Try our new research platform with insights from 80,000+ expert users

Orca Security vs Wiz comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Aug 3, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Vulnerability Management
5th
Ranking in Container Security
3rd
Ranking in Cloud Workload Protection Platforms (CWPP)
4th
Ranking in Cloud Security Posture Management (CSPM)
3rd
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
3rd
Average Rating
8.8
Reviews Sentiment
7.9
Number of Reviews
114
Ranking in other categories
Cloud and Data Center Security (2nd), Compliance Management (1st)
Orca Security
Ranking in Vulnerability Management
14th
Ranking in Container Security
17th
Ranking in Cloud Workload Protection Platforms (CWPP)
10th
Ranking in Cloud Security Posture Management (CSPM)
12th
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
6th
Average Rating
9.0
Reviews Sentiment
7.8
Number of Reviews
21
Ranking in other categories
API Security (5th), Data Security Posture Management (DSPM) (9th), Cloud Detection and Response (CDR) (2nd)
Wiz
Ranking in Vulnerability Management
3rd
Ranking in Container Security
2nd
Ranking in Cloud Workload Protection Platforms (CWPP)
2nd
Ranking in Cloud Security Posture Management (CSPM)
1st
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
1st
Average Rating
9.0
Reviews Sentiment
7.5
Number of Reviews
23
Ranking in other categories
Data Security Posture Management (DSPM) (1st), Compliance Management (2nd), Cloud Detection and Response (CDR) (1st)
 

Mindshare comparison

As of September 2025, in the Cloud-Native Application Protection Platforms (CNAPP) category, the mindshare of SentinelOne Singularity Cloud Security is 4.5%, up from 1.7% compared to the previous year. The mindshare of Orca Security is 7.0%, down from 8.7% compared to the previous year. The mindshare of Wiz is 23.8%, down from 25.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud-Native Application Protection Platforms (CNAPP) Market Share Distribution
ProductMarket Share (%)
Wiz23.8%
SentinelOne Singularity Cloud Security4.5%
Orca Security7.0%
Other64.7%
Cloud-Native Application Protection Platforms (CNAPP)
 

