The documentation for Orca Security could be improved. The compliance framework also needs enhancements, especially concerning integrations with other tools like ServiceNow's vulnerability modules, which are not as mature as expected. 

It should also increase its capability to ingest data from other security tools like CloudSight for endpoint detection and provide real-time monitoring.

View full review »

Orca needs improvement in snoozing or dismissing specific alarms. Currently, snoozing dismisses all future vulnerabilities related to a CVE. Another improvement is in handling alerts for multiple files with the same CVE; it should provide an option to manage each file separately without affecting others.

View full review »

I really love the way Orca Security worked. A potential improvement could be additional security features for the two-step authentication, such as fingerprint recognition similar to what Checkpoint does. That could be something to consider, though it's more about convenience than security as we didn't have any security issues.

The timeout settings could be made more customizable, as sometimes if I leave the office early, it's still running unless manually turned off. The process of turning it off isn't very straightforward, so making it easier to turn off manually would be beneficial. It would be good for any business to implement so they don't have to use a VPN. Security in today's age is important, and if a company can afford it, they should get it as it's the most valuable protection against threats.

View full review »

Orca Security could improve its ticket creation process. Currently, it allows for creating tickets in only one bucket, which requires monitoring to redirect tickets to the appropriate team. It would be beneficial to have segregation for different projects. 

Additionally, Orca Security could improve in reporting OS package vulnerabilities, such as missing MS patches or Linux patches.

View full review »

Orca Security can be improved as there should be some kind of central pane of glass. Similar to how cloud management works, Orca Security should have something comparable. They have something right now, but it is not fully developed. For example, if they have something similar to Palo Alto Panorama, it would be a great tool for their existing customers.

View full review »

A notable limitation with Orca Security is its scanning feature. The automatic scan only runs every 24 hours, and if an alert is remediated within an hour, it still remains until the next scheduled scan. A more frequent or on-demand scanning option might mitigate this issue.

View full review »

The company is managed by industry veterans. It's a cloud-based product. They handle misconfigurations and analyse your runtime to detect malware. They're at the forefront regarding developer security. The platform is vast, inundated with information. One can easily feel overwhelmed by the sheer volume of data.

The solution is very detail-oriented, which can be overwhelming for nontechnical people.  On the other hand, understanding the security posture is very valuable for a technical person. 

View full review »

Maybe better customization options for security frameworks and better integration with reporting tools like Power BI or Grafana dashboards. Modularizing reports and dashboards would be fantastic. Simplifying the way users build custom frameworks would be good. View full review »

The main drawback in an agentless approach is that if the solution detects a virus or malware in the environment, we need to manually remove it. But from my experience with other production environments, it's not straightforward to install agents in the hope they will automatically remediate viruses, even from production environments. If you make mistakes, you can cause huge damage to your environment and, when it comes to production, there is zero tolerance for errors. And realistically, you can't use the most important feature of an agent, which is the remediation, because remediating on production is not something that is easy to do.

Orca's agentless approach makes more sense. Even if you have an agent, it takes resources. In addition, you need to deploy, maintain, and update an agent, which amounts to a lot of unnecessary work. And lastly, while it's true that an agent sees more when compared with an agentless solution, the gap is very small.

In the end, to make sure that we progress and that our security level is increasing, we need to take action. Orca is only a detection tool. It shows you the problems, but you need to make sure that the problems are fixed. It's a fair trade-off because production is a different environment. It's not like endpoint security where the cost of ruining an endpoint is worth the risk. You would rather kill an endpoint than risk being infected with malware. But this is not the same approach for data center or cloud security.

Ultimately, the ability to auto-remediate is something that I would like to see.

View full review »

Orca could give me more alerts. It could give me a dashboard with all the specific types of alerts I want to see for the day. It should just be one click. This is one area where I feel Datadog is better. Datadog has something called Security Signals, where they give you a dashboard, and you can structure it by the day or specify a period. It just tells you the different security signals that have occurred with a very obvious risk designation by color. That makes it easier than Orca's current view. So I think Orca could improve its interface.

Another shortcoming of Orca is that it doesn't integrate with our particular non-standard ticketing system. So we have to finish developing an appropriate webhook for it. Other than that, it's integrated well with our identity provider and with our cloud environments.

View full review »

The solution could improve by making the dashboards more elaborative and more descriptive.

View full review »

In the future, I'd like to see Orca work better with third-party vendors. Specifically, being able to provide sanitized results from third parties.

I would like to see support for FedRAMP certification.

