Phenomenal Deployment Speed and Fast Value Realization with Orca
What do you like best about the product?
The speed of deployment and the value realization are phenomenal. At Madabo Tools, we tend to acquire smaller, niche tool suppliers in Eastern Europe, and merging their legacy cloud environments into our secure network usually takes months of manual auditing. With Orca, we simply connect the acquired company’s cloud API within hours, and we quickly get a complete, prioritized map of their technical debt and vulnerabilities.
What do you dislike about the product?
When we connect a newly acquired company’s legacy cloud environment, the initial scan generates a truly overwhelming volume of alerts. We have to dedicate significant manpower for the first two weeks just to parse through the initial wave of historical misconfigurations discovered in the newly acquired accounts.
What problems is the product solving and how is that benefiting you?
Board-level reporting on cybersecurity used to rely on fragmented, anecdotal data from legacy tools. Ora provides objective, undeniable truth by consolidating our entire cloud security strategy into one agentless platform.
ORca’s FinOps Insights Keep Our Cloud Costs Under Control
What do you like best about the product?
Keeping our cloud costs under control is my primary focus. While ORca is sold as a cybersecurity platform, its cloud FinOps capabilities are a major financial asset. Because ORca scans 100% of our Azure and AWS environments, it effectively serves as an incredibly accurate infrastructure ledger.
What do you dislike about the product?
The consumption-based pricing model creates budgeting headaches. In the budget travel industry, our server workloads spike dramatically during peak summer and festival holiday seasons, which makes costs harder to predict and plan for.
What problems is the product solving and how is that benefiting you?
Cloud sprawl was silently draining our IT budget, and Orca provides the undeniable visibility we need to clean up our infrastructure. By identifying orphaned resources, we can simultaneously reduce waste and shrink our attack surface.
Orca Security’s Agentless Scanning Keeps Our AWS & Azure Fleet Systems Fast
What do you like best about the product?
We manage a massive fleet of vehicle transporters across the country, relying on the highly complex AWS and the Azure cloud environment to track our trucks, optimize routes, and manage client bookings. Orca Security’s agentless side-scanning is the main reason we chose the platform. Installing traditional security agents on our high-speed routing servers would cause unacceptable latency and CPU drag.
What do you dislike about the product?
The platform’s sheer depth of information can be overwhelming for junior cloud administrators. When we first deployed the dashboard, it immediately populated with thousands of informational alerts about our cloud configurations.
What problems is the product solving and how is that benefiting you?
Shadow IT was becoming a growing problem. As our logistics network expanded, developers were spinning up temporary servers for regional dispatch testing and then forgetting to tear them down. Orca instantly mapped our entire cloud footprint.
Orca Security’s Agentless Scanning Is Perfect for High-Performance Cloud Workloads
What do you like best about the product?
Our cloud environment supports heavy architectural workloads, including large-scale information modeling, databases, and 3D rendering servers for our construction projects. The best feature of Orca Security, in my experience, is its agentless side-scanning technology. Installing security agents on high-performance engineering servers usually causes CPU drag and can lead to software conflicts.
What do you dislike about the product?
The platform is built strictly for cybersecurity professionals. When I need to present our cloud security posture to the SGK infra board, the native reporting feels far too technical for that audience.
What problems is the product solving and how is that benefiting you?
Blind spots were our biggest risk. As we rapidly spin up new cloud infrastructure for different highway and real estate projects, it’s easy for servers to go untracked .Orca Security helps to resolve this
Orca Simplifies Cloud Vulnerability Monitoring with Clear, Actionable Insights
What do you like best about the product?
Orca makes it easy to monitor cloud vulnerabilities and misconfigurations from a single platform. The interface is straightforward, and the insights are clear and easy to understand. It helps our team quickly spot and address issues without having to jump between multiple tools.
What do you dislike about the product?
Some of the more advanced features take a bit of time to learn fully. Also, a few sections could offer more customization to better support different workflows.
What problems is the product solving and how is that benefiting you?
It provides centralized visibility into our cloud risks and reduces the need for separate security tools. That saves time and makes it much easier to manage vulnerabilities and configuration issues from one place. As a result, our team can respond to problems faster and with less manual effort.
Agentless Side-Scanning Made Securing Our Cloud Environment Effortless
What do you like best about the product?
Managing the digital infrastructure for our sports management firm means our team is constantly on the move. The agentless side-scanning technology is a total game changer: we were able to secure our entire cloud environment without having to install the software on the various remote systems or the virtual machines. Our agents use this to access athlete data, and it makes protecting that environment much easier.
What do you dislike about the product?
The platform is incredibly feature-rich, which can be overwhelming for a small IT team. When we first deployed it, the volume of data and the technical metrics required created a steep learning curve.
What problems is the product solving and how is that benefiting you?
In sports management, personally identifiable information is our most valuable asset. A data breach could ruin our reputation and our clients’ careers. Orca helps us identify shadow IT servers or databases that different departments spin up for specific events.
Context-Aware Risk Scoring That Makes Vulnerability Management Easy
What do you like best about the product?
The risk scoring is one of the most valuable parts of the platform. The alerts are clear, actionable, and prioritized using real context rather than relying only on severity levels. As a result, we no longer waste time combing through huge CVE lists that don’t actually apply to our environment. Overall, it makes vulnerability management far more manageable and easier to stay on top of.
What do you dislike about the product?
Some of the more advanced filtering options could be easier to configure. Also, a few of the dashboards take a bit of time to fully get used to, so there’s a small learning curve at first.
