Try our new research platform with insights from 80,000+ expert users

BMC Helix Cloud Security vs Orca Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 17, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Cloud Workload Protection Platforms (CWPP)
4th
Ranking in Cloud Security Posture Management (CSPM)
3rd
Average Rating
8.8
Reviews Sentiment
7.9
Number of Reviews
114
Ranking in other categories
Vulnerability Management (5th), Cloud and Data Center Security (3rd), Container Security (3rd), Cloud-Native Application Protection Platforms (CNAPP) (3rd), Compliance Management (1st)
BMC Helix Cloud Security
Ranking in Cloud Workload Protection Platforms (CWPP)
22nd
Ranking in Cloud Security Posture Management (CSPM)
29th
Average Rating
8.0
Reviews Sentiment
7.5
Number of Reviews
5
Ranking in other categories
No ranking in other categories
Orca Security
Ranking in Cloud Workload Protection Platforms (CWPP)
10th
Ranking in Cloud Security Posture Management (CSPM)
11th
Average Rating
9.0
Reviews Sentiment
7.8
Number of Reviews
21
Ranking in other categories
Vulnerability Management (14th), Container Security (16th), API Security (4th), Cloud-Native Application Protection Platforms (CNAPP) (6th), Data Security Posture Management (DSPM) (8th), Cloud Detection and Response (CDR) (2nd)
 

Mindshare comparison

As of July 2025, in the Cloud Security Posture Management (CSPM) category, the mindshare of SentinelOne Singularity Cloud Security is 3.0%, up from 1.1% compared to the previous year. The mindshare of BMC Helix Cloud Security is 0.3%, up from 0.2% compared to the previous year. The mindshare of Orca Security is 6.1%, down from 7.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Security Posture Management (CSPM)
 

Featured Reviews

Andrew W - PeerSpot reviewer
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.
GregoireSoukiassian - PeerSpot reviewer
Effectively addresses security concerns but could use enhancement in terms of integration
BMC Helix Cloud Security has room for improvement in terms of integrating its various features. It currently consists of separate point solutions that don't flow together as seamlessly as they could. This lack of integration, unlike platforms like ServiceNow, may be due to historical factors. Enhancing this integration would make it a more compelling choice from a business perspective and offer a smoother user experience. In the next release of BMC Helix Cloud Security, I would like to see additional features, particularly AI integration, which has already been announced. AI integration could bring more precision to the platform, making it even more interesting and effective.
CHINTAN MEHTA - PeerSpot reviewer
Consolidating security tools with comprehensive cloud visibility
The documentation for Orca Security could be improved. The compliance framework also needs enhancements, especially concerning integrations with other tools like ServiceNow's vulnerability modules, which are not as mature as expected. It should also increase its capability to ingest data from other security tools like CloudSight for endpoint detection and provide real-time monitoring.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"SentinelOne Singularity Cloud Security's most valuable feature is its unified console."
"The cloud misconfiguration feature and Offensive Security Engine, as well as their alerting process, are valuable."
"SentinelOne Singularity Cloud Security is on top of protecting ephemeral workloads."
"SentinelOne Singularity Cloud Security stands out for its user-friendly interface and intuitive software, making it easy to navigate and use."
"The dashboard is intuitive in terms of design and functionality. Additionally, it gives me an email for all the findings that are open."
"Cloud Native Security has helped us with our risk posture and securing our agenda. It has been tremendous in terms of supporting growth."
"We're monitoring several cloud accounts with Singularity. It is convenient to identify issues or security failures in any account. It's nice to have all the details we need to solve these issues."
"Support has been very helpful and provides regular feedback and help whenever needed. They've been very useful."
"Role-based security is a valuable feature."
"The best feature is time to value. With very minimal effort, you are able to have a cohesive view into your security posture on one or multiple cloud accounts, particularly if you are dealing with multicloud. If you have Azure and AWS deployments, you might have multiple subscriptions in Azure and usually multiple accounts in AWS. You may even be doing some GCP work (around Google Cloud Platform). It's very difficult to manage a common set of policies, even less reporting, across multiple subscriptions, accounts, and cloud environments. What BMC Helix Cloud Security does is provide a unified view or single pane of glass as to your baseline. Then, it also facilitates the ability for Level 1 or 2 operations support to take action and report on security vulnerabilities."
"The features that I've found most valuable are its container security aspect. I also like its vulnerability management tools."
"The cool feature of Helix Cloud Security is that you can do all that — understand and remediate issues — in one dashboard, based on the different policies that are available for security, out-of-the-box."
"The most valuable aspects of BMC Helix Cloud Security are its security features and regulatory compliance capabilities."
"It's also multi-cloud. You can look at several cloud providers: AWS, Azure, or GCP."
"One of the valuable features of Orca Security is its design and options that allow flexible filtering and user-friendly visualization."
"Orca gives you great visibility into your assets. It shows you the issues and the things that you need to attend to first, by prioritizing things. You can see a lot of information that is not always visible, even to DevOps, to help you know about the machines and their status. It's very easy to see everything in a single dashboard. That makes it a very useful tool."
"Orca provides X-ray vision into everything within the cloud properties, whereas normally, this would require multiple tools."
"With its Cloud Security Posture Management capability, we have the ability to read across all of our cloud-based environments, which includes AWS and Azure. We have visibility into those environments. Seeing all vulnerabilities and configurations is really powerful for us, but ultimately, the ability to use the API to query across the fleet to understand what is the current state, what is the patch level, which ones are potentially exposed for a new CVE that just came out is even more valuable. It allows us to gather really specific intelligence through simple queries."
"Another valuable feature with Orca, something that's not talked about enough, is its ability to rank your gaps and your tasks... You can get visibility with agents and there are a lot of ways to do that. But the ranking and the context across the entire environment, that is what is unique about Orca."
"I would rate the quality of support as nine stars out of ten due to their quick and helpful responses."
"There are so many valuable features that I could list, but one that I appreciate is the PCI DSS compliance report."
"Orca Security has updated its interface, making it more user-friendly. I find it particularly useful as it allows me to easily navigate the dashboard and prioritize actions based on severity and criticality."
 

