I use Orca Security to deploy in cloud infrastructures as a top-notch agentless SIEM and agentless cloud security platform. My use cases include cloud security, posture management, and detecting configuration misconfigurations across cloud environments. In AWS, which I use mostly for my work, it scans open S3 buckets, open ports, open IPs, and any open ports that are likely to be attacked or used as vulnerabilities. It also performs vulnerability management scans by running on VMs for CVEs, scanning containers, and providing serverless agents. It checks for outdated packages and OS level vulnerabilities without installing any agents. Having worked with other security platforms that have agents, I can confirm that one of Orca Security's main features is its agentless architecture.

Another significant use case is attack path analysis, which shows how an attacker could chain misconfigurations and vulnerabilities to reach the crown jewel of the environment. This is one of Orca Security's standout features. It visualizes the blast radius, demonstrating what the impact of a vulnerability would be. If an attacker exploits a vulnerability, it shows what may happen and what an attacker could do with all the vulnerabilities and misconfigurations combined.

Another feature is identity and risk access risk, which is CIEM that flags excessive permissions, unused roles, and privilege escalation paths within an IAM. Coming to container and Kubernetes security scans, it scans container images and Kubernetes clusters configurations for risk both before and after the deployment of those clusters. It has many other features as well. When we integrate it with CI/CD integration, it integrates with pipelines to catch Infrastructure as Code misconfigurations from Terraform or CloudFormation before deployment.

View full review »

In my previous company, I used Orca Security as a CSPM tool, which stands for Cloud Security Posture Management. The tool is very nice, and with it, we achieved a lot of our remediation activities. Orca Security looks good in terms of Kubernetes and in terms of telling us about cloud misconfigurations and many other things.

I used Orca Security for approximately one and a half years, or roughly 11 to 12 months. Orca Security proved to be a good tool in my previous company.

I did not use the Cloud to Dev feature because it was recently rolled out at that time. At that point, we were moving to secure code and code review processes.

We did not use Orca Security sensor because we installed Orca Security API integration with our Azure Entra ID, in which all devices on our cloud infrastructure were scanned every 24 hours. However, after I left, the team considered using sensors because they have some limitations, particularly on legacy devices.

View full review »

Orca Security provides three main strategic advantages. First, there is 100% visibility because it does not require agents. It can see everything, even shadowing or abandoned servers that the security team did not know existed. The main responsibility is side scanning, which is the first technology by Orca Security. Second, there is context-aware risk prioritization. Instead of drowning security teams in a sea of maybe 10,000 alerts, Orca Security uses a graph-based engine. It understands that a vulnerability on a web-facing server with access to a database is much more dangerous than the same vulnerability on a test server with no internet access. Third, there is operational efficiency. It saves hundreds of hours for DevOps teams who no longer have to install, update, or troubleshoot security.

View full review »

I normally use Orca Security for AppSec, and one of the features that I use commonly is the application security. I love it because it's already covered in the same license, and I can get a good overview of all of my assets. I have a lot of accounts in cloud, and so it's sometimes hard to identify all activities or assets that have been used or not. Normally, some developers create some virtual machines and leave the VM on or don't remove it. Orca Security usually helps me to see these kinds of problems because I can see every asset in one platform.

I don't use the Cloud to Dev feature they mentioned, since I'm working with Orca Security directly.

I believe the feature referred to as Orca Sensor is cloud security detection. I use it frequently because it's very important. I really enjoy it because it's agentless. I don't need to install or build an agent in my assets in the cloud. Orca Security accomplished this safely and fast. It's pretty easy to identify security risks or security issues using Orca Security because it's totally agentless and I just need to connect my cloud environment. It's really good and pretty easy. They have one feature that I really like in this same vein; it's the news about security. For example, if a new vulnerability is found and it's not already published in a CVSS bug, Orca Security has new papers that already inform me, stating that I have this new issue and this asset has been affected by this new vulnerability, and it provides guidance on how I can fix it. I love it.

View full review »

My use case involves being in charge of the integration of this technology for over 100 clients in different environments.

View full review »

My use cases for Orca Security include working with the sales team and the pre-sales team to offer Orca Security in the Chilean market with an integrator or a partner of Orca Security. The real impact when the client or the potential client sees the POC is truly awesome because you can have 100% visibility since Orca Security provides full coverage across your entire cloud estate across AWS, Azure, and GCP within minutes, finding shadow assets that traditional tools like Cortex or Prisma from Palo Alto cannot detect.

