User-friendly and Great tool
What do you like best about the product?
Integration is seamless. Ease to understand the features.
What do you dislike about the product?
Need more attractive UI. Need to be informative.
What problems is the product solving and how is that benefiting you?
It is helping us to solve Critical Vulnerabilities.
Innovative and understands what customers need
What do you like best about the product?
Helpful: Feature rich on security.
Upsides:
- Great documentation
- Vendor integration
What do you dislike about the product?
Least helpful:
Downsides:
- Some of the sections of the application takes time to load
- When copy and paste an Orca specific URL (document), if clients are not logged in yet, it will force us to log in or SSO, but it did not keep the initial URL that we paste
- It would be great in Alert section, on the left nav, adding Asset K8s in cluster in addtion to Asset K8s Namespace
- When displaying the alert, ie. GKE cluster has an unsupported master node version, it will be great to dispaly in "client face" what GKE version and what is/are that available for upgrade
What problems is the product solving and how is that benefiting you?
Secret detection, Vulnerability scan, integration with other frameworks. All of these are important for us internally for security reason, as well as customers requirements.
Excellent product
What do you like best about the product?
Orca offers a great integration with AWS cloud that provides a deeper visibility into any cloud resource created.
What do you dislike about the product?
Some reports could be a little bit rigid and don't always offer the info needed.
What problems is the product solving and how is that benefiting you?
Be able to identify End Of Life systems and plan accordindly have provided better management for the teams.
Orca Security makes it easy to spot issues with your AWS deployment
What do you like best about the product?
Orca Security has a great amount of DEPTH to it's inspection
What do you dislike about the product?
Because of the richness of the data underpinning Orca, sometimes it's hard to find what I'm looking for
What problems is the product solving and how is that benefiting you?
Orca helps us ensure that the workloads that we have deployed on AWS remain secure. I appreciate how they include a "latest security issues" feed, and then proactively check our infrastructure. It helps me sleep better at night.
Great CSPM tool for Azure environment
What do you like best about the product?
Provides great evaluation of the cloud environments to identify vulnerabilities, misconfigurations, and other issues.
What do you dislike about the product?
Initial setup of custom queries and reports may take some time and testing to complete.
What problems is the product solving and how is that benefiting you?
Allows for evaluation of resources within our cloud environment to identify vulnerabilities, misconfigurations, savings opportunities, and other issues. Also provides recommendations in terms of remediations.
A superb tool.
What do you like best about the product?
The alerts are very detailed and clear. The whole tools is well layed out and easy to install and use.
What do you dislike about the product?
Bulk action on alerts is not induitive and there are a lot of alerts.
What problems is the product solving and how is that benefiting you?
Inner permieter scanning.
The best multi-purpose Cloud Security Posture Management out there.
What do you like best about the product?
Very easy to configure and get start with.
Excellent support for the 3 main Cloud providers.
They invested a lot in their product and it is incredibly more extensive than it was a couple years ago.
The pricing is relatively reasonable for smaller organizations.
Excellent Customer Success and Executive Teams.
The flexibility of its API, Sonar Queries and automations.
The full revamp of the Discovery feature has been impressive.
So many new perks have been keep coming up as part of the Premium plan: Shifleft, DSPM, API security, ThreatOptix.
The support is incredibly quick even during weekend. I've in all honesty never experienced a vendor as prompt as Orca to support their customers.
What do you dislike about the product?
I'm still waiting for a dark mode since the UI change.
Automations don't use Sonar querying language yet.
Could be interesting to have a Terraform module to manage configurations.
The new pricing model is a bit confusing.
What problems is the product solving and how is that benefiting you?
Before Orca we didn't have visibility on the vulnerabilities and configuration issues of our Cloud environment. Orca addressed one of our big compliance gap in a couple days and could easily be customized to our needs in a few weeks.
User-friendly and efficiently identifies and addresses internal vulnerabilities
What is our primary use case?
I've been working on this cloud security platform for the past one and a half years. Essentially, we focus on checking different components of AWS and Azure.
We check over containers, instances, and various other elements running in the cloud. Our work is specifically designed for the cloud environment. We identify and address internal vulnerabilities across applications and operating systems which we are using in the cloud.
If there are any patch management requirements, we ensure they are done across different applications and even API interfaces.
In summary, our goal is to maintain security settings across the cloud infrastructure, such as AWS and Azure, used by our company. We connect with the DevSecOps team to actively work on securing the cloud environment and remediate vulnerabilities. We make sure incidents are properly handled, and necessary updates are implemented without causing disruptions. To facilitate communication, we use SMS for incident closure. This has been our focus for the past year.
