Aqua Cloud Security Platform vs Orca Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jul 5, 2023
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Container Security
5th
Ranking in Cloud Workload Protection Platforms (CWPP)
5th
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
4th
Average Rating
8.6
Number of Reviews
85
Ranking in other categories
Vulnerability Management (5th), Cloud and Data Center Security (5th), Cloud Security Posture Management (CSPM) (4th), Compliance Management (5th)
Aqua Cloud Security Platform
Ranking in Container Security
9th
Ranking in Cloud Workload Protection Platforms (CWPP)
11th
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
9th
Average Rating
8.0
Number of Reviews
16
Ranking in other categories
Cloud and Data Center Security (11th), Software Supply Chain Security (6th), DevSecOps (5th)
Orca Security
Ranking in Container Security
14th
Ranking in Cloud Workload Protection Platforms (CWPP)
12th
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
10th
Average Rating
9.4
Number of Reviews
15
Ranking in other categories
Vulnerability Management (9th), Cloud Security Posture Management (CSPM) (10th), Data Security Posture Management (DSPM) (6th), Cloud Detection and Response (CDR) (2nd)
 

Mindshare comparison

As of July 2024, in the Container Security category, the mindshare of SentinelOne Singularity Cloud Security is 2.6%, up from 1.6% compared to the previous year. The mindshare of Aqua Cloud Security Platform is 8.0%, down from 9.8% compared to the previous year. The mindshare of Orca Security is 7.0%, down from 7.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Container Security
Unique Categories:
Vulnerability Management
1.6%
Cloud and Data Center Security
0.4%
Cloud Workload Protection Platforms (CWPP)
4.5%
 

Featured Reviews

SA
May 31, 2024
Gives us better visibility into our resources and enables faster resolution
The detection time could be better. It takes a long time to scan. I'm not sure how long other tools take for the same amount of scanning, so I cannot compare it with other tools, but it takes us half a day to a full day to complete the scan. I want to get the reports faster so we can start fixing the problems. The proof of exploitability is another area for improvement. While I have all the information to troubleshoot the problem, it isn't detailed enough for an administrator. It has sufficient information for a general user, but an administrator would like to know all the ins and outs of the vulnerabilities that have been reported. I would like to see the map feature improve. It's good, but it isn't fully developed. It lets us use custom resources and policies but does not allow us to perform some actions. I would also like more custom integration and runtime security for Kubernetes.
LF
Aug 2, 2023
Provides workload protection and helps identify security misconfigurations, vulnerabilities, and risks
I'm using it for workload protection. So, in most cases, for protecting containers, verifying Kubernetes configurations, cloud configurations, and identifying security misconfigurations, vulnerabilities, and risks I use it to demonstrate to customers because I'm a sales engineer. Many customers…
DL
Mar 29, 2024
Helps increase cloud visibility on different platforms, very stable product and quick to deploy
Some of the customers use it to actually look at their assets in the cloud. It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just scan the entire assets in the cloud It helps increase cloud visibility on different platforms. And also…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"They're responsive to feature requests. If I suggest a feature for Prisma, I will need to wait until the next release on their roadmap. Cloud Native Security will add it right away."
"We've seen a reduction in resources devoted to vulnerability monitoring. Before PingSafe we spent a lot of time monitoring and fixing these issues. PingSafe enabled us to divert more resources to the production environment."
"PingSafe offers three key features: vulnerability management notifications, cloud configuration assistance, and security scanning."
"The user-friendly dashboard offers both convenience and security by providing quick access to solutions and keeping us informed of potential threats."
"PingSafe's integration is smooth. They are highly customer-oriented, and the integration went well for us."
"PingSafe can integrate all your cloud accounts and resources you create in the AWS account, We have set it up to scan the AWS transfer services, EC2, security groups, and GitHub."
"Cloud Native Security offers attack path analysis."
"PingSafe released a new security graph tool that helps us identify the root issue. Other tools give you a pass/fail type of profile on all misconfigurations, and those will run into the thousands. PingSafe's graphing algorithm connects various components together and tries to identify what is severe and what is not. It can correlate various vulnerabilities and datasets to test them on the back end to pinpoint the real issue."
"Aqua Security allowed us to gain visibility into the vulnerabilities that were present in the container images, that were being rolled out, the amount of risk that we were introducing to the platform, and provided us a look into the container environment by introducing access control mechanisms. In addition, when it came to runtime-level policies, we could restrict container access to resources in our environment, such as network-level or other application-level access."
"The most valuable features are that it's easy to use and manage."
"The most valuable feature is the security."
"The most valuable feature of Aqua Security is the scanner."
"Aqua Security helps us to check the vulnerability of image assurance and check for malware."
"Their sandboxing service is also really good."
"Support is very helpful."
"We use Aqua Security for the container security features."
"The reporting and automated remediation capabilities are valuable to me. They're real game-changers."
"It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just scan the entire assets in the cloud."
"Orca gives you great visibility into your assets. It shows you the issues and the things that you need to attend to first, by prioritizing things. You can see a lot of information that is not always visible, even to DevOps, to help you know about the machines and their status. It's very easy to see everything in a single dashboard. That makes it a very useful tool."
"There are so many valuable features that I could list, but one that I appreciate is the PCI DSS compliance report."
"The visibility Orca provides into my environment is at the highest level... When I dropped them into the environment, from the very get-go I had more insight into the risks in my environment than I had had during the entire two and a half years I had been here."
"Another valuable feature with Orca, something that's not talked about enough, is its ability to rank your gaps and your tasks... You can get visibility with agents and there are a lot of ways to do that. But the ranking and the context across the entire environment, that is what is unique about Orca."
"Orca Security has updated its interface, making it more user-friendly. I find it particularly useful as it allows me to easily navigate the dashboard and prioritize actions based on severity and criticality."
"Orca's SideScanning is the biggest feature. It's the 'wow' factor... With Orca's SideScanning, they just need permissions for your account and that makes it so simple."
 

