Orca Security Reviews

We used Orca Security for Cloud Security Posture Management (CSPM), vulnerability assessment, and several other security controls, including Shimless Security. It helped us consolidate our security tools and provided a central view for organization-wide visibility.

The best features of Orca Security include its ability to perform a lot of security controls without requiring any installation of agents, making it very easy to set up. This feature allowed us to replace a lot of tools with one comprehensive platform, enhancing our ability to consolidate the security footprint on a large scale. 

It provided us with visibility from a central point, increasing our view from the previous thirty percent to a full one hundred percent of our cloud environment. This comprehensive view facilitated improvements in our security posture.

The documentation for Orca Security could be improved. The compliance framework also needs enhancements, especially concerning integrations with other tools like ServiceNow's vulnerability modules, which are not as mature as expected. 

It should also increase its capability to ingest data from other security tools like CloudSight for endpoint detection and provide real-time monitoring.

I was an administrator of Orca Security in my previous organization for almost two years.

There were some stability issues in the initial months of using Orca Security, but overall, it has room for improvement and is rated seven out of ten.

Orca Security's scalability is rated nine out of ten due to its challenge in scaling Kubernetes workloads, which require additional steps on top of connecting cloud accounts.

The technical support has room for improvement. The expertise levels could be improved, and on a scale from one to ten, I rate the support as six or seven out of ten.

We used several other tools before Orca, such as Microsoft Defender, Twistlock (Prisma Cloud), Rapid7, and AlgoSec. Orca Security replaced these by consolidating their functionalities into a single platform, which helped us save significant costs.

The initial setup of Orca Security was easy. We started with the cloud accounts we already had visibility and control over, then presented its value to the organization.

Orca Security significantly improved our visibility from 30% to 100%, enabling better security posture improvements rather than just general cost savings.

The cost of Orca Security is competitive compared to other market solutions.

I would recommend Orca Security to other users and rate it eight out of ten.

Public Cloud

I use Orca Security to analyze misconfiguration and to alert our SOC team when a misconfiguration occurs in our environment so that we can open an incident and solve it.

For example, we have one alert that triggers when a security group is created and a resource is created and exposed to the internet without an ACL attached on the resource and with the security group allowing any IP from the internet to access the resource.

We have created some custom alerts, and we are trying to create some automatic remediation using Orca Security. However, we need to open a ticket to support Orca Security to inform them that we need it, and it will go to the development team, which is not ideal for us as a customer.

I use the risk score related to our vulnerability management program in Orca Security to analyze and prioritize how to fix issues and what we need to fix first. Any resources that have a risk score more than seven are critical for us, and we prioritize the fix accordingly.

I use Orca Security in our public cloud environment.

Using Orca Security, I have visibility in our environment without depending on another team. I can connect our AWS accounts and our cloud accounts directly on the platform, allowing me to see and analyze our environment automatically.

We use AWS, Azure, and GCP.

I find that using the AI search feature is particularly valuable, as you do not need extensive knowledge of the platform to identify resources and define what you need to find.

The vision related to security frameworks is very valuable for us, and we use that to be compliant with standards such as PCI DSS. The way to create dashboards is very useful for us as well.

It is easy for us to have one place to check things, and when we need to create some report for our teams or for another team, we use these compliance visuals to see what is compliant and what is not compliant.

Orca Security can improve the way that a customer can create auto-remediation without depending on support to do that. Perhaps creating one space to implement a script or to create the auto-remediation inside the platform without support would be beneficial.

I have been using the solution for the last two years.

Orca Security is stable.

We used the Prisma solution from Palo Alto in the past, and I believe we changed to Orca Security because of the price that Orca Security offered. However, that is not something that relates directly to me, so I am not certain about that.

Public Cloud

Other

We are using it for cloud security posture management to detect vulnerabilities, misconfigurations, threats, and malware in our cloud environment.

Orca has helped us reduce the time it takes to address cloud security alerts because of its risk-based calculation and immediate notifications for critical assets and popular vulnerabilities.

One of the valuable features of Orca Security is its design and options that allow flexible filtering and user-friendly visualization. 

