Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
This ORCA keeps us afloat
What do you like best about the product?
Ease of deployment. Very easy to deploy across 60 cloud subscriptions within days. This app is great and allows us to have a glass pane for everything. Even container scanning + Secret scanning + alerting and now automatic remediation
What do you dislike about the product?
At the moment, nothing. The app has everything required
What problems is the product solving and how is that benefiting you?
Vulnerability and security coverage and now container scanning. The ease of deployment and how they do things means we get a full view. It now finds scretes and scans containers in repositories
Recommendations to others considering the product:
Just do it. It will scare you with what it finds.
- Leave a Comment |
- Mark review as helpful
Best tool an organization needs for CSPM (Cloud Security Posture Management)
What do you like best about the product?
Orca is a one stop solution for Cloud Security monitoring. It covers everything from Compliance based policy violations, secrets detection, to . We are very satisfied with the product.
The best thing I like about the product is the ease of setup. It literally takes minutes to integrate with your cloud environment. Whereas other products in the same space may either take longer or is a hassle to setup.
The UI is fabulous and easy to use. I have had the chance to use their beta version as a part of their upcoming release, and the UI is mesmerizing, concise, and seamless!
The best thing I like about the product is the ease of setup. It literally takes minutes to integrate with your cloud environment. Whereas other products in the same space may either take longer or is a hassle to setup.
The UI is fabulous and easy to use. I have had the chance to use their beta version as a part of their upcoming release, and the UI is mesmerizing, concise, and seamless!
What do you dislike about the product?
The product needs to provide support for :
• More compliance frameworks
• More cloud platforms such as AliCloud
• Infrastructure as a Code file/in-the-pipeline scans
• Proprietary query language so that users can perform look ups and ability to create custom policies as per their needs
• Mobile application for portability (Especially useful for executive level visibility)
• More compliance frameworks
• More cloud platforms such as AliCloud
• Infrastructure as a Code file/in-the-pipeline scans
• Proprietary query language so that users can perform look ups and ability to create custom policies as per their needs
• Mobile application for portability (Especially useful for executive level visibility)
What problems is the product solving and how is that benefiting you?
• Vulnerability management on the Cloud
• Keys and secrets which would potentially be exposed to the public or may be exposed once the asset is compromised
• Container/Cluster scanning which may not be exhaustively covered by current vulnerability management tools
• Keys and secrets which would potentially be exposed to the public or may be exposed once the asset is compromised
• Container/Cluster scanning which may not be exhaustively covered by current vulnerability management tools
Orca Security Is a Game Changer
What do you like best about the product?
I like that it takes less than five minutes to get up and running on AWS using standard (Infrastructure as Code) IaC tooling. Although AWS natively offers features within Security Hub, it always feels like a hassle to search for information and correlate with work tickets. With Orca Security, the information is easily searchable across all of our AWS accounts and we can even categorize vulnerabilities by business units. This only scratches the surface of what you can do with Orca Security. We were early adopters and have watched the platform evolve into a game-changing security product that provides good ROI from day one.
What do you dislike about the product?
It's a small dislike but it would be nice to have more control over the dashboard layout. It would also be helpful to have the ability to add our inputs that contribute to the overall security score number instead of only comparing to other Orca users.
What problems is the product solving and how is that benefiting you?
Since we have many AWS accounts, Orca Security helps us with a single pane view of all of our AWS accounts and vulnerabilities. When we find issues, we can quickly open remediation tickets that include the pertinent details for work–this saves a tremendous amount of time. Also, auditors typically ask for a list of assets with tracked vulnerabilities; Orca Security has made this tremendously easy to do.
Recommendations to others considering the product:
When thinking about licensing costs for Orca Security compared to other products on the market that use agents, don't forget to calculate time spent managing agents as well as integration into your organization's ticketing system for remediation work. These can be hidden costs depending on the maturity of your organization's information security management program.
Review
What do you like best about the product?
Inventory of all resources not just VM's
What do you dislike about the product?
So far there really is not anything notable that we do not like.
What problems is the product solving and how is that benefiting you?
Cloud resource inventory - We cannot secure what we do not know about.
Recommendations to others considering the product:
Do a PoC and it will prove itself by finding things you are missing today.
Know your environment
What do you like best about the product?
The extensibility of the product, and how rich the API is. I can find out almost anything about my environment.
What do you dislike about the product?
Creating new alerts can be clunky. However, the Orca team is always improving and is currently working on a V2. Navigating the UI can be a bit of a challenge at times when looking for specific info. This is why I often opt for using the API over the UI.
What problems is the product solving and how is that benefiting you?
Using Orca gives us insight into our entire cloud sprawl. I can get information about malware, open-ingress to EC2 instances, and open source vuln management. The only limit to its use is imagination.
Recommendations to others considering the product:
Get rid of all the noise and opinions of the other providers. Orca shapes itself to your security organizations needs, and processes, not the other way around.
Up and coming VM Security product
What do you like best about the product?
Exceptionally easy to onboard accounts for cloud providers. Orca enumerates assets throughout the cloud accounts with a simple service account which reduces the likelihood of overlooking assets or of Shadow IT.
