What is our primary use case?
We use Orca Security in the cloud to protect all of our cloud-based AWS applications.
It secures all of our perimeter and AWS, as well as all of our databases, applications, and transport. For every facet of AWS, right down to operating systems, we use Orca to take a look at it.
How has it helped my organization?
Orca provides the capability for agentless data collection directly from your cloud configuration and from the workloads' runtime block storage, which is one of the massive advantages of the tool. The tool gives us the ability to monitor things as we spin them up and as we tear them down. I can't state emphatically enough how important the agentless tool is.
For example, when most people move their applications from on-premises to the Cloud, which is what we in IT call a forklift, they just copy it over or re-create it there. Very seldom do people actually re-engineer or re-architect their applications to take full advantage of the cloud.
With the cloud, you can create serverless applications and serverless databases, so that when you need something you can spin it up and use it. When you don't need it, you can tear it down or destroy it so that it's gone. This not only saves money and is very efficient but from a security perspective, it's critical because every time you have something running somewhere, it could be attacked. This is what is referred to as an attack surface.
By using serverless tools and agentless monitoring, you can tear it down when you're done and that reduces your attack surface dramatically. Without a tool like Orca, that's agentless, you would not be able to do that. You would have to install software on the application and keep it running in order to monitor it, which really defeats the whole purpose of the cloud.
In terms of performance, because it's agentless, it's not stealing cycles from your application. It's not what's called a heavy application.
The agentless and direct collection of data enables Orca to see assets within its environmental and business contexts and prioritize truly critical security issues. This is one of the huge advantages of Orca. It sees everything in the environment and through its AI, properly categorizes what the threats are and shows them to you in a much better way. It aggregates all of the alerts and determines what's really important, and then shows them to you. It greatly reduces the need for additional staff to pore through all of the alerts to try and determine what's real, what's critical, and what the real problems are. It does all of that work for you.
Prior to Orca, our cloud visibility was perhaps 20% of what it is now. This is the reason that we were delaying moving to the cloud. The additional coverage has allowed us to move critical applications to the web that we had been holding off on because of the lack of cloud visibility. We have now moved multiple critical applications and we're able to view them in a way that we would not have been able to without Orca.
An important thing to consider is that Orca is a one-size-fits-all solution, which is very rare in the security world where everything is piecemeal. Normally, to protect something, you need five or six different tools or products. In this case, one product gives you all of the visibility that you need for your landscape, into all of your cloud properties. It is really the best of all worlds.
It's critically important to keep things simple, and it helps that Orca has everything included out-of-the-box. You only need one tool and it's helpful because there are so many security solutions on the market that a lot of security people get confused and they end up with products that overlap each other. Part of the reason for this is that all of the security solutions are trying to expand into other areas, and become more useful on the whole.
When you end up with these overlaps in products, it confuses people including end-users and support staff. Oftentimes, you end up with redundancy or things that conflict because the software isn't designed to be compatible with all of the other tools that are out there in the market. You end up with a messy collage of tools trying to accomplish something and it doesn't work well. It ends up with gaps, overlaps, and it just creates problems for security.
With Orca, it's as if they took a whiteboard and set out to fix all of that, and do everything in one tool. What they built architecturally is a beautiful, simple, and easy-to-use product.
We are frequently audited by our clients, which are Fortune companies in the finance, automotive, utility, and telecom industries. They audit us from a security perspective quite frequently. By using Orca, we can prove to them that we are secure in all of the core areas that they're looking at.
Like a lot of cloud SaaS tools, which is the new generation of technology, you expect things to be automatically updated for you. It's like using Chrome, where when you decide to take an update, you don't have to pay for it. You assume that the company behind the product is constantly updating it on your behalf. This is a model that is critically important from a security perspective.
Imagine buying an antivirus product and the company says that they're not giving you updates until you pay for them. A lot of companies do that but more of the newer companies will instead license you the product for a year or two at a time. During the license period, you get all of your version updates and everything you need. It's included and it's done automatically. That's the model that Orca chose and from a security perspective, it's the best model for a customer like me.
What is most valuable?
Orca provides X-ray vision into everything within the cloud properties, whereas normally, this would require multiple tools. As an analogy, for on-premises equipment, you would need different tools to be able to see the performance of a system, determine what versions of software applications are installed, and look at the security. You would need yet another one to give you a holistic view of all of the hardware inside of the system.
From this one platform, we can get visibility right down into the hardware through all of the applications, and through the operating system. One application provides an entire view of our security. Gartner coined the name Cloud-Native Application Protection Platform, in reference to this product, because Orca created did not exist previously. Orca literally invented a whole new way to view security in the cloud.
Because the interface is so simple, you don't need people that have tons of experience. You can take a lower-level person and give them basic instructions on what to watch for. If anything comes up with a high-level or medium-level alert, then they have to contact somebody else. It's literally that easy.
What needs improvement?
As with all software, the user interface can always be made simpler to use. It would be helpful for people with very little knowledge, like somebody sitting behind the SOC, to allow them to be able to drill down into things a little bit easier than it is currently.
For how long have I used the solution?
I have been using Orca Security for approximately two and a half years.
What do I think about the stability of the solution?