View full review »

They can expand a little bit in anti-malware detection. While we have pretty good confidence that it's going to detect some of the static malware, some of the detections are heuristics. There could be a growth in the library from where they're pulling their information, but we don't get a lot of those alerts based on the design of our products. In general, that might be an area that needs to be filled since they offer it as a service within it.

View full review »

I would be happy if they offered more automatic remediation options. They're working on that, but the more the better. For example, if they want you to harden a server, they would offer a hardening script that would be more aware of what's going on.

I would also be happy if they added more and more coverage. The cloud itself is changing, with Amazon and Azure adding more and more capabilities. Orca is working really hard to meet the challenge, but the more they add, the better it is for me.

Another improvement would be that, in addition to focusing on endpoint compliance, they would focus on general compliance.

These are things that they're working on and their roadmap is very good. If they keep to the roadmap, I'm pretty sure they'll get to the places they want to get to. For instance, I really want them to add IAM permissions and they added that.

They know where they're going—they understand how to secure a cloud—and they keep growing in that direction.

One final suggestion I would add is for Orca to improve user education. A lot of times they have features and capabilities but they don't tell us about them. They don't even have a "What's New" newsletter. I have said to them, "Tell us what's going on. You've got a lot of cool stuff here. Why do I have to ask you? Let me know." If you have Google products, Google sends out a newsletter every week with new features. It's important to know that kind of information. It's also a marketing tool to let users know that they're constantly improving. Orca is constantly improving, but they don't always communicate that.

View full review »

I'm thinking about room for improvement that is really grand, in terms of ways that may not be possible. I like to partner with innovators and that's why I partnered with Orca. I don't think what I have in mind is possible—but I didn't think Orca was possible either when I met them. 

If they could disrupt the host intrusion detection space (HIDS) that would be huge. If I could have them assess risk in real-time—which does not seem possible from the block storage analysis perspective—and they could figure that out without an agent, there would be no need for other security tools except for CI/CD pipeline analysis. 

I'm thinking about "omniscient" and "omnipresent." That's what Orca does from a resting state risk standpoint. It's the "all-seeing eye." If it could do that from an active state standpoint in real-time, or even to the second, minute, or hour, that would be big stuff. If they could crack that I don't know what would stop them from dominating the market completely.

On a more practical level, Orca doesn't work in data centers right now. If a company has a large data center footprint, Orca is not necessarily the best solution for that business. If 20 percent of my risk lies in the cloud, and 80 percent is in data centers, I should probably go with an agent-based solution, assuming I can deploy it.

View full review »

With any security tool, there's always room for improvement. We were among the early adopters, and many of the major improvements that we were looking for have already been added. Right now, we're looking at what the other players in that space are offering and if it can be integrated into Orca. I had a discussion with Orca six months ago about implementing these features. But once you start customizing your tool for specific customers, it doesn't necessarily mean that it will match the needs of other customers, and you begin to branch out. In general, I think the Orca's roadmap is pretty well aligned to what we need today.

View full review »

I would like to see an option to do security checks on a code level. This is possible because they have access to all of the code running in the cloud provider, and combining their site-scanning solution with that would be a nice add-on. This would guarantee our customers that whatever is running in their cloud production is secure on all layers.

It would be nice if this solution had the capability of fixing issues. As it is now, it only reports them. Having a button to patch a product, disable a service, or delete a VM would be nice. At this point, this is something they might not want to do because they are only doing audits rather than making changes. It is also something that would require having additional permissions, including write access using the API.

View full review »

As with all software, the user interface can always be made simpler to use. It would be helpful for people with very little knowledge, like somebody sitting behind the SOC, to allow them to be able to drill down into things a little bit easier than it is currently.

View full review »

Maybe the presentation of the data in the dashboard. It's a little bit chaotic. There is room for improvement.

View full review »

I would say that there are some loading issues. Since this is a cloud-native platform, there may be a problem with connecting to the dashboard as soon as it's open. The interface can be a bit cranky and sometimes takes a lot of time to load. So, the way APIs are deployed for our dashboards or monitoring systems needs to be corrected and optimized.

In future releases, Orca Secure needs to have new integrations with different security solutions apart from the cloud. We have EDRs, XDRs, and MDRs. Orca Security should automate the process of connecting and integrating with these solutions. It can be an essential way of protecting the infrastructure in an effective manner.

View full review »

Actually, it's not all clouds that they are currently onboarded with. For instance, they are not yet with public cloud and many other private clouds.  

Therefore, there is room for improvement, and more private clouds should be added. For the private cloud, we need to install agents into the environment.

View full review »