Featured Reviews

Mike Bulyk - PeerSpot reviewer
Custom correlation searches enhance threat detection efficiency
Singularity Cloud Security significantly reduced our organization's threat detection time by providing immediate data visibility. This allows our team to analyze telemetry in real-time, query it, and identify anomalies or potential threats using the Singularity platform. We can create rules that automatically trigger alerts based on this real-time data, enabling immediate response. This instant threat detection and response capability is a major improvement over our previous reliance on multiple tools with delayed data flows. Singularity Cloud Security eliminates those delays, saving valuable time in incident response scenarios. MTTR and MTTD are critical metrics for incident response processes. They measure the time it takes to fully address an incident, from initial detection to complete remediation. Minimizing these times is crucial to limit damage, as attackers can quickly exploit vulnerabilities and compromise additional systems. Rapid detection and response are essential to disrupt attackers and prevent further progression within the attack chain. Singularity Cloud helps reduce false positives by allowing engineers direct access to data. This access enables querying, validation, and the creation of correlation searches for improved data analysis. Instead of a black box approach, Singularity provides full visibility into the code and syntax used, increasing confidence in the results. Ultimately, Singularity offers greater control over correlation searches, detection rules, and response scenarios due to the enhanced engagement and control it provides. Singularity's ability to create custom correlation searches significantly reduces noise by avoiding reliance on generic, pre-built searches that often lead to false positives in diverse organizational environments. This targeted approach results in a high positive rate and efficacy, allowing for focused detection and response. By designing and running custom searches, Singularity minimizes the need to sift through irrelevant alerts, unlike systems using default rules that inundate analysts with noise. This translates to a very low noise-to-efficacy ratio, enabling efficient and accurate incident response. Singularity Cloud offers valuable data and capabilities extending beyond security, benefiting various business units. For example, it helped troubleshoot a newly introduced service with limited telemetry. My team created custom correlation searches to track specific event types, confirming the software's functionality. This success garnered positive feedback throughout the company, reaching even the CIO and CSR, as it enabled the business to showcase the software's effectiveness in a way that was previously impossible. SentinelOne improves our regulatory compliance by fulfilling the endpoint detection and response requirements of various frameworks. Many federal regulations require businesses to meet specific security standards, including those related to endpoint, identity, and cloud security. SentinelOne enables us to meet these requirements and assure potential partners that we have a robust security posture. This strengthens our partnerships and streamlines procurement processes, demonstrating how SentinelOne contributes to our compliance efforts. SentinelOne's evidence-based reporting, particularly the CNS reports, fosters trust due to the transparency of the data source and the ability to understand the underlying mechanisms. Knowing the search criteria, data types, and information gathering process, especially when customized for detection engineering, creates confidence in the product and the relationship with SentinelOne. This transparency and customization allow users to delve into the mechanics of the reporting, understand its functionality, and ultimately trust the evidence provided. AI is a crucial consideration for security strategies. While some view AI as a potential replacement for human analysts, others see it as a powerful tool to enhance their capabilities. The latter approach emphasizes AI's ability to accelerate incident response, improve threat detection, and provide valuable insights to analysts. This perspective suggests that AI should be used to augment human expertise, enabling analysts to make faster and more informed decisions, particularly in prioritizing threats and developing a sixth sense for identifying malicious activity. By integrating AI as an enabler, organizations can empower their security teams to become more efficient and effective, ultimately strengthening their overall security posture.
CHINTAN MEHTA - PeerSpot reviewer
Consolidating security tools with comprehensive cloud visibility
The documentation for Orca Security could be improved. The compliance framework also needs enhancements, especially concerning integrations with other tools like ServiceNow's vulnerability modules, which are not as mature as expected. It should also increase its capability to ingest data from other security tools like CloudSight for endpoint detection and provide real-time monitoring.
Pietro Villivà - PeerSpot reviewer
Useful for security assessment and maintaining correct security posture
The tool keeps improving on a weekly basis. Wiz enters into a lot of partnerships with other technologies. I don't have any idea about the improvements needed in the tool at the moment. For me, Wiz is a very complete product, but it is not the perfect one. Other technologies are better for our customers' specific use cases. A possible way to grow the tool is by introducing new functionality or features. In the future, the tool can introduce an on-prem infrastructure or platform. Not having an on-prem version can be an obstacle for customers who have a large workload in an on-prem environment. The onboarding can be done in five minutes or five to ten minutes. Then, there is the configuration, and it depends on the type of the use case of the customer. There is a customer that has simple use cases for whom the onboarding can be done in four to eight hours a day. If there are some customers with a lot of use cases and a lot of different cloud providers, more time is needed. In general, we don't need more than five days to deploy the tool, even in the case of a very complex architecture and hybrid cloud environment. To deploy the tool, we need to have access to the account of the customer, and Wiz is a stuff that we need to make with the customer. We do the onboarding together. The customer creates the correct authorization in the cloud platform and gives us the key to connect to the platform, and then the platform connector starts and begins to collect information.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Singularity Cloud Security's most valuable features are its ease of scalability and comprehensive security measures."
"We're monitoring several cloud accounts with Singularity. It is convenient to identify issues or security failures in any account. It's nice to have all the details we need to solve these issues."
"The management console is highly intuitive to comprehend and operate."
"The SentinelOne Singularity Cloud Security has substantially affected my risk posture, as it was the first tool that notified me of the public exposure of a repository by a developer, allowing me to resolve the issue within minutes."
"I would definitely recommend SentinelOne Singularity Cloud Security for infrastructure security."
"The UI is responsive and user-friendly."
"Support has been very helpful and provides regular feedback and help whenever needed. They've been very useful."
"It's helped free up staff time so that they can work on other projects."
"The GUI features are very good. Threat intelligence is also very good."
"Orca's SideScanning is the biggest feature. It's the 'wow' factor... With Orca's SideScanning, they just need permissions for your account and that makes it so simple."
"Another valuable feature with Orca, something that's not talked about enough, is its ability to rank your gaps and your tasks... You can get visibility with agents and there are a lot of ways to do that. But the ranking and the context across the entire environment, that is what is unique about Orca."
"Orca Security has updated its interface, making it more user-friendly. I find it particularly useful as it allows me to easily navigate the dashboard and prioritize actions based on severity and criticality."
"Orca's platform provides an agentless data collection facility that collects information directly from the cloud using APIs, with zero impact on performance."
"It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just scan the entire assets in the cloud."
"There are so many valuable features that I could list, but one that I appreciate is the PCI DSS compliance report."
"I find Orca Security's CIEM feature invaluable, as it focuses on entitlement and posture management, identifying assets with older OS versions, and asset misconfiguration."
"The tool is very powerful in nature."
"The first thing that stood out was the ease of installation and the quick value we got out of the solution."
"I like Wiz's reporting, and it's easy to do queries. For example, it's pretty simple to find out how many servers we have and the applications installed on each. I like Wiz's security graph because you can use it to see the whole organization even if you have multiple accounts."
"The most valuable feature of Wiz is that it keeps information up to date without needing to perform scans or schedule maintenance windows. It provides a fresh snapshot of our vulnerability metrics."
"Wiz saves time by validating a network misconfiguration by not only looking at the cloud asset configuration but also by testing if a port that is stated to be open is actually open."
"The tool's most valuable feature is its attack path analysis."
"Out of all the features, the one item that has been most valuable is the fact that Wiz puts into context all the pieces that create an issue, and applies a particular risk evaluation that helps us prioritize when we need to address a misconfiguration, vulnerability, or any issue that would put our environment into risk."
"The product supports out-of-the-box reporting with context about the asset and allows us to perform complex custom queries on UI."
 