Orca Security has other strategic features such as CNAPP or Cloud Network Application Protection Platform capabilities, including CSPM (Cloud Security Posture Management). You can detect misconfiguration and ensure compliance with frameworks like SOC 2, ISO 27001, or GDPR of the European Union. Another valuable feature is the Cloud Workload Protection Platform, where you can identify vulnerabilities such as CVEs, malware, and exposed secrets such as API keys or passwords inside your workloads during scanning. Another feature is Cloud Infrastructure Entitlement Management, where you can manage identities and permissions to enforce least privilege and find overprivileged accounts. Finally, there is Data Security Posture Management, where Orca Security can automatically discover and protect sensitive data such as PII and PHI to prevent data breaches.

View full review »

I implement Orca Security on B3 to improve my security maturity in cloud environments, mitigate risks, and correct vulnerabilities and resolve some issues.

View full review »

We used Orca Security for about two to three months until I left the company. The product itself is really good. It helped us streamline the way we access our servers. It increased the amount of security for our product and allowed us to work from different various places without having to always use a VPN that we had used before.

A lot of the comfort of just being able to access our servers and upload to local servers without having any security risks and having to take extra precautions was the main benefit because we had the safety of actually being able to use Orca Security.

View full review »

Our clients use Orca Security for various reasons. We implement it for the clients.

View full review »

We used Orca Security for Cloud Security Posture Management (CSPM), vulnerability assessment, and several other security controls, including Shimless Security. It helped us consolidate our security tools and provided a central view for organization-wide visibility.

View full review »

I use Orca Security to analyze misconfiguration and to alert our SOC team when a misconfiguration occurs in our environment so that we can open an incident and solve it.

For example, we have one alert that triggers when a security group is created and a resource is created and exposed to the internet without an ACL attached on the resource and with the security group allowing any IP from the internet to access the resource.

We have created some custom alerts, and we are trying to create some automatic remediation using Orca Security. However, we need to open a ticket to support Orca Security to inform them that we need it, and it will go to the development team, which is not ideal for us as a customer.

I use the risk score related to our vulnerability management program in Orca Security to analyze and prioritize how to fix issues and what we need to fix first. Any resources that have a risk score more than seven are critical for us, and we prioritize the fix accordingly.

I use Orca Security in our public cloud environment.

Using Orca Security, I have visibility in our environment without depending on another team. I can connect our AWS accounts and our cloud accounts directly on the platform, allowing me to see and analyze our environment automatically.

We use AWS, Azure, and GCP.

I find that using the AI search feature is particularly valuable, as you do not need extensive knowledge of the platform to identify resources and define what you need to find.

View full review »

We are using it for cloud security posture management to detect vulnerabilities, misconfigurations, threats, and malware in our cloud environment.

View full review »

I am primarily using Orca Security for cloud security. Being part of the vulnerability management team, I utilize Orca Security for generating vulnerability alerts on cloud assets.

View full review »

I use Orca Security as a CSPM tool primarily for cloud security and posture management. I utilize its CIEM and CDR features extensively. CIEM focuses on cloud infrastructure and entitlement management, and CDR deals with cloud detection and response.

View full review »

We use the solution to show misconfiguration. Often, users lack knowledge about their assets' fingerprints and their cloud provider's configurations.

View full review »

We wanted to understand our cloud environment better, so we had a demo of Orca Security and then signed a deal to access the full platform and identify our most vulnerable areas. I started to schedule scans and monitor the machines in our cloud environment to help fix vulnerabilities. I set rules for certain situations and performed tests using those rules, which worked very well. Since I have familiarity with red teaming, I could perform malicious activities to trigger those rules and observed the rule blocking my actions effectively.

View full review »

I mainly use it as a posture management tool to comply with security frameworks like CIS and NIST, strengthening my overall security posture. View full review »

I've been working on this cloud security platform for the past one and a half years. Essentially, we focus on checking different components of AWS and Azure. 

We check over containers, instances, and various other elements running in the cloud. Our work is specifically designed for the cloud environment. We identify and address internal vulnerabilities across applications and operating systems which we are using in the cloud. 

If there are any patch management requirements, we ensure they are done across different applications and even API interfaces. 

In summary, our goal is to maintain security settings across the cloud infrastructure, such as AWS and Azure, used by our company. We connect with the DevSecOps team to actively work on securing the cloud environment and remediate vulnerabilities. We make sure incidents are properly handled, and necessary updates are implemented without causing disruptions. To facilitate communication, we use SMS for incident closure. This has been our focus for the past year.

View full review »

We are using primarily Orca Security for our vulnerability assessment management. We are using it for our container it does free image scanning to find security loopholes that might be present in our overall infrastructure. Additionally, it provides the remediation steps and an overall overview of the security of our infrastructure.

View full review »

I use it for our cloud security posture. Initially, the idea was to increase visibility because we had zero visibility into our cloud environment.

