Orca Security vs VMware Aria Automation comparison

Orca Security and Broadcom are both solutions in the Cloud Security Posture Management (CSPM) category. Orca Security is ranked #11 with an average rating of 8.6, while Broadcom is ranked #16 with an average rating of 8.1. Orca Security holds a 5.7% mindshare in CSPM, compared to Broadcom’s 0.3% mindshare. Additionally, 100% of Orca Security users are willing to recommend the solution, compared to 94% of Broadcom users who would recommend it.

Orca Security

Read 21 Orca Security reviews

7,521 Views
5,415 Comparison Views

100% willing to recommend

VMware Aria Automation

Read 171 VMware Aria Automation reviews

7,662 Views
230 Comparison Views

94% willing to recommend

Orca Security

VMware Aria Automation

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jul 27, 2025

VMware Aria Automation and Orca Security are two players in the cloud management and security software market. VMware Aria Automation appears stronger in automation and deployment capabilities, whereas Orca Security excels in providing comprehensive visibility and security across cloud environments.

Features: VMware Aria Automation offers versatile automation for multi-cloud environments, with robust deployment options like Salt Cloud and orchestration features. It provides flexibility in automation, detailed metrics, and an expansive design canvas. Orca Security is noted for its agentless scanning, cloud-wide visibility, and precise vulnerability management. It adeptly prioritizes critical issues and integrates security seamlessly across cloud-native environments.

Room for Improvement: VMware Aria Automation could improve in Windows orchestration, stability, and documentation for real-world use cases, along with better integration with non-vSphere environments. Orca Security's dashboard could be enhanced, as well as integration with custom ticketing systems, APIs for compatibility, and refining alerts for better user engagement.

Ease of Deployment and Customer Service: VMware Aria Automation offers a robust deployment model for on-premises, private, and hybrid clouds, though service quality can vary. Technical support experiences vary from excellent to challenging due to customization needs. Orca Security benefits from simple, agentless deployment for public and hybrid cloud models, with responsive community-driven support facilitating quick issue resolutions.

Pricing and ROI: VMware Aria Automation provides comprehensive features with premium pricing, highlighting integration and automation capabilities resulting in reduced provisioning times and improved productivity, despite high initial costs. Orca Security offers competitive pricing with extensive coverage, justifying costs with significant ROI from enhanced security and minimized manual interventions. Both solutions require careful consideration to maximize ROI based on organizational needs.

To learn more, read our detailed Orca Security vs. VMware Aria Automation Report (Updated: September 2025).

Buyer's Guide

Orca Security vs. VMware Aria Automation

September 2025

Download the complete report

Helped 869,566 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Orca Security

Ranking in Cloud Security Posture Management (CSPM)

11th

Average Rating

9.0

Reviews Sentiment

7.8

Number of Reviews

Ranking in other categories

Vulnerability Management (15th), Container Security (18th), Cloud Workload Protection Platforms (CWPP) (10th), API Security (8th), Cloud-Native Application Protection Platforms (CNAPP) (7th), Data Security Posture Management (DSPM) (9th), Cloud Detection and Response (CDR) (3rd)

VMware Aria Automation

Ranking in Cloud Security Posture Management (CSPM)

16th

Average Rating

8.0

Reviews Sentiment

6.8

Number of Reviews

171

Ranking in other categories

Cloud Management (2nd), Configuration Management (6th), Network Automation (3rd), Cloud Infrastructure Entitlement Management (CIEM) (5th)

Mindshare comparison

As of October 2025, in the Cloud Security Posture Management (CSPM) category, the mindshare of Orca Security is 5.7%, down from 7.3% compared to the previous year. The mindshare of VMware Aria Automation is 0.3%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Cloud Security Posture Management (CSPM) Market Share Distribution
Product	Market Share (%)
Orca Security	5.7%
VMware Aria Automation	0.3%
Other	94.0%

Cloud Security Posture Management (CSPM)

Featured Reviews

CHINTAN MEHTA

Cloud Security Automation Engineer at a financial services firm with 10,001+ employees

Consolidating security tools with comprehensive cloud visibility

The documentation for Orca Security could be improved. The compliance framework also needs enhancements, especially concerning integrations with other tools like ServiceNow's vulnerability modules, which are not as mature as expected. It should also increase its capability to ingest data from other security tools like CloudSight for endpoint detection and provide real-time monitoring.