What do you dislike about the product?
Vulnerabilities that are remediated either vanish without record or remain with no indication that they have been remediated. It is not very clear when a scan was last run or if a scan is currently running. There were some false positives and some assets were incorrectly marked as being Internet facing.
What problems is the product solving and how is that benefiting you?
We use Orca security to provide vulnerability management and cloud posture management for some AWS accounts.
Multiple experiences with cloud security and this is the first one that makes it easy, agentless.
What do you like best about the product?
Setup was a breeze. Side scanning just makes sense. I think finally getting to a point where I can generally see what my risks are in the cloud technology across not only the cloud but also the code and infra deployed there was pretty nifty and important to me.
What do you dislike about the product?
Can be too much information to parse, would like easier ways to drill down and simplify. Overall there is very little to dislike.
What problems is the product solving and how is that benefiting you?
Cloud Posture Assessing, Vulnerability Management.
Mastering your cloud security posture
What do you like best about the product?
we needed a solution that could provide visibility into our AWS environment while also scanning for malware, identifying misconfigurations, searching and protecting our inventory, and overseeing our PII. That’s why we were so happy to find Orca.
The unique method Orca uses to scan AWS proved to be the most suitable for us, and the most attractive to our DevOps team. After one short session between our DevOps team and Orca, we successfully deployed a POC to our development environment with close to zero friction . Within minutes, we started getting full visibility into our account. We can access valuable insights, filter out noise, and add additional capabilities to our security posture. Orca has already provided very important leads that our team was able to address before they could become significant problems. Now, we use it as a test case for other in-house security projects.
The unique method Orca uses to scan AWS proved to be the most suitable for us, and the most attractive to our DevOps team. After one short session between our DevOps team and Orca, we successfully deployed a POC to our development environment with close to zero friction . Within minutes, we started getting full visibility into our account. We can access valuable insights, filter out noise, and add additional capabilities to our security posture. Orca has already provided very important leads that our team was able to address before they could become significant problems. Now, we use it as a test case for other in-house security projects.
What do you dislike about the product?
AWS cost management can derive more costs for any vendor that operates on top of it.
What problems is the product solving and how is that benefiting you?
Full visibility into our account. We can access valuable insights, filter out noise, and add additional capabilities to our security posture
Recommendations to others considering the product:
full visibility into our account. We can access valuable insights, filter out noise, and add additional capabilities to our security posture
Agent less solution is the future in security vulnerability and container security monitoring.
What do you like best about the product?
Agent less no installation required. Simple 3 step process to connect the account and start monitoring. Very extensive deep insight into install packages within container. Clear categorization of alerts as Imminent compromises, Hazardous, Informational with color coding for clear visibility. Also builds digital asset inventory for tracking different types cloud based assets ex: S3 buckets, EC2 instances.
Very easy to connect multiple accounts across AWS, Azure, GCP.
Under Vulnerability management some of the key features to highlight are Asset Discovery, Asset Tagging, Network Scanning, Patch Management,Vulnerability Assessment,Web Scanning, Risk Management and Policy Management.
Couple of the key cloud security features to highlight are Endpoint Management,Threat Intelligence,Vulnerability Management,
Intrusion Detection System, Behavioral Analytics, Encryption and Application Security. Ease of integration was one of the reason to consider Orca security solution.
Very easy to connect multiple accounts across AWS, Azure, GCP.
Under Vulnerability management some of the key features to highlight are Asset Discovery, Asset Tagging, Network Scanning, Patch Management,Vulnerability Assessment,Web Scanning, Risk Management and Policy Management.
Couple of the key cloud security features to highlight are Endpoint Management,Threat Intelligence,Vulnerability Management,
Intrusion Detection System, Behavioral Analytics, Encryption and Application Security. Ease of integration was one of the reason to consider Orca security solution.
What do you dislike about the product?
Not real time. This is near real time solution dependent on how frequently scanning is performed. VM specific details if consolidated as actionable insights will be very helpful to narrow our focus to relevant issues (ex: identified affected packages within a container is great, giving link to specific patches will be very helpful.
What problems is the product solving and how is that benefiting you?
We were trying to solve container security challenges. Actively monitoring what is going on within container. Benefit of agent less solution is two fold, 1) Do not have to install agents on the host machine. 2) Effective in monitoring workloads running in managed containers.
Orca security, ability of side-scanning technology examines block storage out of band via a software-as-a-service (SaaS) platform.
Orca security, ability of side-scanning technology examines block storage out of band via a software-as-a-service (SaaS) platform.
Recommendations to others considering the product:
If you are looking for agent less solution. Orca Security is go to solution.
Great visibility to security related server threats in a few minutes deployment
What do you like best about the product?
clientless malware detection without any need to operate or maintenance agents, deployments and operations
What do you dislike about the product?
The downsides of using Orca Security is that it is not a real-time so threats might exist between scans
What problems is the product solving and how is that benefiting you?
Malware detection on servers, internal and external vulnerability scans, containers scans, hardening OS and containers, AWS governance.
showing 121 - 130