Cons

"The main area for improvement I want to see is for the platform to become less resource-intensive. Right now, it can slow down processes on the machine, and it would be a massive improvement if it were more lightweight than it currently is."
"In addition to the console alerts, I would like SentinelOne Singularity Cloud Security to also send email notifications."
"The SentinelOne customer support needs improvement, as they are sometimes late in responding, which is critical in a production issue."
"SentinelOne Singularity Cloud Security can improve by eliminating 100 percent of the false positives."
"Currently, we would have to export our vulnerability report to an .xlsx file, and review it in an Excel spreadsheet, and then we sort of compile a list from there. It would be cool if there was a way to actually toggle multiple applications for review and then see those file paths on multiple users rather than only one user at a time or only one application at a time."
"When you find a vulnerability and resolve it, the same issue will not occur again. I want SentinelOne Singularity Cloud Security to block the same vulnerability from appearing again. I want something like a playbook where the steps that we take to resolve an issue are repeated when that issue happens again."
"A vulnerability alert would appear, and we'd fix it, but then the same alert would return the next day."
"There is room for improvement in the current active licensing model for SentinelOne Singularity Cloud Security."
"They can expand a little bit in anti-malware detection. While we have pretty good confidence that it's going to detect some of the static malware, some of the detections are heuristics. There could be a growth in the library from where they're pulling their information, but we don't get a lot of those alerts based on the design of our products. In general, that might be an area that needs to be filled since they offer it as a service within it."
"A notable limitation with Orca Security is its scanning feature. The automatic scan only runs every 24 hours, and if an alert is remediated within an hour, it still remains until the next scheduled scan."
"I would like to see an option to do security checks on a code level. This is possible because they have access to all of the code running in the cloud provider, and combining their site-scanning solution with that would be a nice add-on."
"We are PCI DSS compliant, so we need to scan our environment externally with tools vetted by the PCI DSS organization. Orca doesn't scan the environment externally. It only scans what's currently in the cloud."
"The solution could improve by making the dashboards more elaborative and more descriptive."
"The main drawback in an agentless approach is that if the solution detects a virus or malware in the environment, we need to manually remove it. But from my experience with other production environments, it's not straightforward to install agents in the hope they will automatically remediate viruses, even from production environments... Ultimately, the ability to auto-remediate is something that I would like to see."
"Orca Security could improve its ticket creation process. Currently, it allows for creating tickets in only one bucket, which requires monitoring to redirect tickets to the appropriate team."
"I think Orca could give me more alerts. It could give me a dashboard with all the specific types of alerts I want to see for the day. It should just be one click."
"We are still analyzing its behavior as we are in the midst of the implementation."
"The only thing that needs to be improved is the number of scans per day."
"As the tool is a good fit for small and medium-sized businesses, the solution should focus on making the product suitable for large-scale businesses."
"I cannot recommend Wiz to others until I have a clear understanding of its full capacity and benefits."
"The APIs are currently quite limited and not very mature, which makes integration with Splunk difficult."
"We noticed some capabilities that were lacking, specifically ignoring some false-positive Issue findings. The good news - with the latest update, this has been resolved."
"The reporting isn't that great. They have executive summaries, but it's only a compliance report that maps all current issues to specific controls. Whether you look at one subscription or project, regardless of the size, you will get a multipage report on how the issues in that account map to that control. Our CSO isn't going to read through that. He won't filter that out or show that to his leadership and say, "Here's what we're doing." It isn't a helpful report. They're working on it, but it's a poor executive summary."
"We would like to see improvements to executive-level reporting and data reporting in general, which we understand is being rolled out to the platform."
 