Read full review

Le Quang Long

Cloud Engineer at BIDV - Ngân hàng TMCP Đầu tư & Phát triển Việt Nam

Significantly streamlined operations with good automation that helps with simplifying workflows

It helps me build a big catalog and provide it to my end users. It helps us automate the workflow of creating many VMs and the TensorFlow key method. I do not meet many people to operate it live beforehand. It operates for both of my products, but as a product, it is complicated to integrate and automate with other products.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Orca's dashboard is excellent. My team needs to be able to focus on specific areas for improvement in our cloud environment. And most recently, we've started to get good use out of sonar, the search capabilities, and the alert creation."

"Orca Security has updated its interface, making it more user-friendly. I find it particularly useful as it allows me to easily navigate the dashboard and prioritize actions based on severity and criticality."

"The GUI features are very good. Threat intelligence is also very good."

"I would rate the quality of support as nine stars out of ten due to their quick and helpful responses."

"The vulnerability management does not require network scanning or agent technology, so I don't need to modify any of my products in order to do vulnerability assessments."

"The best features of Orca Security include its ability to perform a lot of security controls without requiring any installation of agents, making it very easy to set up."

"Orca Security has patented technologies. It's an agentless solution, so you don't need to install an agent. Instead, it contacts your account provider and fetches metadata, eliminating the need for snapshots or reserved space to copy client infrastructure."

"The visibility Orca provides into my environment is at the highest level... When I dropped them into the environment, from the very get-go I had more insight into the risks in my environment than I had had during the entire two and a half years I had been here."

More Orca Security pros

"The ability to programmatically describe the desired state of a single, or an entire fleet of servers, on-premises, and in a cloud environment."

"The most valuable feature is the way that it plugs into our monitoring systems, and Infoblox and Puppet."

"The preset policies and templates are useful. I would say that vRA is one of the best solutions we have. The CI/CD features also look helpful even though we aren't using them at the moment. We plan to get more involved and train our customers as much as possible."

"We provided the ability to request virtual machines to our end users. Before, this was a very manual process, which took engineers to do. Now, it's an automated process."

"VMware Aria Automation is a very scalable solution because it integrates well with a couple of leading products in the industry. For products that are not already integrated, there are plugins or adapters that can be used with customization."

"VMware Aria Automation has made a lot of things easier. It has really helped the operations team to spin up the virtual machines."

"We have integrated our CICD pipeline into an automatic catalog request through some API calls. It can request and provision new virtual machines behind the NSX load balancer, straight out of the CIDC pipeline and add those nodes to the load balancer, request SSL certs, do SSL termination at the load balancer so that it's not encrypted behind the scenes, all of which has really been helpful."

"The product’s most valuable feature is its ability to provide environmental security."

More VMware Aria Automation pros

Cons

"The automatic scan only runs every 24 hours, and if an alert is remediated within an hour, it still remains until the next scheduled scan."

"I would like to see better customization options for security frameworks and better integration with reporting tools like Power BI or Grafana dashboards."

"We are PCI DSS compliant, so we need to scan our environment externally with tools vetted by the PCI DSS organization. Orca doesn't scan the environment externally. It only scans what's currently in the cloud."

"Orca Security could improve its ticket creation process."

"Orca Security could improve its ticket creation process. Currently, it allows for creating tickets in only one bucket, which requires monitoring to redirect tickets to the appropriate team."

"The documentation for Orca Security could be improved."

"The interface can be a bit cranky and sometimes takes a lot of time to load."

"As with all software, the user interface can always be made simpler to use. It would be helpful for people with very little knowledge, like somebody sitting behind the SOC, to allow them to be able to drill down into things a little bit easier than it is currently."

More Orca Security cons

"Broadcom has acquired the tool, which could lower its pricing. Many customers are moving away from VMware infrastructure towards enterprise systems like Azure or AWS. This shift could be due to two main reasons: pricing and uncertainty about the future, especially regarding how Broadcom will handle licenses and strategy."

"One of the features that's a struggle today is some of the public cloud extensibility. Some of the plugins that are native to vRA and vRO, I'd like to see them come out earlier for vRO. I understand that in vRA, the plugins are a little bit more polished because the VRA is the GUI. But we'd like to see them released earlier in vRO, prior to a GUI being released. Azure, for example, is a public cloud provider but we have some instability issues with the plugin in vRO. It's okay for us if we separate the vRA from vRO plugin releases. So I'd like to see some increased stability in some of those public cloud plugins."

