Try our new research platform with insights from 80,000+ expert users

Orca Security vs Prisma Cloud by Palo Alto Networks comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 29, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Container Security
3rd
Ranking in Cloud Security Posture Management (CSPM)
3rd
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
3rd
Average Rating
8.8
Reviews Sentiment
7.9
Number of Reviews
114
Ranking in other categories
Vulnerability Management (5th), Cloud and Data Center Security (3rd), Cloud Workload Protection Platforms (CWPP) (4th), Compliance Management (1st)
Orca Security
Ranking in Container Security
16th
Ranking in Cloud Security Posture Management (CSPM)
11th
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
6th
Average Rating
9.0
Reviews Sentiment
7.8
Number of Reviews
21
Ranking in other categories
Vulnerability Management (14th), Cloud Workload Protection Platforms (CWPP) (10th), API Security (4th), Data Security Posture Management (DSPM) (8th), Cloud Detection and Response (CDR) (2nd)
Prisma Cloud by Palo Alto N...
Ranking in Container Security
1st
Ranking in Cloud Security Posture Management (CSPM)
2nd
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
1st
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
110
Ranking in other categories
Web Application Firewall (WAF) (6th), Data Security Posture Management (DSPM) (2nd)
 

Mindshare comparison

As of July 2025, in the Cloud-Native Application Protection Platforms (CNAPP) category, the mindshare of SentinelOne Singularity Cloud Security is 3.7%, up from 1.4% compared to the previous year. The mindshare of Orca Security is 7.4%, down from 9.3% compared to the previous year. The mindshare of Prisma Cloud by Palo Alto Networks is 15.6%, down from 21.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud-Native Application Protection Platforms (CNAPP)
 

Featured Reviews

Andrew W - PeerSpot reviewer
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.
CHINTAN MEHTA - PeerSpot reviewer
Consolidating security tools with comprehensive cloud visibility
The documentation for Orca Security could be improved. The compliance framework also needs enhancements, especially concerning integrations with other tools like ServiceNow's vulnerability modules, which are not as mature as expected. It should also increase its capability to ingest data from other security tools like CloudSight for endpoint detection and provide real-time monitoring.
Mohammad Qaw - PeerSpot reviewer
It gives you one console to see all of your assets, review their configurations, and build your processes
Most customers use Prisma Cloud for visibility and compliance. Prisma has so many features, but many organizations do not use them. They primarily use the visibility part to connect all their cloud accounts and hosts for visibility to see if they are missing any security controls or if they have any misconfigurations. You can connect it to cloud environments such as Azure, AWS, Oracle Cloud, Alibaba, etc., or to an on-prem data center. Prisma Cloud gives you so many options to automate processes related to your daily operations. When it comes to cybersecurity, you can automate things with their existing APIs. They also have out-of-the-box integrations with many solutions. I have not seen any limitations. Everything is customizable. You can do whatever you want, defining the reporting and custom use cases. They recently updated the UI, so it's much better than before.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features of SentinelOne Singularity Cloud Security are the asset inventory and issue indexing."
"SentinelOne Singularity Cloud Security provides email alerts and ranks issues based on severity, such as high, critical, etc., that help us prioritize issues."
"Singularity Cloud's ability to create custom correlation searches and reduce noise is highly valuable."
"The user-friendliness is the most valuable feature."
"Our previous product took a lot of man hours to manage. Once we got Singularity Cloud Workload Security, it freed up our time to work on other tasks."
"The ease of use of the platform is very nice."
"The UI and the widgets are what I personally appreciate. I find it easy to use."
"SentinelOne Singularity Cloud Security is better than other vendors because we get all the cloud-related, data center-related information."
"There are so many valuable features that I could list, but one that I appreciate is the PCI DSS compliance report."
"Orca's platform provides an agentless data collection facility that collects information directly from the cloud using APIs, with zero impact on performance."
"The vulnerability management does not require network scanning or agent technology, so I don't need to modify any of my products in order to do vulnerability assessments."
"I find Orca Security's CIEM feature invaluable, as it focuses on entitlement and posture management, identifying assets with older OS versions, and asset misconfiguration."
"The best features of Orca Security include its ability to perform a lot of security controls without requiring any installation of agents, making it very easy to set up."
"Orca gives you great visibility into your assets. It shows you the issues and the things that you need to attend to first, by prioritizing things. You can see a lot of information that is not always visible, even to DevOps, to help you know about the machines and their status. It's very easy to see everything in a single dashboard. That makes it a very useful tool."
"The most valuable feature of Orca Security is the automated scanning tool, user-friendliness, and ease of use."
"Orca's dashboard is excellent. My team needs to be able to focus on specific areas for improvement in our cloud environment. And most recently, we've started to get good use out of sonar, the search capabilities, and the alert creation."
"Palo Alto enables us to know what security threats are happening in the background."
"I was looking for a vulnerability scanner and I was looking for one place in which I could find everything. This tool not only does vulnerability scanning, but it also gives me an asset management tool."
"It provides insights into potential vulnerabilities in our code, helping us identify and rectify issues before they can be exploited."
"This positively affected our confidence in your security and compliance. No matter how complex the environment is, the the seamless integration from the top layer itself give us the immediate visibility on the number of services."
"The Cloud Workload Protection module is a very strong solution. I like the Cloud Workload Protection part. It is something I have not used for the banking client, but I had a chance to try it out for roughly a month on actual deployment of another customer. That part was really robust. Cloud Workload Protection would be the main feature that I enjoy the most."
"Cloud security posture management is the preferred feature among other vendors."
"The support is excellent."
"I have not seen any limitations. Everything is customizable. You can do whatever you want, defining the reporting and custom use cases. They recently updated the UI, so it's much better than before."
 