How has it helped my organization?
Previously, we had a hybrid model where we used both physical devices and VMs across the cloud to manage enterprise security solutions. With Orca Security, we have a specific solution that allows us to monitor internal vulnerabilities and the most exploitable ones across the cloud. This platform is dependable and includes a powerful AI engine that we are currently using.
It helps us identify and address vulnerabilities early on, including CPU weaknesses and other variations. Additionally, it provides remediation guidance and facilitates patching and updates. Furthermore, it gathers threat intelligence, which is beneficial during incidents.
What is most valuable?
Recently, Orca Security has updated its interface, making it more user-friendly. I find it particularly useful as it allows me to easily navigate the dashboard and prioritize actions based on severity and criticality.
This feature makes it easy for me to look at prototypes and determine the necessary steps to take, focusing on critical issues first. I love the interface dashboard.
What needs improvement?
I would say that there are some loading issues. Since this is a cloud-native platform, there may be a problem with connecting to the dashboard as soon as it's open. The interface can be a bit cranky and sometimes takes a lot of time to load. So, the way APIs are deployed for our dashboards or monitoring systems needs to be corrected and optimized.
In future releases, Orca Secure needs to have new integrations with different security solutions apart from the cloud. We have EDRs, XDRs, and MDRs. Orca Security should automate the process of connecting and integrating with these solutions. It can be an essential way of protecting the infrastructure in an effective manner.
For how long have I used the solution?
I have been using Orca Security for the last two years.
What do I think about the stability of the solution?
I would rate the stability of Orca Secure a nine out of ten.
What do I think about the scalability of the solution?
I would rate the scalability of Orca Secure a nine out of ten.
What about the implementation team?
We directly bought this product from Orca Security itself, so we did not use any third party to install or deploy it.
What was our ROI?
What's my experience with pricing, setup cost, and licensing?
The price is a bit expensive for smaller organizations. It can be expensive for smaller organizations, but if you are managing your infrastructure in the cloud, it's definitely worth trying.
We have certain subscriptions and licenses for around a thousand instances deployed across the cloud. We purchased the subscriptions for the necessary devices we are running. It has cost us a lot.
What other advice do I have?
I would definitely recommend using Orca Secure. It's a very good cloud security platform. Apart from what I've seen, it has a really extensive dashboard and analysis capabilities. It picturizes actual vulnerabilities and provides guidance for remediation. It's a valuable cloud security evaluation tool, and I would suggest it as the first thing to learn.
Overall, I would rate the solution a solid nine out of ten.
Instant on cloud security platform
What do you like best about the product?
I have been using Orca Security for the last couple of months and am very impressed with its capabilities and performance while being agentless.
It's incredible that it gives me 100% visibility into my or customers' cloud environments quickly and helps me detect and fix misconfigurations, vulnerabilities, malware, and compliance issues.
The dashboard shows me the most critical risks and compliance issues at a glance. The alerts are prioritized based on severity, accessibility, and business impact.
What do you dislike about the product?
The only improvement I can think of for Orca Security is expanding its coverage to more cloud platforms and services.
What problems is the product solving and how is that benefiting you?
Agentless collection of data eliminates coverage gaps, vulnerability management for cloud, access to regulatory compliance frameworks to help prioritize risks, and continuous monitoring of the cloud estate.
ORCA Security: Empowering Organizations with Simplified Cloud Intelligence and Risk Visibility
What do you like best about the product?
By leveraging ORCA Security, our collaboration with the DevOps Team has significantly improved. This streamlined solution allows security engineers to seamlessly share relevant findings, leading to more efficient remediation processes. With ORCA, we have successfully eliminated organizational hurdles between DevOps and Security teams, promoting a smoother and more effective working relationship.
What do you dislike about the product?
The User Interface occasionally experiences slower loading times, requiring some patience. There is room for improvement in the scanning capabilities, particularly in terms of providing more automated remediation for certain alerts. Integrating the ability to auto-remediate with Orca would be a valuable addition and enhance the overall user experience.
What problems is the product solving and how is that benefiting you?
Orca's deep visibility across AWS, Azure, and other cloud environments, Orca maximizes its comprehensive view to establish a robust risk management approach. Its advanced capabilities efficiently detect vulnerabilities, security misconfigurations, and compliance violations across various cloud workloads, including containers and VMs. By effectively prioritizing urgent alerts and minimizing alert fatigue, the Orca platform empowers security teams to take proactive measures and prevent potential threats.