Cons

"We can customize security policies but lack auditing capabilities."
"One potential drawback is the cost of SentinelOne Singularity Cloud Security, which may be prohibitive for smaller businesses or startups, particularly those in regions with lower average incomes, such as India."
"SentinelOne Singularity Cloud Security can improve by eliminating 100 percent of the false positives."
"SentinelOne Singularity Cloud Security can be improved by developing a comprehensive set of features that allow for automated workflows."
"The area of improvement is the cost, which is high compared to other traditional endpoint protections."
"Singularity Cloud Security currently lacks a break-glass account function, which is a critical component for implementing Single Sign-On as it allows for regaining access in emergencies."
"In some cases, the rules are strictly enforced but do not align with real-world use cases."
"Scanning capabilities should be added for the dark web."
"The UI could be more user-friendly."
"Every organization out there doesn't rely on just one control body. They use FISMA control. They may use HIPAA, CIS, PCI, or SOX, then blend them. One of the things that is now in big demand for BMC Helix Cloud Security is content. That's the next journey in its lifespan, making it easier for the community to share and collaborate on content for security controls that can be measured and remediated."
"I want the role-based security feature to be improved."
"BMC Helix Cloud Security has room for improvement in terms of integrating its various features."
"We've had some with issues connectors. The connectors have seemed to have caused a little bit of trouble, perhaps with the APIs trying to scan the environment. The only time I've had to reach out to tech support was for that. It seems it may not have been scanning correctly or I wasn't seeing data within a specific time. But we've set up a couple of connectors in the past couple of weeks and they actually scanned the AWS environment and we had data within about 10 minutes. It's working a lot faster and I think they're making improvements as they go."
"The automatic scan only runs every 24 hours, and if an alert is remediated within an hour, it still remains until the next scheduled scan."
"In the future, I'd like to see Orca work better with third-party vendors. Specifically, being able to provide sanitized results from third parties."
"Orca Security could improve its ticket creation process. Currently, it allows for creating tickets in only one bucket, which requires monitoring to redirect tickets to the appropriate team."
"Orca needs improvement in snoozing or dismissing specific alarms."
"Orca Security can be improved as there should be some kind of central pane of glass. Similar to how cloud management works, Orca Security should have something comparable."
"I think Orca could give me more alerts. It could give me a dashboard with all the specific types of alerts I want to see for the day. It should just be one click."
"The documentation for Orca Security could be improved."
"As with all software, the user interface can always be made simpler to use. It would be helpful for people with very little knowledge, like somebody sitting behind the SOC, to allow them to be able to drill down into things a little bit easier than it is currently."
 