"We upgraded twice. The last upgrade was a bit problematic."

"The product's features for hybrid cloud integration could be better."

"VMware Aria Automation could improve reporting of the policies. They are difficult to customize. We have many policies but they are not able to be modified to what we want."

"I have not found this solution to be user-friendly. It's really complicated. The demo shows that you can automate anything but they only show basic scenarios. If you want to do anything more complicated than that, it becomes very complicated to set up."

"It is too broad scale and complicated. It takes too many clicks to do things."

"They should concentrate on navigation and service improvements."

More VMware Aria Automation cons

Pricing and Cost Advice

"Orca Security charges are based on cloud workloads. So, it's based on workloads. If we look at one feature, it might be expensive."

"While it's competitive with Palo Alto Prisma, I think Orca's list price is very high. I would advise Orca to lower it because, at that price, I might consider alternatives like Wiz, which also offers agentless services."

"The most expensive solution is Palo Alto. They claim to be very robust. The next most expensive is Wiz, followed by Orca and all the rest."

"Overall, the pricing is reasonable and the discounts have been acceptable."

"Orca Security is cheaper compared to other solutions in the same space."

"The pricing depends on how many assets you have running in your cloud and how many environments you have. If you have a dev environment, test environment, and a production environment then it's really important that you have coverage for all of them."

"We have a total of 25 licenses for this solution. The solution is on a pay-and-you-use model."

"Orca is very competitive when compared to the alternatives and is not the most expensive in the market, that's for sure."

More Orca Security pricing and cost advice

"I would rate the pricing a ten out of ten, with ten being very expensive."

"From a budget point of view, the pricing is a bit on the higher side."

"As far as value is concerned, it has been essential to our environment. We have been able to deploy VMs quickly and the developers have their own sandbox, so they can spin up and destroy VMs at their own will."

"They should provide one license for all the sub-products."

"SaltStack is an open-source product."

"The pricing is very high."

"vRealize automation really should be a front door to the whole VMware suite of products."

"VMware Aria Automation is expensive."

More VMware Aria Automation pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.

See recommendations

869,566 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

13%

Manufacturing Company

10%

University

Financial Services Firm

12%

Computer Software Company

11%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	9
Midsize Enterprise	7
Large Enterprise	5

By reviewers
Company Size	Count
Small Business	32
Midsize Enterprise	24
Large Enterprise	130

Questions from the Community

What do you like most about Orca Security?

It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just scan the entire assets in the cloud.

See all answers

What needs improvement with Orca Security?

I really love the way Orca Security worked. A potential improvement could be additional security features for the two-step authentication, such as fingerprint recognition similar to what Checkpoint...

See all answers

What is your primary use case for Orca Security?

We used Orca Security ( /products/orca-security-reviews ) for about two to three months until I left the company. The product itself is really good. It helped us streamline the way we access our se...

See all answers

What's the difference between VMware vRA (automation) and vROps (operations)?

vROP is a virtualization management solution from VMWare. It is efficient and easy to manage. You can find anything you need from the software interface. It provides complete visibility over applic...

See all answers

Is there any way to try VMware Aria Automation for free?

When it comes to VMware Aria Automation, you have three choices for free runs: Hands-on Lab (HOL) Advanced lab A free trial I cannot describe in detail the second and third options as my company ...

See all answers

Which sectors can benefit the most from VMware Aria Automation?

I was looking at VMware Aria Automation case studies recently and I got the impression that three main kinds of companies were using it most often: Social organizations Financial institutions and ...