We haven't had a single stability issue. From my perspective, it's awesome.
What do I think about the scalability of the solution?
Scalability is built into the product. We've scaled this pretty tremendously up and down as we've needed to, based on serverless needs across VPCs, across servers, and across various instances. It scales perfectly across our environment.
It monitors all of our AWS instances. We give it everything. In fact, as we add more and more to the cloud, Orca is there already, ready to protect us, so we're scaling it. Every month we add more to it.
How are customer service and support?
We have been in touch with technical support a few times. It's been very few and far between but it was to ask about the meaning of some of the error messages that we saw.
I would rate the technical support a nine out of ten. We don't use it very much and as such, I don't have enough touchpoints to be able to assess it. I'm leery about rating something the highest possible score without having enough visibility into it.
There was a situation where we provided feedback to the vendor and they incorporated it into the product very quickly. We were very surprised that they listened and acted upon it so quickly and I think that this is more important than support because no product is perfect. They were eager to improve their product because they strive to be better. I can't say enough good things about them.
Which solution did I use previously and why did I switch?
There was nothing on the market, anything like their solution, prior to Orca coming along. It literally created a whole new category. It was the right tool at the right time and they had the vision to create it.
We were using a myriad of bolt-on tools at the time, to try to cobble things together, but we never really accomplished very much using them. That is why we went looking for the product that we did. Ultimately, we weren't moving anything to the cloud because we couldn't find the visibility that we wanted.
In order to move to the cloud, you need a tool like Orca to have visibility of all of your real estate, architecture, and applications that are out there. Without it, you literally have gaps you don't know about and you are running blind. It's like running with blinders on and you can only see where you're looking, versus being able to look 360 degrees around you. It gives you that level of visibility. It's truly X-ray visibility.
How was the initial setup?
The initial setup was amazingly easy. You don't have to really do anything outside of creating an account with them. It was absolutely simplistic. It exceeded our expectations from an installation perspective. It couldn't be easier.
Because there are no agents, you have no deployment time. Another beauty of it is that you don't have to sit there and try to install agents on every device and every server and every application and every instance or every VPC. It's just automatically done.
Once you give them access and they scan your environment, it's done for you. You don't have to do anything at all. It learns about your environment. You don't have to install anything, so it saves your time because you really don't do anything at all. It's the way that all software should be. They should do all of their learning on their own without you having to install things the whole way.
What about the implementation team?
We implemented it with our in-house team.
What was our ROI?
This product has saved us tremendous amounts of time and money.
I would just say that you're doing yourself, your business, and your customers a disservice if you're not using Orca, or a tool like it, that provides a deep X-ray-like view into your environment to properly secure it.
We would not be in the cloud or have as much in the cloud without this tool. It's really a precursor to moving anything major into the cloud. In that regard, it's our future. Cloud is our future and without Orca carrying that future, we can't do the things that we want to do. It's very difficult for me to put a return on investment on it because it's so intertwined with everything that we do. We wouldn't be able to do the things that we do without it.
Which other solutions did I evaluate?
Our search for this product began because we wanted to move to the cloud and we knew that we were vulnerable if we moved up there. We didn't have the visibility that we needed so I actually went looking for this solution. I looked throughout the industry. I talked to everybody I knew and there was nothing. Everybody was cobbling solutions together, trying to achieve some sort of visibility.
A lot of people didn't even know that they were vulnerable or that they had gaps. We did and we saw it. We figured it out and we went looking for a solution.
Coincidentally, I was speaking with somebody at a conference who had recently learned about Orca and they told me about the product. Within a couple of months, he put me in contact with their co-founder and we entered discussions from that point.
What other advice do I have?
The analogy that I like to use when discussing Orca is similar to that of purchasing a used house. When you look at it from the street or after doing a walkthrough, you have no idea what is going on under the floors, or above the ceiling, or behind the walls. There can be all kinds of problems like faulty wiring or leaking plumbing, and you wouldn't know that they existed. This is where the beauty of Orca and the X-ray vision comes in.
You can see all of these things right down to the chip that's used in your cloud instance. It's literally an amazing perspective that to my knowledge, no other tool prior to Orca provided. In my analogy about the house, there is no tool that you can use to see behind everything before you buy a house. However, with Orca, you can see everything.
Everything is laid bare to you before you move your apps up there, or once you move them to the cloud and you begin to build out your real estate. Without a tool like Orca, you're flying blind like a pilot in an airplane without radar. You just can't do that.
When I first looked at Orca, I was somewhat skeptical about whether it could do everything that they claimed. In fact, I'm always skeptical to a degree. In this case, it's different. It literally blew me away based on what I could see. If I consider the analogy of the house, I expected to be able to see under the floor. What I didn't expect was to be able to see behind all of the walls and through the ceiling and through the roof and into the basement, and everywhere. I thought to myself that we couldn't live without this tool. That's how good it is.
If I could rate this product a 15 out of 10, I would. It has well exceeded my expectations and I remember that when I first looked at the Orca environment, I thought that it was amazing. I was able to click, drill down, do everything that I wanted to be able to do, and more.
I would rate this solution a ten out of ten.
Which deployment model are you using for this solution?
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.