Pricing and Cost Advice

"PingSafe falls within the typical price range for cloud security platforms."
"PingSafe falls somewhere in the middle price range, neither particularly cheap nor expensive."
"The features included in PingSafe justify its price point."
"The pricing is fair. It is not inexpensive, and it is also not expensive. When managing a large organization, it is going to be costly, but it meets the business needs. In terms of what is out there on the market, it is fair and comparable to what I have seen, so I do not have any complaints about the cost"
"For pricing, it currently seems to be in line with market rates."
"The cost for PingSafe is average when compared to other CSPM tools."
"As a partner, we receive a discount on the licenses."
"I understand that SentinelOne is a market leader, but the bill we received was astronomical."
"The pricing is based on an annual subscription, upfront, and it's based on cloud assets. Whether your assets are in Azure and AWS combined, the tool tells you how many assets are being scanned and that's the number used for pricing."
"It is a subscription model with term licensing that is usually yearly. This includes, not only the product, but support and maintenance. It is based on cloud assets. Therefore, if you have 100 cloud assets, those cloud assets are measured based on evaluation or transactions. For example, if I'm evaluating that cloud asset for CIS compliance, PCI compliance, and AWS best practices, that asset gets evaluated three times, as those are three transactions. However, the license model is based on peak asset usage. So, over a year, if you deploy 100, 1000, 500, and then 2000 assets, you will be charged for the 2000 peak of assets managed by Helix Cloud Security."
"Orca Security is cheaper compared to other solutions in the same space."
"I think their pricing model is aligned with market demand. Of course, Orca could probably better align their pricing model with the needs of smaller businesses as well as some larger-scale enterprises with millions of assets. But in all fairness, I think the Orca sales team has been accommodating and ensured that we're happy with the pricing."
"Overall, the pricing is reasonable and the discounts have been acceptable."
"Orca is very competitive when compared to the alternatives and is not the most expensive in the market, that's for sure."
"While it's competitive with Palo Alto Prisma, I think Orca's list price is very high. I would advise Orca to lower it because, at that price, I might consider alternatives like Wiz, which also offers agentless services."
"The most expensive solution is Palo Alto. They claim to be very robust. The next most expensive is Wiz, followed by Orca and all the rest."
"We have a total of 25 licenses for this solution. The solution is on a pay-and-you-use model."
"It is the cost of the visibility that you get. When you really sit down and think about what do you need to do to secure an environment with a low impact on the business, and you take a look out into the world, I think this tool is well justified around cost."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
861,803 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
15%
Manufacturing Company
9%
Government
6%
Financial Services Firm
27%
Computer Software Company
14%
Manufacturing Company
8%
Comms Service Provider
6%
Computer Software Company
16%
Financial Services Firm
12%
Manufacturing Company
9%
University
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
I don't handle the price part, but it isn't more expensive than Palo Alto Prisma Cloud. It's not cheap, but it is wor...
What needs improvement with PingSafe?
There is scope for more application security posture management features. Additionally, the runtime protection needs ...
What do you like most about BMC Helix Cloud Security?
The most valuable aspects of BMC Helix Cloud Security are its security features and regulatory compliance capabilities.
What is your experience regarding pricing and costs for BMC Helix Cloud Security?
I would rate the price of BMC Helix Cloud Security as a seven in terms of costliness. It is not the cheapest option a...
What needs improvement with BMC Helix Cloud Security?
BMC Helix Cloud Security has room for improvement in terms of integrating its various features. It currently consists...
What do you like most about Orca Security?
It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just ...
What needs improvement with Orca Security?
I really love the way Orca Security worked. A potential improvement could be additional security features for the two...
What is your primary use case for Orca Security?
We used Orca Security ( /products/orca-security-reviews ) for about two to three months until I left the company. The...
 

Also Known As

PingSafe
TrueSight Cloud Security, SecOps Policy Service
No data available
 

Overview

 

Sample Customers

Information Not Available
NHS, Vodafone, Kansas City Life, SKY Italia, Cybera
BeyondTrust, Postman, Digital Turbine, Solarisbank, Lemonade, C6 Bank, Docebo, Vercel, and Vivino
Find out what your peers are saying about BMC Helix Cloud Security vs. Orca Security and other solutions. Updated: May 2025.
861,803 professionals have used our research since 2012.