See all answers

Comparisons

Wiz vs Orca Security

Compared 28% of the time

Microsoft Defender for Cloud vs Orca Security

Compared 8% of the time

Prisma Cloud by Palo Alto Networks vs Orca Security

Compared 5% of the time

Upwind vs Orca Security

Compared 5% of the time

SentinelOne Singularity Cloud Security vs Orca Security

Compared 4% of the time

More Orca Security Competitors

Red Hat Ansible Automation Platform vs VMware Aria Automation

Compared 16% of the time

VMware Aria Operations vs VMware Aria Automation

Compared 13% of the time

Morpheus vs VMware Aria Automation

Compared 10% of the time

VMware Cloud Director vs VMware Aria Automation

Compared 7% of the time

Nutanix Cloud Manager (NCM) vs VMware Aria Automation

Compared 6% of the time

More VMware Aria Automation Competitors

Product Reports

Buyer's Guide

Orca Security

September 2025

Download Orca Security product report

Buyer's Guide

VMware Aria Automation

September 2025

Download VMware Aria Automation product report

Also Known As

No data available

VMware vRealize Automation, vRA, VMware DynamicOps Cloud Suite, SaltStack

Overview

Orca Security is the pioneer of agentless cloud security that is trusted by hundreds of enterprises globally. Orca makes cloud security possible for enterprises moving to and scaling in the cloud with its patented SideScanning™ technology and Unified Data Model. The Orca Cloud Security Platform delivers the world's most comprehensive coverage and visibility of risks across AWS, Azure, Google Cloud and Kubernetes.

At Orca Security, we’re on a mission to make it fast, easy, and cost effective for organizations to address critical cloud security issues so they can operate in the cloud with confidence.

Key Platform Features:

Agentless: Complete, centralized coverage of the entire cloud estate, without the need for installing and configuring agents or layering together multiple siloed tools. Full visibility of cloud misconfigurations, vulnerabilities, workload protection, malware scanning, image scanning, file integrity monitoring and more.
Asset Inventory: Get a complete inventory of all your public cloud assets, including detailed information on installed OSes, software, and applications, as well as data and network assets such as storage buckets, Virtual Private Clouds (VPCs), and Security Groups.

Attack Path Analysis: Visualize attack vectors to critical assets or crown jewels. See which assets are susceptible to lateral movement, assume roles, privilege escalation, and more.

Risk Prioritization: Prioritize the 1% of risks that matter the most, based on impact scores. Secure the vulnerabilities and misconfigured targets (critical assets) and eliminate the potential risks residing on the attack paths to those targets.
Cloud Threat Detection: Monitor for malicious activity within your entire cloud estate. Be aware of detected threats, user behavior anomalies and more.

Breach Forensics: Log every change and all activity into a central repository for investigation procedures to confirm or deny entry and compromises within the cloud estate.
Cloud To Dev (Shift Left): Orca’s built-in shift left capabilities enables DevOps to focus more security attention earlier in the CI/CD pipelines. Security teams are able to trace a production risk (misconfiguration or vulnerability) directly to the original source code repository from which it came, even down to the exact line of code that is at the root of the identified risk.
Compliance: Choose from over 60 preconfigured compliance frameworks, cloud security best practices, CIS Benchmarks, or design and build your own compliance framework for fast and continuous reporting.
Security Score: The Orca Security Score is found on Orca’s Risk Dashboard and is updated daily. The overall score is calculated based on performance in the following five categories - Suspicious Activity, IAM, Data at Risk, Vulnerable Assets, and Responsiveness. Since the scores are percentage based and not raw numbers, you can objectively make comparisons to other organizations within your industry or business units of different sizes. In addition to reporting to senior management, the Orca Security Score can help with internal self-monitoring, as a way of measuring risk mitigation efforts, to know where to focus efforts, and track progress.

Orca Security Benefits

Consolidate technologies to reduce costs and complexity:

“The more I can get out of this one solution, the better. I see Orca as the tool where we get all cloud-related security data.” - Joshua Scott, Head of Security and IT | Postman

Avoid costly breaches:

"I look at proactive asset discovery, configuration management, and vulnerability management as being able to find a vulnerability before the bad guys do and being able to deal with it before something exploits it. This is what Orca does for us." - Doug Graham, CSO & CPO | Lionbridge

Increase team productivity and efficiency by focusing on high-value activities and solving the 1% of risks that matter most:

"Orca is unique in that it locates vulnerabilities with precision and delivers tangible, actionable results – without having to sift through all the noise." - Aaron Brown, Senior Cloud Security Engineer | Sisense

Quick Time-to-Value with Immediate ROI:

"Orca told us we could have some visibility within 5 or 10 minutes, and I thought, ‘There’s no way.’ Well, I was wrong. They really did it." - Thomas Hill, CISO | Live Oak Bank

Reduce MTTR and remove operational friction:

“We can’t ask developers things like ‘Did you think about security? When you start a new VM on AWS, can you please let me know so I’m able to scan it? Can you please deploy an agent on that machine for me?’ We need a better way to work. Orca provides that better way by eliminating organizational friction.” - Erwin Geirnaert, Cloud Security Architect | NG Data

Orca Security

VMware Aria Automation is a cloud management tool that allows companies to simplify their cloud experience through a modern automation platform. The solution is designed to deliver self-service clouds, multi-cloud automation with governance, and DevOps-based security and infrastructure management. It helps organizations improve IT agility, efficiency, and productivity through its various features.