Cons

"The resolution suggestions could be better, and the compliance features could be more customizable for Indian regulations. Overall, the compliance aspects are good. It gives us a comprehensive list, and its feedback is enough to bring us into compliance with regulations, but it doesn't give us the specific objects."
"With Cloud Native Security, we can't selectively enable or disable alerts based on our specific use case."
"I export CSV. I cannot export graphs. Restricting it to the CSV format has its own disadvantages. These are all machine IP addresses and information. I cannot change it to the JSON format. The export functionality can be improved."
"When we get a new finding from PingSafe, I wish we could get an alert in the console, so we can work on it before we see it in the report. It would be very useful for the team that is actively working on the PingSafe platform, so we can close the issue the same day before it appears in the daily report."
"There is no break-glass account feature. They should implement this as soon as possible because we can't implement SSO without a break-glass feature."
"A few YouTube videos could be helpful. There isn't a lot of information out there to look at."
"Scanning capabilities should be added for the dark web."
"When we request any changes, they must be reflected in the next update."
"In the next release, Aqua Security should add the ability to automatically send reports to customers."
"I would like Aqua Security to look into is the development of a web security portal."
"Since we are working from home, we would like to have the proper training for Aqua."
"The user interface could be improved, especially in terms of organization and clarity."
"There's room for improvement, particularly in management capabilities as it may not be comprehensive enough for all customers, and it has been lacking in the realm of cloud security posture management."
"Aqua Security could improve the forwarding of logging into Splunk and into other tools, it should be easier."
"The solution could improve user-friendliness."
"It's a bit hard to use the user roles. That was a bit confusing."
"The interface can be a bit cranky and sometimes takes a lot of time to load."
"As with all software, the user interface can always be made simpler to use. It would be helpful for people with very little knowledge, like somebody sitting behind the SOC, to allow them to be able to drill down into things a little bit easier than it is currently."
"It's not all clouds that they are currently onboarded with. For instance, they are not yet with public cloud and many other private clouds."
"The main drawback in an agentless approach is that if the solution detects a virus or malware in the environment, we need to manually remove it. But from my experience with other production environments, it's not straightforward to install agents in the hope they will automatically remediate viruses, even from production environments... Ultimately, the ability to auto-remediate is something that I would like to see."
"They can expand a little bit in anti-malware detection. While we have pretty good confidence that it's going to detect some of the static malware, some of the detections are heuristics. There could be a growth in the library from where they're pulling their information, but we don't get a lot of those alerts based on the design of our products. In general, that might be an area that needs to be filled since they offer it as a service within it."
"I would be happy if they offered more automatic remediation options. They're working on that, but the more the better. For example, if they want you to harden a server, they would offer a hardening script that would be more aware of what's going on."
"We are PCI DSS compliant, so we need to scan our environment externally with tools vetted by the PCI DSS organization. Orca doesn't scan the environment externally. It only scans what's currently in the cloud."
"The solution could improve by making the dashboards more elaborative and more descriptive."
 