What problems is the product solving and how is that benefiting you?
It helps reduce alert fatigue by highlighting the vulnerabilities that actually pose a real risk. As a result, our team can focus on remediation more quickly instead of manually sorting through all the findings. Overall, it has improved both our efficiency and our response time.
Automated cloud risk visibility has reduced manual checks and prioritizes real threats effectively
What is our primary use case?
My main use case for Orca Security is cloud security posture management for our cloud in the company.
A specific example of how I use Orca Security for cloud security posture management is that we connect Orca Security to our main cloud providers, it scans all of the configurations, and it lets us know if we have risks in our configurations and how to mitigate them, and also it helps us to prioritize those risks.
I would also like to add that we are evaluating using Orca Security for scanning Infrastructure as Code and scripts.
What is most valuable?
In my opinion, the best features Orca Security offers include the integration to our cloud services, which is smooth, easy, and plug and play, along with its effectiveness in prioritizing risks, taking into account all of the different factors that make a risk—not only vulnerabilities but also if you have sensitive data or if you have your cloud resources exposed, giving you the risk based on that context, which helps you to prioritize the risks to know where to mitigate first.
This has changed the way my team works and responds to threats because it saves us a lot of time and helps us to focus on the real risk rather than all of the alerts that we receive, as we have a lot; therefore, we cannot fix everything and need to prioritize, making the way that Orca Security prioritizes the risks key for us.
Orca Security has impacted my organization positively by giving us visibility on what is happening in the cloud and helping us detect risks fast. Before Orca Security, we did not have that visibility, and we had to manually check our cloud to understand if we had risks. Today, with Orca Security, we are comfortable and feel that we have the visibility that we need in the cloud to be sure that we do not have risks there.
What needs improvement?
I would add that the CDR, the Cloud Detection and Response that Orca Security offers, could be improved as it is not the best functionality that it offers. Orca Security is good at posture, but not at the response and alerting in real time.
Orca Security can be improved as it is very good at posture, but it does not detect attacks or behavioral attacks in the cloud on its own; it depends on other security features or logs like GuardDuty from Amazon, lacking its own intelligence to detect and respond to attacks.
Additionally, it could be useful if Orca Security has more context on the network and how the resources are exposed. For example, it could take into account that we have a firewall in front of an S3 in Amazon and understand that we do not have so much risk there because of that firewall, incorporating the network topology context, which today does not function as it should.
For how long have I used the solution?
I have been using Orca Security for three years.
What do I think about the stability of the solution?
In my experience, Orca Security is stable.
What do I think about the scalability of the solution?
Orca Security's scalability is quite good; it scales smoothly, and adding more resources or clouds is easy.
How are customer service and support?
Orca Security's customer support is not very good. We are practically alone; we do not use the support, and they are not very responsive.
Which solution did I use previously and why did I switch?
I did not previously use a different solution for cloud security.
How was the initial setup?
My experience with pricing, setup cost, and licensing is good. The costs are reasonable, licensing is clear, and the renewal process is good.
What was our ROI?
We do not see a return on investment in that way; rather, we see that we improve our risk posture, as we have detected risks that without Orca Security, we would not have detected. In that sense, I can say that it mitigates risks, but I do not have a metric on that.
What's my experience with pricing, setup cost, and licensing?
We do not have specific metrics; however, I can say that in the past, it took us two to three hours a week to do manual checks, whereas today with Orca Security, we just check the dashboard for ten minutes a day and that is all.
Which other solutions did I evaluate?
Before choosing Orca Security, I evaluated other options, specifically Wiz.
What other advice do I have?
My advice to others looking into using Orca Security is to access the console every day to see if you have risks, to try to stay close to customer support to understand new features, and to not rely on the CDR because it is not very effective. I rated this product an eight out of ten.
Real-Time AWS Security Reports That Remove Compliance Roadblocks
What do you like best about the product?
Selling enterprise B2B SaaS at the Gdwal means our sales cycle inevitably hits a massive roadblock: the client security and compliance audit. Orca Security has been an incredible sales enablement tool for us. When a client asks how we’re secure, I can pull a real-time report generated by Orca that shows our AWS environment is completely secure.
What do you dislike about the product?
Orca’s pricing is consumption-based, and that makes it difficult for me to vote confidently. If a client scales their cloud usage with us rapidly, our underlying Orca costs spike.
What problems is the product solving and how is that benefiting you?
The security phase of our enterprise sales process used to stall deals for months while our engineers scrambled to prove that our infrastructure was truly safe. Orca automated that proof by providing undeniable third-party validation of our cloud security posture.
Orca Unifies Cloud Security for a Streamlined, Easier-to-Manage Experience
What do you like best about the product?
Orca brings several parts of cloud security together in a single platform, and that makes a real difference. We can view workload vulnerabilities, misconfigurations, and exposed secrets all in one place, which reduces the need to jump between separate tools. Overall, the experience feels more streamlined and easier to manage for both the security team and operations.
What do you dislike about the product?
Because it covers so much, some areas take time to fully explore and get comfortable with. A little more customization in the views would make it easier to focus on specific priorities and tailor what I’m seeing to what matters most.
What problems is the product solving and how is that benefiting you?
It removes the need for multiple point solutions and provides us with a single, unified view of risk. That makes security management simpler and helps cut down on operational overhead. With everything centralized, our teams can collaborate more smoothly and work more efficiently.