Pricing and Cost Advice

"SentinelOne Singularity Cloud Security is costly."
"The price depends on the extension of the solution that you want to buy. If you want to buy just EDR, the price is less. XDR is a little bit more expensive. There are going to be different add-ons for Singularity."
"I am personally not taking care of the pricing part, but when we moved from CrowdStrike to PingSafe, there were some savings. The price of CrowdStrike was quite high. Compared to that, the price of PingSafe was low. PingSafe is charging based on the subscription model. If I want to add an AWS subscription, I need to pay more. It should not be based on subscription. It should be based on the number of servers that I am scanning."
"PingSafe is not very expensive compared to Prisma Cloud, but it's also not that cheap. However, because of its features, it makes sense to us as a company. It's fairly priced."
"The tool is cost-effective."
"I understand that SentinelOne is a market leader, but the bill we received was astronomical."
"The licensing is easy to understand and implement, with some flexibility to accommodate dynamic environments."
"Their pricing appears to be based simply on the number of accounts we have, which is common for cloud-based products."
"While it's competitive with Palo Alto Prisma, I think Orca's list price is very high. I would advise Orca to lower it because, at that price, I might consider alternatives like Wiz, which also offers agentless services."
"Overall, the pricing is reasonable and the discounts have been acceptable."
"Orca Security is cheaper compared to other solutions in the same space."
"The most expensive solution is Palo Alto. They claim to be very robust. The next most expensive is Wiz, followed by Orca and all the rest."
"I think their pricing model is aligned with market demand. Of course, Orca could probably better align their pricing model with the needs of smaller businesses as well as some larger-scale enterprises with millions of assets. But in all fairness, I think the Orca sales team has been accommodating and ensured that we're happy with the pricing."
"The pricing depends on how many assets you have running in your cloud and how many environments you have. If you have a dev environment, test environment, and a production environment then it's really important that you have coverage for all of them."
"Orca Security charges are based on cloud workloads. So, it's based on workloads. If we look at one feature, it might be expensive."
"The price is a bit expensive for smaller organizations."
"Regarding pricing, it’s more than $100k because we have a very big infrastructure. Our environment supports around three thousand people, and we offer business-to-client financial services to around one million clients, so we rely heavily on Wiz."
"I wish the pricing was more transparent."
"The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing."
"Wiz is a moderately priced solution, where it is neither cheap nor costly."
"If one is cheap and ten is expensive, I rate the tool's price as a five out of ten."
"The cost of the other solutions is comparable to Wiz."
"Based on the features and capabilities, the product pricing seems reasonable."
"The pricing is fair and comparable to their competitors. The cost seems to be going up, which is a concern. There are potential savings from consolidating tools, but we're uncertain how Wiz's pricing will change over time."
report
Use our free recommendation engine to learn which Cloud-Native Application Protection Platforms (CNAPP) solutions are best for your needs.
867,445 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
14%
Manufacturing Company
9%
Government
6%
Computer Software Company
15%
Financial Services Firm
13%
Manufacturing Company
10%
University
5%
Financial Services Firm
15%
Computer Software Company
14%
Manufacturing Company
10%
Healthcare Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business43
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise7
Large Enterprise5
By reviewers
Company SizeCount
Small Business7
Midsize Enterprise5
Large Enterprise11
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
I don't handle the price part, but it isn't more expensive than Palo Alto Prisma Cloud. It's not cheap, but it is wor...
What needs improvement with PingSafe?
There is scope for more application security posture management features. Additionally, the runtime protection needs ...
What do you like most about Orca Security?
It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just ...
What needs improvement with Orca Security?
I really love the way Orca Security worked. A potential improvement could be additional security features for the two...
What is your primary use case for Orca Security?
We used Orca Security ( /products/orca-security-reviews ) for about two to three months until I left the company. The...
What do you like most about Wiz?
With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment.
What is your experience regarding pricing and costs for Wiz?
This feedback is not based on much experience yet, as we have only conducted POV or POC.
What needs improvement with Wiz?
In Wiz, if there is one vulnerability that occurs multiple times, it is listed only once. However, even if it is a si...
 

Also Known As

PingSafe
No data available
No data available
 

Overview

 

Sample Customers

Information Not Available
BeyondTrust, Postman, Digital Turbine, Solarisbank, Lemonade, C6 Bank, Docebo, Vercel, and Vivino
Wiz is the fastest growing software company ever - $100M ARR in 18 months: Wiz becomes the fastest-growing software company ever | Wiz Blog  Discover why companies, including Salesforce, Morgan Stanley, Fox, and Bridgewater choose Wiz as their cloud security partner. Read their success stories here: Customers | Wiz
Find out what your peers are saying about Orca Security vs. Wiz and other solutions. Updated: August 2025.
867,445 professionals have used our research since 2012.