Cons

"In addition to our telecom and Slack channels, it would be helpful to receive Cloud Native Security security notifications in Microsoft Teams."
"The cloud-based operations might pose challenges in areas with limited or unavailable internet connectivity. Desktop features might be useful for smaller organizations with less complex security needs."
"With Cloud Native Security, we can't selectively enable or disable alerts based on our specific use case."
"We use SentinelOne Singularity Cloud Security and also SentinelOne. If SentinelOne Singularity Cloud Security integrated some of the endpoint security features of SentinelOne, it would be the perfect one-stop solution for everything. We wouldn't need to switch between the products. At my organization, I am responsible for endpoint security and vulnerability management. Integrating both functions into one application would be ideal because I could see all the alerts, heat maps, and reports in one console."
"SentinelOne Singularity Cloud Security could be improved with easier integrations to the Singularity Data Lake, particularly for various vendors."
"SentinelOne Singularity Cloud Security is on the costlier side."
"We recently adopted a new ticket management solution, so we've asked them to include a connector to integrate that tool with Cloud Native Security directly. We'd also like to see Cloud Native Security add a scan for personally identifying information. We're looking at other tools for this capability, but having that functionality built into Cloud Native Security would be nice. Monitoring PII data is critical to us as an organization."
"They need more experienced support personnel."
"The documentation for Orca Security could be improved."
"Orca Security could improve its ticket creation process."
"Orca Security can be improved as there should be some kind of central pane of glass. Similar to how cloud management works, Orca Security should have something comparable."
"I would be happy if they offered more automatic remediation options. They're working on that, but the more the better. For example, if they want you to harden a server, they would offer a hardening script that would be more aware of what's going on."
"They can expand a little bit in anti-malware detection. While we have pretty good confidence that it's going to detect some of the static malware, some of the detections are heuristics. There could be a growth in the library from where they're pulling their information, but we don't get a lot of those alerts based on the design of our products. In general, that might be an area that needs to be filled since they offer it as a service within it."
"The solution could improve by making the dashboards more elaborative and more descriptive."
"In the future, I'd like to see Orca work better with third-party vendors. Specifically, being able to provide sanitized results from third parties."
"The automatic scan only runs every 24 hours, and if an alert is remediated within an hour, it still remains until the next scheduled scan."
"The data security model needs improvement due to integration issues with certain features and cloud providers. With Palo Alto now utilizing a tool from an Israeli startup in Prisma Cloud, the integration is slow, and some features are blocked or not supported."
"The cost of Prisma Cloud by Palo Alto Networks is too high. I would also appreciate the addition of NLP to reduce the learning curve and make configuring queries more user-friendly."
"The automation capabilities are growing each day, but the problem is that the updates are not that frequent. There are some services on Amazon that have come out with updates, and Azure is also getting up to date. But Prisma takes some time to follow. There's a time gap that Prisma inherits from these clouds. I understand why it takes some time, but that time should be reduced."
"Currently, custom reports are available, but I feel that those reports are targeting just the L1 or L2 engineers because they are very verbose. So, for every alert, there is a proper description, but as a security posture management portal, Prisma Cloud should give me a dashboard that I can present to my stakeholders, such as CSO, CRO, or CTO. It should be at a little bit higher level. They should definitely put effort into reporting because the reporting does not reflect the requirements of a dashboard for your stakeholders. There are a couple of things that are present on the portal, but we don't have the option to customize dashboards or widgets. There are a limited set of widgets, and those widgets don't add value from the perspective of a security team or any professional who is above L1 or L2 level. Because of this, the reach of Prisma Cloud in an organization or the access to Prisma Cloud will be limited only to L1 and L2 engineers. This is something that their development team should look into."
"In terms of improvement, there are some small things like hardening and making sure the Linux resources are deployed well but that's more at an operational level."
"It can be too expensive for small companies."
"Prisma Cloud's enterprise reporting needs significant improvement."
"The alignment of Twistlock Defender agents with image repositories needs improvement. These deployed agents have no way of differentiating between on-premise and cloud-based image repositories. If I deploy a Defender agent to secure an on-premise Kubernetes cluster, that agent also tries to scan my ECR image repositories on AWS. So, we have limited options for aligning those Defenders with the repositories that we want them to scan. It is scanning everything rather than giving us the ability to be real granular in choosing which agents can scan which repositories."
 

