No more typing reviews! Try our Samantha, our new voice AI agent.

Fortinet FortiAppSec Cloud vs Orca Security comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiAppSec Cloud
Ranking in API Security
16th
Average Rating
9.0
Reviews Sentiment
6.6
Number of Reviews
2
Ranking in other categories
CDN (11th), Web Application Firewall (WAF) (26th), Distributed Denial-of-Service (DDoS) Protection (19th), Dynamic Application Security Testing (DAST) (9th)
Orca Security
Ranking in API Security
3rd
Average Rating
8.8
Reviews Sentiment
7.0
Number of Reviews
35
Ranking in other categories
Vulnerability Management (9th), Container Security (8th), Cloud Workload Protection Platforms (CWPP) (6th), Cloud Security Posture Management (CSPM) (6th), Cloud-Native Application Protection Platforms (CNAPP) (5th), Data Security Posture Management (DSPM) (7th), Cloud Detection and Response (CDR) (2nd), AI Security (2nd)
 

Featured Reviews

reviewer2812593 - PeerSpot reviewer
CIO at a financial services firm with 51-200 employees
Advanced threat protection has reduced financial risk and improves application security visibility
The issue I have with Fortinet FortiAppSec Cloud is that the real-time analysis is not robust; I am unable to see all the logs of everything that happened, including what is passive. It only logs when there are suspicious activities, which means if something is not considered suspicious by Fortinet, I will not see the full picture. That is a disadvantage because it will not log unless it identifies an IOC or attacks, meaning I cannot see traffic information in a way that helps build more intelligence. The biggest issue I have with Fortinet FortiAppSec Cloud is that the logging is not as extensive as I would prefer. For instance, if there was an issue two days ago and Fortinet FortiAppSec Cloud did not mark it as a concern, I will not see any information about that, making it challenging to explain to customers if their request did not reach us. It hampers visibility from an API perspective. They need to enhance monitoring and logging to be more extensive and capture even passive activities. The AI integration in Fortinet FortiAppSec Cloud is still new. The generative models are good, but there is much work left to improve. It is not as intelligent as it could be; thus, enhancements around the AI co-assistant would be beneficial. Additionally, logging and monitoring need improvement as I can capture traffic and investigate offline on my Fortinet firewall, including full traffic view, but Fortinet FortiAppSec Cloud currently focuses only on security concerns, which does not give the complete picture.
reviewer2800203 - PeerSpot reviewer
Assistant Manager at a manufacturing company with 10,001+ employees
Cloud posture management has improved remediation and optimizes costs with contextual risk insights
Since I have not used Orca Security for 10 months, I am uncertain what areas still need improvement, as they may have rolled out features that addressed issues I faced in the past. However, I can say the tool is good. A few things could potentially be improved, particularly regarding false positives and the UI. What I observed is that they release updates to the platform without notifying the customer. Every time the UI is upgraded, they release something without notification. This could be a slight improvement. If they released some kind of notification to just inform the customer about UI changes, the customer would be aware of the changes that Orca Security is making in the backend.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We have seen a reduction in incidents and a good return on investment from Fortinet FortiAppSec Cloud, with our return on investment around 60%."
"My favorite Fortinet device is the FortiGate next-gen firewall itself; it is a complete suite with intrusion prevention, intrusion detection, anti-malware, anti-DDoS, and SD-WAN functionalities."
"I would rate the quality of support as nine stars out of ten due to their quick and helpful responses."
"Orca Security has helped our organization become compliant and maintain high standards because any organization with multiple products needs to be compliant, especially when it comes to underlying infrastructure and cloud resources."
"The GUI features are very good. Threat intelligence is also very good."
"Orca gives you great visibility into your assets. It shows you the issues and the things that you need to attend to first, by prioritizing things. You can see a lot of information that is not always visible, even to DevOps, to help you know about the machines and their status. It's very easy to see everything in a single dashboard. That makes it a very useful tool."
"I recommend Orca Security to others looking for a cloud security solution due to its seamless integration and side-scanning technology that does not hamper cloud asset performance."
"The reporting and automated remediation capabilities are valuable to me. They're real game-changers."
"We really enjoy using Orca; it's a very well-designed, well-executed product, I'm really super-impressed, this is a game-changer."
"Orca Security saves resources because it provides the actual output on the screen with the package path."
 