Pricing and Cost Advice

"The price depends on the extension of the solution that you want to buy. If you want to buy just EDR, the price is less. XDR is a little bit more expensive. There are going to be different add-ons for Singularity."
"The pricing is fair. It is not inexpensive, and it is also not expensive. When managing a large organization, it is going to be costly, but it meets the business needs. In terms of what is out there on the market, it is fair and comparable to what I have seen, so I do not have any complaints about the cost"
"PingSafe's primary advantage is its ability to consolidate multiple tools into a single user interface, but, beyond this convenience, it may not offer significant additional benefits to justify its price."
"PingSafe falls within the typical price range for cloud security platforms."
"I am not involved in the pricing, but it is cost-effective."
"Its pricing is okay. It is in line with what other providers were providing. It is not cheap. It is not expensive."
"I wasn't sure what to expect from the pricing, but I was pleasantly surprised to find that it was a little less than I thought."
"It is not that expensive. There are some tools that are double the cost of PingSafe. It is good on the pricing side."
"Aqua Security is not cheap, and it's not very expensive, such as Splunk, they are in the middle."
"The pricing of this solution could be improved."
"It comes at a reasonable cost."
"They were reasonable with their pricing. They were pretty down-to-earth about the way they pitched their product and the way they tried to close the deal. They were one of the rare companies that approached the whole valuation in a way that made sense for our company, for our needs, and for their own requirements as well... They will accommodate your needs if they are able to understand them and they're stated clearly."
"Dealing with licensing costs isn't my responsibility, but I know that the licenses don't depend on the number of users, but instead are priced according to your workload."
"The most expensive solution is Palo Alto. They claim to be very robust. The next most expensive is Wiz, followed by Orca and all the rest."
"I think their pricing model is aligned with market demand. Of course, Orca could probably better align their pricing model with the needs of smaller businesses as well as some larger-scale enterprises with millions of assets. But in all fairness, I think the Orca sales team has been accommodating and ensured that we're happy with the pricing."
"The pricing depends on how many assets you have running in your cloud and how many environments you have. If you have a dev environment, test environment, and a production environment then it's really important that you have coverage for all of them."
"Orca Security charges are based on cloud workloads. So, it's based on workloads. If we look at one feature, it might be expensive."
"Overall, the pricing is reasonable and the discounts have been acceptable."
"It is the cost of the visibility that you get. When you really sit down and think about what do you need to do to secure an environment with a low impact on the business, and you take a look out into the world, I think this tool is well justified around cost."
"Orca is very competitive when compared to the alternatives and is not the most expensive in the market, that's for sure."
"We have a total of 25 licenses for this solution. The solution is on a pay-and-you-use model."
report
Use our free recommendation engine to learn which Container Security solutions are best for your needs.
792,098 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
20%
Financial Services Firm
15%
Manufacturing Company
10%
Insurance Company
5%
Financial Services Firm
23%
Computer Software Company
16%
Manufacturing Company
11%
Government
6%
Computer Software Company
17%
Financial Services Firm
13%
Manufacturing Company
8%
Government
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
Singularity Cloud Security by SentinelOne is cost-efficient.
What needs improvement with PingSafe?
A recurring issue caused frustration: a vulnerability alert would appear, and we'd fix it, but then the same alert wo...
What do you think of Aqua Security vs Prisma Cloud?
Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valu...
What do you like most about Aqua Security?
Customers find it invaluable to have the ability to check for vulnerabilities in an image before deployment, similar ...
What is your experience regarding pricing and costs for Aqua Security?
It comes at a reasonable cost. When compared to Prisma Cloud, it is more budget-friendly.
What do you like most about Orca Security?
It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just ...
What needs improvement with Orca Security?
The company is managed by industry veterans. It's a cloud-based product. They handle misconfigurations and analyse yo...
What is your primary use case for Orca Security?
We use the solution to show misconfiguration. Often, users lack knowledge about their assets' fingerprints and their ...
 

Also Known As

PingSafe
Aqua Security Platform, CloudSploit, Argon
No data available
 

Overview

 

Sample Customers

Information Not Available
HPE Salesforce Telstra Ellie Mae Cathay Pacific HomeAway
BeyondTrust, Postman, Digital Turbine, Solarisbank, Lemonade, C6 Bank, Docebo, Vercel, and Vivino
Find out what your peers are saying about Aqua Cloud Security Platform vs. Orca Security and other solutions. Updated: June 2024.
792,098 professionals have used our research since 2012.