Additionally, it covers a large scope of vulnerabilities, CVEs, malware, and misconfiguration. It also helps identify compliance issues in our cloud environments like AWS or GCP.

Orca needs improvement in snoozing or dismissing specific alarms. Currently, snoozing dismisses all future vulnerabilities related to a CVE. Another improvement is in handling alerts for multiple files with the same CVE; it should provide an option to manage each file separately without affecting others.

I have been using Orca Security for around one year.

We have experienced some problems with the frontend, which occurred around three times a year, usually when updates introduced new lines of code that disrupted functionality.

Scalability is automatically managed. When you onboard an organization, Orca will find new projects, folders, and resources without any additional effort required.

I contacted support quite often, and they felt like family due to the frequency. I would rate the quality of support as nine stars out of ten due to their quick and helpful responses.

Positive

I have used CrowdStrike before but was not happy with its features in the CSPM realm. Many of my friends in cybersecurity use Wyz and are pleased with it.

Seventy percent of the deployment was completed successfully with documentation. However, we needed support from Orca for AWS onboarding. GCP was the easiest to onboard, followed by Azure, with AWS being the most challenging.

Pricing is flexible, depending on the number of licenses, contract duration, and future plans. The initial price seemed high, however, after negotiation, the final price was ideal.

I evaluated CrowdStrike and have heard positive feedback about Wyz from peers.

New users should have admin rights and follow Orca's clear documentation and web interface instructions for onboarding. 

It's rated eight out of ten for its overall performance.

Public Cloud

Other

I am primarily using Orca Security for cloud security. Being part of the vulnerability management team, I utilize Orca Security for generating vulnerability alerts on cloud assets.

One aspect that stands out is the seamless integration. Once our organization is configured, any cloud account under that organization is automatically detected in Orca Security, along with all the assets associated with it. 

Another valuable feature is the side scanning technology using a snapshot mechanism. This technology allows for coverage of almost all cloud assets without interrupting their operations.

Orca Security could improve its ticket creation process. Currently, it allows for creating tickets in only one bucket, which requires monitoring to redirect tickets to the appropriate team. It would be beneficial to have segregation for different projects. 

Additionally, Orca Security could improve in reporting OS package vulnerabilities, such as missing MS patches or Linux patches.

I have been using Orca Security for one year.

I would rate the stability as nine out of ten. I personally have not encountered any bugs or issues with the console. It runs almost 24/7.

I would rate the scalability as nine out of ten. The seamless integration allows us to automatically reflect any connected project from our cloud into the console.

I would rate customer service between eight and nine out of ten. The support team assists with issues and provides information on new updates, helping us understand the product better.

Positive

Previously, we used Rapid7 for vulnerability management. We switched because we moved from on-premises to the cloud, which required a cloud security solution.

I am not sure about the pricing, as all decisions related to pricing and configuration were made by a different department.

I recommend Orca Security to others looking for a cloud security solution due to its seamless integration and side-scanning technology that does not hamper cloud asset performance. It also offers automation for ticket creation directly from alerts.

I'd rate the solution eight out of ten.

I use Orca Security as a CSPM tool primarily for cloud security and posture management. I utilize its CIEM and CDR features extensively. CIEM focuses on cloud infrastructure and entitlement management, and CDR deals with cloud detection and response.

I find Orca Security's CIEM feature invaluable, as it focuses on entitlement and posture management, identifying assets with older OS versions, and asset misconfiguration. 

The CDR feature is also critical, focusing on detection and response, triggering alerts like brute force attacks and malware. It provides alert and asset details, which include multiple remediation actions. It combines functionalities of multiple security tools and collects alerts and logs from them.

A notable limitation with Orca Security is its scanning feature. The automatic scan only runs every 24 hours, and if an alert is remediated within an hour, it still remains until the next scheduled scan. A more frequent or on-demand scanning option might mitigate this issue.

I've been using Orca Security for one and a half years.

The stability of Orca Security is satisfactory, and I would rate it nine out of ten. I have experienced very little downtime.

