, understanding the security posture is very valuable for a technical person.
For how long have I used the solution?
I have been using Orca Security for a year.
What do I think about the scalability of the solution?
If you choose the traditional or legacy option, you'll have to install an agent. Agents don't scale well. You can't effectively scale with agents because it requires manual intervention on each machine, consulting the agent, and it's not scalable because you'll need to reproduce that process. With Orca, we employ scanning technology, avoiding all the workload of installing agents. And then you can scale very quickly, in just a couple of moments. You can basically scale quickly without the need for those interventions.
How are customer service and support?
Support is fairly prominent. They have knowledgeable people.
How was the initial setup?
The initial setup is straightforward and takes five minutes to complete.
What's my experience with pricing, setup cost, and licensing?
The ticket is quite expensive; it depends on which way you want to go. If you want to buy the licence on your own, you can opt for MSP licences where people are going to run a managed service. If you're going in, "I've got no time and no resources to do that," you can use managed service. We manage, we run the scan, and we work on the information on the findings. It's very different from other cloud solutions. Company A is in front of a company in Portugal, and they are linked together. It's a subsidiary. Orca will allow you to get your asset inventory very quickly which is quite expensive.
What other advice do I have?
Orca is a SaaS solution. It is deployed on cloud but you can have it on prem as well. It works with all cloud providers.
All vendors are offering a primary solution for free. You might need to consider Orca for a certain number of workloads like VM, a server, or even a phone.
Orca is very intuitive and offers a lot of features. You can click on it, and you can see it all. The proper way is to go through an integrator or reseller; that's called the retail side. Before you take any action, call the retailer and ask them for a demo, in order for you to understand. If you start tomorrow and buy Orca, if you never call those guys, it's going to be a little bit difficult for you. You need someone who's trained to explain and show you around the platform.
Overall, I rate the solution a nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
showing 41 - 50