Pricing and Cost Advice

"It is cost-effective compared to other solutions in the market."
"The tool is cost-effective."
"SentinelOne is quite costly compared to other security platforms."
"The licensing is easy to understand and implement, with some flexibility to accommodate dynamic environments."
"The price depends on the extension of the solution that you want to buy. If you want to buy just EDR, the price is less. XDR is a little bit more expensive. There are going to be different add-ons for Singularity."
"The pricing tends to be high."
"It is cheap."
"SentinelOne Singularity Cloud Security is on the costlier side."
"Overall, the pricing is reasonable and the discounts have been acceptable."
"We have a total of 25 licenses for this solution. The solution is on a pay-and-you-use model."
"While it's competitive with Palo Alto Prisma, I think Orca's list price is very high. I would advise Orca to lower it because, at that price, I might consider alternatives like Wiz, which also offers agentless services."
"The price is a bit expensive for smaller organizations."
"The pricing depends on how many assets you have running in your cloud and how many environments you have. If you have a dev environment, test environment, and a production environment then it's really important that you have coverage for all of them."
"Its license is a bit expensive."
"The most expensive solution is Palo Alto. They claim to be very robust. The next most expensive is Wiz, followed by Orca and all the rest."
"I think their pricing model is aligned with market demand. Of course, Orca could probably better align their pricing model with the needs of smaller businesses as well as some larger-scale enterprises with millions of assets. But in all fairness, I think the Orca sales team has been accommodating and ensured that we're happy with the pricing."
"I find the pricing to be expensive."
"The product is very expensive, but the cost is a necessary evil; I don't know how we could have any kind of cloud presence without this type of monitoring. The pricing is calculated by module and resource usage. Ultimately, it saves us money in the amount of time we would spend uncovering what it uncovers, and we might not make the required discoveries without it anyway. Prisma offers incredible value, though I wish it were cheaper."
"The pricing is competitive; for the most part, the security firms have similar prices."
"The pricing of the solution is fair."
"The pricing and licensing are expensive compared to the other offerings that we considered."
"It is fairly priced. However, its price can be better so that small banks or small organizations can afford it and adopt it to secure their environment and data."
"Prisma Cloud is more expensive than some other solutions, but when we consider all of its use cases, the cost averages out."
"Prisma Cloud is a high-end enterprise solution, making it quite expensive."
report
Use our free recommendation engine to learn which Cloud-Native Application Protection Platforms (CNAPP) solutions are best for your needs.
861,481 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
15%
Manufacturing Company
9%
Government
6%
Computer Software Company
16%
Financial Services Firm
12%
Manufacturing Company
9%
University
5%
Computer Software Company
14%
Financial Services Firm
14%
Manufacturing Company
11%
Insurance Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
I don't handle the price part, but it isn't more expensive than Palo Alto Prisma Cloud. It's not cheap, but it is wor...
What needs improvement with PingSafe?
There is scope for more application security posture management features. Additionally, the runtime protection needs ...
What do you like most about Orca Security?
It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just ...
What needs improvement with Orca Security?
I really love the way Orca Security worked. A potential improvement could be additional security features for the two...
What is your primary use case for Orca Security?
We used Orca Security ( /products/orca-security-reviews ) for about two to three months until I left the company. The...
What is your primary use case for Prisma Cloud by Palo Alto Networks?
Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
What Cloud-Native Application Protection Platform do you recommend?
We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We...
What do you think of Aqua Security vs Prisma Cloud?
Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valu...
 

Also Known As

PingSafe
No data available
Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
 

Overview

 

Sample Customers

Information Not Available
BeyondTrust, Postman, Digital Turbine, Solarisbank, Lemonade, C6 Bank, Docebo, Vercel, and Vivino
Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
Find out what your peers are saying about Orca Security vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: May 2025.
861,481 professionals have used our research since 2012.