We performed a comparison between Orca Security and Skybox Security Suite based on real PeerSpot user reviews.
Find out in this report how the two Vulnerability Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The vulnerability management does not require network scanning or agent technology, so I don't need to modify any of my products in order to do vulnerability assessments."
"Orca's platform provides an agentless data collection facility that collects information directly from the cloud using APIs, with zero impact on performance."
"Orca's dashboard is excellent. My team needs to be able to focus on specific areas for improvement in our cloud environment. And most recently, we've started to get good use out of sonar, the search capabilities, and the alert creation."
"Orca Security has patented technologies. It's an agentless solution, so you don't need to install an agent. Instead, it contacts your account provider and fetches metadata, eliminating the need for snapshots or reserved space to copy client infrastructure."
"With its Cloud Security Posture Management capability, we have the ability to read across all of our cloud-based environments, which includes AWS and Azure. We have visibility into those environments. Seeing all vulnerabilities and configurations is really powerful for us, but ultimately, the ability to use the API to query across the fleet to understand what is the current state, what is the patch level, which ones are potentially exposed for a new CVE that just came out is even more valuable. It allows us to gather really specific intelligence through simple queries."
"Another valuable feature with Orca, something that's not talked about enough, is its ability to rank your gaps and your tasks... You can get visibility with agents and there are a lot of ways to do that. But the ranking and the context across the entire environment, that is what is unique about Orca."
"Orca Security has updated its interface, making it more user-friendly. I find it particularly useful as it allows me to easily navigate the dashboard and prioritize actions based on severity and criticality."
"The most valuable feature of Orca Security is the automated scanning tool, user-friendliness, and ease of use."
"The solution offers very nice dashboards and they've recently added a very good Java-based web interface."
"The solution's most valuable and unique assets are the vulnerability management and change management solutions because they identify mistakes in the network before implementation which reduces risks."
"It can be integrated with a vulnerability management solution. When a client comes, apart from pitching network and firewall change management, we are recommending having vulnerability management. So, rather than just having the audit of the firewall, they can integrate it with their vulnerability management solution, which could be Rapid7, Qualys, or any other solution. This provides them the most value out of the platform. That is the way we are approaching our customer base."
"The port division management was the solution's most valuable aspect for our organization."
"Robust modules can be used for different parts of network security."
"The most valuable feature is firewall management."
"The most valuable features are the rule compliance and the OS vulnerability checks."
"The most valuable feature is the compliance, whether it's access compliance or the configuration compliance, to make sure that all of our devices are configured as they're supposed to be, to limit access as much possible, to follow least-access guidelines."
"I would be happy if they offered more automatic remediation options. They're working on that, but the more the better. For example, if they want you to harden a server, they would offer a hardening script that would be more aware of what's going on."
"The presentation of the data in the dashboard is a little bit chaotic."
"We are PCI DSS compliant, so we need to scan our environment externally with tools vetted by the PCI DSS organization. Orca doesn't scan the environment externally. It only scans what's currently in the cloud."
"I would like to see an option to do security checks on a code level. This is possible because they have access to all of the code running in the cloud provider, and combining their site-scanning solution with that would be a nice add-on."
"Another improvement would be that, in addition to focusing on endpoint compliance, they would focus on general compliance."
"The solution could improve by making the dashboards more elaborative and more descriptive."
"I think Orca could give me more alerts. It could give me a dashboard with all the specific types of alerts I want to see for the day. It should just be one click."
"As with all software, the user interface can always be made simpler to use. It would be helpful for people with very little knowledge, like somebody sitting behind the SOC, to allow them to be able to drill down into things a little bit easier than it is currently."
"The vendor's support is terrible."
"The solution needs to add more automation and orchestration capabilities. Those features would make the solution much stronger."
"There is room for improvement in pricing. It would be better, especially if a customer bought all four modules."
"The solution needs improvement in firewall configuration checks. I would also like to see more configuration checks for Forcepoint and for other non-supported firewalls."
"The only place where Skybox has room for improvement, and they're working on releasing this, it's just a slow-go, is the UI. The user interface has historically been via a locally installed thick client. They are moving to a web-based console and it's slowly coming out."
"The primary room for improvement would be to enable a web interface, which is not something which is there in the product. This is supposed to have come a year, a year and a half ago, but still has failed to come out. It still needs a client application to be installed on a workstation to be able to access that server and then run these reports. So I cannot extend that access to anybody. It has to be one administrator all the time. So unlike a web interface, where you can give multiple users simultaneous access and generate the various reports, that isn't a possibility at the moment."
"Skybox Security Suite's attack surface management feature needs improvement."
"The price could be cheaper."
Orca Security is ranked 8th in Vulnerability Management with 15 reviews while Skybox Security Suite is ranked 19th in Vulnerability Management with 34 reviews. Orca Security is rated 9.4, while Skybox Security Suite is rated 7.8. The top reviewer of Orca Security writes "Allows agentless data collection directly from the cloud". On the other hand, the top reviewer of Skybox Security Suite writes "Efficient in vulnerability management, stable and easy to use ". Orca Security is most compared with Wiz, Prisma Cloud by Palo Alto Networks, Microsoft Defender for Cloud, CrowdStrike Falcon Cloud Security and Tenable Vulnerability Management, whereas Skybox Security Suite is most compared with AlgoSec, Tufin Orchestration Suite, FireMon Security Manager, Palo Alto Networks Panorama and RedSeal. See our Orca Security vs. Skybox Security Suite report.
See our list of best Vulnerability Management vendors.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.