Some of the customers use it to actually look at their assets in the cloud.
It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just scan the entire assets in the cloud.
Orca Security CNAPP Cloud Security Platform
Orca Security CNAPPExternal reviews
227 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Helps increase cloud visibility on different platforms, very stable product and quick to deploy
What is our primary use case?
How has it helped my organization?
It helps increase cloud visibility on different platforms. And also in terms of the security vulnerability in the cloud space. They recommend specific steps as well.
What needs improvement?
Actually, it's not all clouds that they are currently onboarded with. For instance, they are not yet with public cloud and many other private clouds.
Therefore, there is room for improvement, and more private clouds should be added. For the private cloud, we need to install agents into the environment.
For how long have I used the solution?
I have been using it for two years.
What do I think about the stability of the solution?
So far, we haven't faced any complaints at all after two years.
So, it has been a stable solution.
What do I think about the scalability of the solution?
Many enterprises that have lesser workloads in the cloud, so there's no point in them monitoring themselves. So those who have heavy workloads on the cloud need this tool too.
So it can handle large loads of information.
How are customer service and support?
Which solution did I use previously and why did I switch?
There is another company who copies them, like people from Wiz.
Theinterface is different, and we don't have a lot of updated stuff. They are copying Orca Security, and they are not the patent holder. The patent holder is Orca.
How was the initial setup?
This product is very fast to onboard; it takes just five minutes.
You just need to input the admin credentials for the cloud provider, meaning AWS, Azure, and Google. You can just pull it on, and then Orca covers the entire report already.
There's no need for integration because everything is on the cloud. That's why it's agentless.
Just a few steps for onboarding. It is really quick to deploy.
What's my experience with pricing, setup cost, and licensing?
Orca Security charges are based on cloud workloads. So, it's based on workloads.
If we look at one feature, it might be expensive. But if we're considering all the features they offer in monitoring and scanning, there aren't many tools out there that can do all they do in one tool. So if you compare that, then this is not really expensive. But if we compare just one feature, then it is more expensive than the others.
The user needs to utilize it as a package.
What other advice do I have?
I would recommend it. Overall, I would rate the solution an eight out of ten because it needs to expand more to support all the markets. They are not there yet.
Not all private clouds are supported, for example, SAP Cloud.
Excellent tool for identifying potential vulnerabilities
What do you like best about the product?
I like that Orca works from within your network and is able to find any areas of concern, rather than running externally and only finding open vulnerabilities.
What do you dislike about the product?
There were a number of false positives, and some recommended fixes and patches that did not work.
What problems is the product solving and how is that benefiting you?
We discontinued service with our previous vulnerability scanner after years of receiving monthly audits with no results (which is a good thing). Orca was able to scan from inside our network and point us to areas of concern, and helped us with GDPR compliance.
New Setup of Orca Security
What do you like best about the product?
The responsiveness of the tool while providing the ability to examine findings from numerous prospectives was very impressive. The method in which the data is collected and maintained accuracy, while providing numerous remediation methods across varying IaC platforms, how findings tie back to Cyber Control Policies and summaries of how and why findings are rated provides a total package of a Cloud Security Posture Mgmt tool
Configuration Setup had clear, easy instructions on setup, and Orca's Customer Care Support team was responsive and knowledgable
Upon setup, the tool was immediatly and regularly put to use as a core component in Cyber Posture assessment.
Configuration Setup had clear, easy instructions on setup, and Orca's Customer Care Support team was responsive and knowledgable
Upon setup, the tool was immediatly and regularly put to use as a core component in Cyber Posture assessment.
What do you dislike about the product?
Part Orca's strength is the ability to examine finding from many different prospectives. By Cyber Control family, cloud provider platform, or by grouped accounts deemed higher or lower of importance.
This takes some training and regular use of the tool as simular view points can be achieved by numerous methods.
This takes some training and regular use of the tool as simular view points can be achieved by numerous methods.
What problems is the product solving and how is that benefiting you?