Orca Security is highly scalable, and I would rate its scalability as eight to nine. I have observed minimal downtime.

I have had experiences where I needed to contact Orca support to address issues with alerts that remained active even after remediation. Based on my interactions, I would rate the support team a six out of ten.

Neutral

Orca Security's pricing is known to be a bit high, however, I'm not directly involved in that aspect.

I have not used any alternatives to Orca Security.

I would rate Orca Security overall as eight out of ten.

Hybrid Cloud

Other

We use the solution to show misconfiguration. Often, users lack knowledge about their assets' fingerprints and their cloud provider's configurations.

Orca Security has patented technologies. It's an agentless solution, so you don't need to install an agent. Instead, it contacts your account provider and fetches metadata, eliminating the need for snapshots or reserved space to copy client infrastructure.

The multi-cloud capability displays essential information and potential vulnerabilities with granular detail. For instance, it identifies paths that attackers might exploit to gain root or admin access to machines.

It is comprehensive, covering a wide range of software needs. They also integrate with CI/CD pipelines, enabling developers to ensure security from the early stages of code deployment. This integration provides a 100% guarantee on security, safeguarding images, configurations, and other crucial information throughout the development process.

The company is managed by industry veterans. It's a cloud-based product. They handle misconfigurations and analyse your runtime to detect malware. They're at the forefront regarding developer security. The platform is vast, inundated with information. One can easily feel overwhelmed by the sheer volume of data.

The solution is very detail-oriented, which can be overwhelming for nontechnical people.  On the other hand, understanding the security posture is very valuable for a technical person. 

I have been using Orca Security for a year.

If you choose the traditional or legacy option, you'll have to install an agent. Agents don't scale well. You can't effectively scale with agents because it requires manual intervention on each machine, consulting the agent, and it's not scalable because you'll need to reproduce that process. With Orca, we employ scanning technology, avoiding all the workload of installing agents. And then you can scale very quickly, in just a couple of moments. You can basically scale quickly without the need for those interventions.

Support is fairly prominent. They have knowledgeable people.

The initial setup is straightforward and takes five minutes to complete.

The ticket is quite expensive; it depends on which way you want to go. If you want to buy the licence on your own, you can opt for MSP licences where people are going to run a managed service. If you're going in, "I've got no time and no resources to do that," you can use managed service. We manage, we run the scan, and we work on the information on the findings. It's very different from other cloud solutions. Company A is in front of a company in Portugal, and they are linked together. It's a subsidiary. Orca will allow you to get your asset inventory very quickly which is quite expensive.

Orca is a SaaS solution. It is deployed on cloud but you can have it on prem as well. It works with all cloud providers.

All vendors are offering a primary solution for free. You might need to consider Orca for a certain number of workloads like VM, a server, or even a phone.

Orca is very intuitive and offers a lot of features. You can click on it, and you can see it all. The proper way is to go through an integrator or reseller; that's called the retail side. Before you take any action, call the retailer and ask them for a demo, in order for you to understand. If you start tomorrow and buy Orca, if you never call those guys, it's going to be a little bit difficult for you. You need someone who's trained to explain and show you around the platform.

Overall, I rate the solution a nine out of ten.

Public Cloud

We wanted to understand our cloud environment better, so we had a demo of Orca Security and then signed a deal to access the full platform and identify our most vulnerable areas. I started to schedule scans and monitor the machines in our cloud environment to help fix vulnerabilities. I set rules for certain situations and performed tests using those rules, which worked very well. Since I have familiarity with red teaming, I could perform malicious activities to trigger those rules and observed the rule blocking my actions effectively.

Orca Security has helped us significantly by giving clear visibility into our weakest points and allowing us to prioritize what truly matters. Its unified dashboard and contextual risk insights made it easier to quickly identify, fix, and protect the most critical vulnerabilities. As a result, we’ve been able to strengthen our environment faster and with much more focus.

Orca Security is a very user-friendly platform. We were migrating from another technology to Orca Security, and my first contact with Orca was excellent for seeing and understanding our cloud environment. It was very intuitive for me to use the platform.