VMware Aria Automation has multiple use cases that include the following:

Self-service multi-cloud: VMware Aria Automation can be used to deliver consistent self-service consumption. Another use case in this area is for delivering infrastructure across VMware Clouds as well as public clouds.
Multi-cloud governance: The solution can be used to manage cost, performance, networking, configuration, and security at scale for multi-cloud environments. VMware Aria Automation offers all this with an everything-as-code approach.
DevOps for infrastructure: Through VMware Aria Automation, companies can enable a powerful infrastructure as code platform with support for iterative development and infrastructure pipelining.
Kubernetes automation: Users can utilize VMware Aria Automation to automate the management of Kubernetes clusters and namespaces with support for vSphere with Tanzu.
Security operations: VMware Aria Automation facilitates event-driven automation to deliver full-service IT system compliance enforcement and vulnerability remediation.

VMware Aria Automation Features

VMware Aria Automation has various features that allow users to easily perform operations. Some of the solution's capacities include:

VMware Cloud agnostic template: This feature allows organizations to use a single cloud template to deploy with Infrastructure as a Code. Deployment options include VMware Cloud as well as major public cloud platforms such as Amazon AWS, Microsoft Azure, Google Cloud, and more.
Extensibility and customization: This VMware Aria Automation feature allows users to get full extensibility and customization. This can be achieved through Aria Automation Orchestrator, Action-Based Extensibility (ABX), and built-in integrations with common third-party tools.
Self-service multi-cloud: This feature enables users to request and provision infrastructure resources. It can be done across clouds using a unified and consistent Infrastructure as a Service (IaaS) consumption layer, idempotent REST API, and self-service catalog.
Centralized policies and governance: VMware Aria Automation offers a feature for users to manage multiple clouds with templatized cloud and policy definition, automated remediation, and cloud environment visibility.
Configuration management: Through this feature of the product, day 1 and 2 control can be achieved for virtualized and cloud environments. This can be done with intuitive configuration automation, compliance enforcement, and vulnerability remediation.
Infrastructure pipelining: Through this feature, organizations can access user-friendly release automation pipelines. They can be specifically tailored for CI/CD in infrastructure use cases.

VMware Aria Automation Benefits

VMware Aria Automation offers its users various benefits. Some of the biggest advantages that the solution brings to companies that utilize it include:

VMware Aria Automation provides faster time to market for companies through offloading manual tasks with advanced workflows and agile templating.
The solution offers high levels of security and control.
This product is suitable for beginners, as it offers a self-service consumption experience for users.
VMware Aria Automation accelerates innovation through Infrastructure as Code and DevOps principles.
The product provides users with flexibility, as it is compatible with the most popular public cloud solutions.
The solution offers fast deployment because of all natively integrated functions.

Reviews from Real Users

Awais J., CTO/CEO at a tech services company, likes VMware Aria Automation because it saves a lot of time, provides more visibility, and has extensive automation capabilities.

An IT consultant at a government rates VMware Aria Automation highly because the product gives you flexibility to analyze and consume resources.

Broadcom

Sample Customers

BeyondTrust, Postman, Digital Turbine, Solarisbank, Lemonade, C6 Bank, Docebo, Vercel, and Vivino

Rent-a-Center, Amway, Vistra Energy, Liberty Mutual

Buyer's Guide

Orca Security vs. VMware Aria Automation

September 2025

Free Report: Orca Security vs. VMware Aria Automation

Find out what your peers are saying about Orca Security vs. VMware Aria Automation and other solutions. Updated: September 2025.

DOWNLOAD NOW

869,566 professionals have used our research since 2012.

See our Orca Security vs. VMware Aria Automation report.

See our list of best Cloud Security Posture Management (CSPM) vendors and best Cloud Detection and Response (CDR) vendors.

We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.