Orca immediatly helped with prioritization of findings for resolution and dashboards for easy to produce reports to DevSecOps or Management overview.
Great product that guides you through securing your environment
What do you like best about the product?
My favorite feature of Orca is being able to generate remediation steps depending on how you interact with the machine. It also has a dynamic security rating that is based on more factors than just the CVSS. Connecting our environment was also very easy to do thanks to their onboarding and support.
What do you dislike about the product?
It can be overwhelming at first until you create a custom view or become familiar with the interface. There is also no dark mode but that is pretty minor for me.
What problems is the product solving and how is that benefiting you?
It is keeping track of our handful of machines and helping us be aware of any security issues as well as show us how it can be used to traverse our infrastructure.
User-friendly and Great tool
What do you like best about the product?
Integration is seamless. Ease to understand the features.
What do you dislike about the product?
Need more attractive UI. Need to be informative.
What problems is the product solving and how is that benefiting you?
It is helping us to solve Critical Vulnerabilities.
Innovative and understands what customers need
What do you like best about the product?
Helpful: Feature rich on security.
Upsides:
- Great documentation
- Vendor integration
Upsides:
- Great documentation
- Vendor integration
What do you dislike about the product?
Least helpful:
Downsides:
- Some of the sections of the application takes time to load
- When copy and paste an Orca specific URL (document), if clients are not logged in yet, it will force us to log in or SSO, but it did not keep the initial URL that we paste
- It would be great in Alert section, on the left nav, adding Asset K8s in cluster in addtion to Asset K8s Namespace
- When displaying the alert, ie. GKE cluster has an unsupported master node version, it will be great to dispaly in "client face" what GKE version and what is/are that available for upgrade
Downsides:
- Some of the sections of the application takes time to load
- When copy and paste an Orca specific URL (document), if clients are not logged in yet, it will force us to log in or SSO, but it did not keep the initial URL that we paste
- It would be great in Alert section, on the left nav, adding Asset K8s in cluster in addtion to Asset K8s Namespace
- When displaying the alert, ie. GKE cluster has an unsupported master node version, it will be great to dispaly in "client face" what GKE version and what is/are that available for upgrade
What problems is the product solving and how is that benefiting you?
Secret detection, Vulnerability scan, integration with other frameworks. All of these are important for us internally for security reason, as well as customers requirements.
Excellent product
What do you like best about the product?
Orca offers a great integration with AWS cloud that provides a deeper visibility into any cloud resource created.
What do you dislike about the product?
Some reports could be a little bit rigid and don't always offer the info needed.
What problems is the product solving and how is that benefiting you?
Be able to identify End Of Life systems and plan accordindly have provided better management for the teams.
Orca Security makes it easy to spot issues with your AWS deployment
What do you like best about the product?
Orca Security has a great amount of DEPTH to it's inspection
What do you dislike about the product?
Because of the richness of the data underpinning Orca, sometimes it's hard to find what I'm looking for
What problems is the product solving and how is that benefiting you?
Orca helps us ensure that the workloads that we have deployed on AWS remain secure. I appreciate how they include a "latest security issues" feed, and then proactively check our infrastructure. It helps me sleep better at night.
Great CSPM tool for Azure environment
What do you like best about the product?
Provides great evaluation of the cloud environments to identify vulnerabilities, misconfigurations, and other issues.
What do you dislike about the product?
Initial setup of custom queries and reports may take some time and testing to complete.
What problems is the product solving and how is that benefiting you?
Allows for evaluation of resources within our cloud environment to identify vulnerabilities, misconfigurations, savings opportunities, and other issues. Also provides recommendations in terms of remediations.
A superb tool.
What do you like best about the product?
The alerts are very detailed and clear. The whole tools is well layed out and easy to install and use.
What do you dislike about the product?
Bulk action on alerts is not induitive and there are a lot of alerts.
What problems is the product solving and how is that benefiting you?
Inner permieter scanning.
showing 51 - 60