Cons

"The issue I have with Fortinet FortiAppSec Cloud is that the real-time analysis is not robust; I am unable to see all the logs of everything that happened, including what is passive."
"Real-time traffic analysis has posed an issue for us because we did not see logs for legitimate traffic."
"The problem with the Orca Security technical support team and customer service team is that Orca Security is a medium company and I think they do not have a large team."
"The solution could improve by making the dashboards more elaborative and more descriptive."
"The documentation for Orca Security could be improved."
"I would be happy if they offered more automatic remediation options. They're working on that, but the more the better. For example, if they want you to harden a server, they would offer a hardening script that would be more aware of what's going on."
"Another improvement would be that, in addition to focusing on endpoint compliance, they would focus on general compliance."
"Customer support is very poor, in my opinion, because when I have a few problems, the customer support says your solution is bad or it is easier."
"In two implementation projects that I participated in, the customers reported difficulty with the options for generating specific reports."
"Orca Security could improve its ticket creation process."
 

Pricing and Cost Advice

Information not available
"It is the cost of the visibility that you get. When you really sit down and think about what do you need to do to secure an environment with a low impact on the business, and you take a look out into the world, I think this tool is well justified around cost."
"The pricing depends on how many assets you have running in your cloud and how many environments you have. If you have a dev environment, test environment, and a production environment then it's really important that you have coverage for all of them."
"While it's competitive with Palo Alto Prisma, I think Orca's list price is very high. I would advise Orca to lower it because, at that price, I might consider alternatives like Wiz, which also offers agentless services."
"The price is a bit expensive for smaller organizations."
"We have a total of 25 licenses for this solution. The solution is on a pay-and-you-use model."
"I think their pricing model is aligned with market demand. Of course, Orca could probably better align their pricing model with the needs of smaller businesses as well as some larger-scale enterprises with millions of assets. But in all fairness, I think the Orca sales team has been accommodating and ensured that we're happy with the pricing."
"Orca Security charges are based on cloud workloads. So, it's based on workloads. If we look at one feature, it might be expensive."
"Orca Security is cheaper compared to other solutions in the same space."
report
Use our free recommendation engine to learn which API Security solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
26%
Healthcare Company
10%
Manufacturing Company
9%
Financial Services Firm
9%
Financial Services Firm
15%
Computer Software Company
11%
Manufacturing Company
10%
Outsourcing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business16
Midsize Enterprise8
Large Enterprise11
 

Questions from the Community

What needs improvement with Fortinet FortiAppSec Cloud?
Real-time traffic analysis has posed an issue for us because we did not see logs for legitimate traffic. A separate license is needed for Fortinet FortiAppSec Cloud to send logs to other cloud serv...
What is your primary use case for Fortinet FortiAppSec Cloud?
Fortinet FortiAppSec Cloud is used as a WAF solution.
What advice do you have for others considering Fortinet FortiAppSec Cloud?
We are a customer running Fortinet FortiAppSec Cloud for both our organization and one for our customer. Three users use Fortinet FortiAppSec Cloud. As administrators, it is easy to maintain. Using...
What needs improvement with Orca Security?
I think Orca Security should be more SMB friendly since I mostly work with enterprise customers who have more budget. Orca Security could include options for smaller businesses and improve on areas...
What is your primary use case for Orca Security?
Of my three customers, one is using Orca Security, and two are not using it. There are plenty of use cases available for Orca Security, and I can provide more details. Orca Security is very good fo...
What advice do you have for others considering Orca Security?
I cannot provide a straightforward answer about the time it takes to address cloud security alerts because different levels of alerts exist, and fixing each alert can vary depending on how alerts a...
 

Overview

 

Sample Customers

Information Not Available
BeyondTrust, Postman, Digital Turbine, Solarisbank, Lemonade, C6 Bank, Docebo, Vercel, and Vivino
Find out what your peers are saying about Fortinet FortiAppSec Cloud vs. Orca Security and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.