I really appreciated how Orca Security uses AI. It was easier for me to explain to developers what they should fix. Sometimes it also has an auto-fix feature where AI provides the steps to fix that vulnerability. From an AppSec point of view, this is something that has been a game changer for me.

I experienced some problems with custom tags in Orca Security where I tried to separate the environment for business units so I could ask the tech lead responsible for that vulnerability to fix them. I had some problems trying to add custom tags because they create one custom tag for all assets in our environment, and they don't have that feature well prepared for this kind of situation.

The scans you try to perform on the platform can take a very long time to complete. I didn't face any delay or lagging issues otherwise, but the scans take considerable time.

I used Orca Security for the last ten months while working for a startup here in Brazil.

I installed Orca Sensor in some machines in our environment and it worked well at first, but it disconnected sometimes. Our support team helped us get it online as soon as possible.

I believe Orca Security can fit for both smaller and larger companies. In our case for a smaller company, it works very well, but it is really scalable for bigger companies.

I needed to contact support mainly for the custom tags issue I mentioned earlier. They are very clear and very fast with solutions. I could talk with engineers from Israel and India, and I also had a contact point in Brazil that helped me get responses as quickly as possible. I had a very positive experience with Orca Security support.

I would rate their support an eight out of ten. I had one or another problem that is on their roadmap to fix, but their answer was very fast. They communicated that certain features are planned but not currently available, or they might be ready for the next quarter. However, what they could help me with, they helped with as quickly as they could.

Positive

Previously we were using Palo Alto Prisma Cloud before Orca Security. Orca Security was much better for me in visual aspects to see the environment, see the vulnerabilities, see all the assets, and then split everything into our business units.

It was easy to install and set up everything. Setting up all the components, for example the sensors and the connection with our GCP, was straightforward and was assisted by someone on Orca Security's side.

In our case, it was me, someone on Orca Security's side helping us, and another person on my side who is a tech lead.

The return on investment occurred within one or two weeks, I believe.

I'm not sure about the details because my coordinator and manager signed that deal. However, I remember it was cheaper than Palo Alto Prisma Cloud. I'm not certain what the exact dollar amount per month was.

I'm not sure if we bought it from a reseller. I'm not certain right now whether it was from a reseller or directly from Orca Security.

We are not a reseller or partner of Orca Security. My overall rating for this solution is eight out of ten.

Private Cloud

Google

I mainly use it as a posture management tool to comply with security frameworks like CIS and NIST, strengthening my overall security posture.

The reporting and automated remediation capabilities are valuable to me. They're real game-changers.

Maybe better customization options for security frameworks and better integration with reporting tools like Power BI or Grafana dashboards. Modularizing reports and dashboards would be fantastic. Simplifying the way users build custom frameworks would be good.

I have been using this solution for one year.

No issues at all! It's been quite stable and reliable.

It is a very scalable solution. It supports all three major cloud providers and is designed for easy deployment. So, from my perspective, it's highly scalable.

The customer support was not good. It really depended on who you got assigned to. Overall, I'd say it was decent, not perfect, but definitely helpful.

Neutral

We also looked at Lacework and CrowdStrike. The main problem with Lacework was the pricing model. It was based on capacity, and with our ever-growing environment, the costs became unsustainable.

The features, ease of integration, and compatibility with all our security frameworks swayed us towards Orca.

We migrated everything to Orca and haven't looked back.

The initial setup is very easy. I would rate my experience with the initial setup a ten out of ten, where ten is easy to set up.

I managed it all by myself. We had some support from Orca at the time, but the process itself was very easy. The whole setup, from initial discussions with Orca and setting up our own environments, was only about two to three days.

It is worth the money we are paying for it.

It's not as expensive as some competitors like Prisma Cloud, but it's not the cheapest either. A subscription model based on AWS usage would be an interesting option to explore.

Users can meet all the needs around security, automation, customization, and reporting. Orca is a feature-rich tool, easy to use, and seamlessly integrates with major cloud providers.

It offers comprehensive visibility not just from a security standpoint but also for management and high availability. That's my key advice.

Overall, I would rate the solution a ten out of ten.