View full review »

We are a solution provider and Orca Security is one of the products that we implement for our clients. Most of them are start-ups and scale-ups that are building their software on the cloud platform. If they don't have cloud services, they cannot use Orca, so that's the first requirement. They need to use a cloud platform like Amazon Web Services or Microsoft Azure or Google Cloud.

Then to use Orca, they need to make a connection with the cloud platform's API. This means that they don't need to install any software or hardware. At that point, the site-scanning technology in Orca Security will check for vulnerabilities in the environment, and then check whether there are any configuration issues.

Our clients can see the progress in compliance after they implement Orca. For example, there is a weekly report to show how things change. Most of the time, our clients start with perhaps 30% compliance. It gives you the option to select which standards you want to comply with, for example to the ISO standard, or the GDPR standard. Orca Security also has its own standards for specific cloud platforms.

You can see that the security improves by changing the configuration and tightening your cloud set-up. Similarly, when you start reducing the vulnerabilities that you have, the number of alerts you are receiving will decrease compared to what it was in the beginning. It takes some time to achieve a healthy state of cloud security but once a baseline is achieved, you will immediately see the problem if there is a critical alert. When a new vulnerability appears, it can be solved as soon as possible.

Orca's platform provides an agentless data collection facility that collects information directly from the cloud using APIs, with zero impact on performance. This is something that is very important because now, there is a need to have full visibility of your cloud security every day. One cannot rely on only a penetration test once a year, because our customers are start-ups and scale-ups that are really innovating. They are deploying code almost every day. They make changes to the configuration of their clouds using automated tools like Terraform, and they really need to have a solution like Orca to have the guarantee and the confidence that there is nothing new and critical being configured or added to that environment. For me, it's a no-brainer to have Orca running in your cloud.

By using the agentless approach, our clients avoid the need to deploy and maintain multiple tools. Also, if you're using an agent then you need to have it installed. This means that you have something running in your production environment, so that can have an impact.

Secondly, if you forget to deploy the agent on the new machine, you will not know that machine is there. You will not have a complete picture, and that's an important thing to consider. With Orca, you will have a full inventory of all of your assets, your configuration, your network setup, even assets that are not internet-facing. The old-school agent approach will not work, because even if you have the agents installed, you will still need to have something in the cloud doing scans. You will also need something that will look at the configuration of your cloud platform, which is not possible if you are just installing an agent on a VM.

Prior to Orca, our clients had considerably less coverage for their environments. When we compared the results of Orca against a typical vulnerability scan using Tenable, for example, the classical solutions only found 20%. This is because Orca is scanning behind the security configuration of your cloud provider, which is possible with integration using the API.

View full review »

We manufacture cloud solutions and we employ Orca Security to monitor them.

View full review »

We're using Orca Security to identify threats and vulnerabilities, manage our cloud security posture, and alert us to CSPM and threat issues.

View full review »

With Orca, the main thing that we're leveraging is their Cloud Security Posture Management capability. 

It is a SaaS solution.

View full review »

We use Orca Security in the cloud to protect all of our cloud-based AWS applications.

It secures all of our perimeter and AWS, as well as all of our databases, applications, and transport. For every facet of AWS, right down to operating systems, we use Orca to take a look at it.

View full review »

The first two things you need to do in security are to know what you have and keep it updated. If you can do that you're going to stop 90-plus percent of security attacks. That's our first use case. To know what we have and keep it updated. In general, it's really hard to do that in the cloud. It can take multiple systems and a lot of overhead to do it. That's one of the main things we use Orca for, so that we always know what we have and make sure it's updated.

On top of that, we use it to build things that have to do with our security posture. For example, are the ports that are supposed to be closed actually closed? For the data that's going through PII, is something open that shouldn't be? Are the permissions as they should be, per best practices? Is the compliance level correct for PCI and CIS, et cetera? There are many use cases around the posture of our environment, including the endpoints and the workloads. 

Overall, we use Orca for anything that has to do with making sure we check all the boxes and cover all our bases. It's a very core product for cloud security.

View full review »

Orca is the inceptive tool that I deploy when I join a company. It will be one of the first things I do after an awareness training program. The reason is that Orca serves the function of giving me insights into the resting risk state, abstractly, because it combines so many signals without actually having to govern the assets. As soon as I have access to the AWS or GCP or Azure accounts, I just drop Orca in and it shows me the abstract risk of everything in that cloud.

View full review »

Our use case is very simple. Orca Security is used to monitor and have control over your client's cloud environment, specifically the CP-CFPM.

View full review »

Some of the customers use it to actually look at their assets in the cloud.

It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just scan the entire assets in the cloud.

View full review »