Orca could give me more alerts. It could give me a dashboard with all the specific types of alerts I want to see for the day. It should just be one click. This is one area where I feel Datadog is better. Datadog has something called Security Signals, where they give you a dashboard, and you can structure it by the day or specify a period. It just tells you the different security signals that have occurred with a very obvious risk designation by color. That makes it easier than Orca's current view. So I think Orca could improve its interface.

Another shortcoming of Orca is that it doesn't integrate with our particular non-standard ticketing system. So we have to finish developing an appropriate webhook for it. Other than that, it's integrated well with our identity provider and with our cloud environments.

View full review »

I would say that there are some loading issues. Since this is a cloud-native platform, there may be a problem with connecting to the dashboard as soon as it's open. The interface can be a bit cranky and sometimes takes a lot of time to load. So, the way APIs are deployed for our dashboards or monitoring systems needs to be corrected and optimized.

In future releases, Orca Secure needs to have new integrations with different security solutions apart from the cloud. We have EDRs, XDRs, and MDRs. Orca Security should automate the process of connecting and integrating with these solutions. It can be an essential way of protecting the infrastructure in an effective manner.

View full review »

Maybe better customization options for security frameworks and better integration with reporting tools like Power BI or Grafana dashboards. Modularizing reports and dashboards would be fantastic. Simplifying the way users build custom frameworks would be good. View full review »

The main drawback in an agentless approach is that if the solution detects a virus or malware in the environment, we need to manually remove it. But from my experience with other production environments, it's not straightforward to install agents in the hope they will automatically remediate viruses, even from production environments. If you make mistakes, you can cause huge damage to your environment and, when it comes to production, there is zero tolerance for errors. And realistically, you can't use the most important feature of an agent, which is the remediation, because remediating on production is not something that is easy to do.

Orca's agentless approach makes more sense. Even if you have an agent, it takes resources. In addition, you need to deploy, maintain, and update an agent, which amounts to a lot of unnecessary work. And lastly, while it's true that an agent sees more when compared with an agentless solution, the gap is very small.

In the end, to make sure that we progress and that our security level is increasing, we need to take action. Orca is only a detection tool. It shows you the problems, but you need to make sure that the problems are fixed. It's a fair trade-off because production is a different environment. It's not like endpoint security where the cost of ruining an endpoint is worth the risk. You would rather kill an endpoint than risk being infected with malware. But this is not the same approach for data center or cloud security.

Ultimately, the ability to auto-remediate is something that I would like to see.

View full review »

In the future, I'd like to see Orca work better with third-party vendors. Specifically, being able to provide sanitized results from third parties.

I would like to see support for FedRAMP certification.

View full review »

I would like to see an option to do security checks on a code level. This is possible because they have access to all of the code running in the cloud provider, and combining their site-scanning solution with that would be a nice add-on. This would guarantee our customers that whatever is running in their cloud production is secure on all layers.

It would be nice if this solution had the capability of fixing issues. As it is now, it only reports them. Having a button to patch a product, disable a service, or delete a VM would be nice. At this point, this is something they might not want to do because they are only doing audits rather than making changes. It is also something that would require having additional permissions, including write access using the API.

View full review »

They can expand a little bit in anti-malware detection. While we have pretty good confidence that it's going to detect some of the static malware, some of the detections are heuristics. There could be a growth in the library from where they're pulling their information, but we don't get a lot of those alerts based on the design of our products. In general, that might be an area that needs to be filled since they offer it as a service within it.

View full review »

Maybe the presentation of the data in the dashboard. It's a little bit chaotic. There is room for improvement.

View full review »

I would be happy if they offered more automatic remediation options. They're working on that, but the more the better. For example, if they want you to harden a server, they would offer a hardening script that would be more aware of what's going on.

I would also be happy if they added more and more coverage. The cloud itself is changing, with Amazon and Azure adding more and more capabilities. Orca is working really hard to meet the challenge, but the more they add, the better it is for me.

Another improvement would be that, in addition to focusing on endpoint compliance, they would focus on general compliance.

These are things that they're working on and their roadmap is very good. If they keep to the roadmap, I'm pretty sure they'll get to the places they want to get to. For instance, I really want them to add IAM permissions and they added that.

They know where they're going—they understand how to secure a cloud—and they keep growing in that direction.

One final suggestion I would add is for Orca to improve user education. A lot of times they have features and capabilities but they don't tell us about them. They don't even have a "What's New" newsletter. I have said to them, "Tell us what's going on. You've got a lot of cool stuff here. Why do I have to ask you? Let me know." If you have Google products, Google sends out a newsletter every week with new features. It's important to know that kind of information. It's also a marketing tool to let users know that they're constantly improving. Orca is constantly improving, but they don't always communicate that.

View full review »

The solution could improve by making the dashboards more elaborative and more descriptive.

View full review »

I'm thinking about room for improvement that is really grand, in terms of ways that may not be possible. I like to partner with innovators and that's why I partnered with Orca. I don't think what I have in mind is possible—but I didn't think Orca was possible either when I met them. 

If they could disrupt the host intrusion detection space (HIDS) that would be huge. If I could have them assess risk in real-time—which does not seem possible from the block storage analysis perspective—and they could figure that out without an agent, there would be no need for other security tools except for CI/CD pipeline analysis. 

I'm thinking about "omniscient" and "omnipresent." That's what Orca does from a resting state risk standpoint. It's the "all-seeing eye." If it could do that from an active state standpoint in real-time, or even to the second, minute, or hour, that would be big stuff. If they could crack that I don't know what would stop them from dominating the market completely.

On a more practical level, Orca doesn't work in data centers right now. If a company has a large data center footprint, Orca is not necessarily the best solution for that business. If 20 percent of my risk lies in the cloud, and 80 percent is in data centers, I should probably go with an agent-based solution, assuming I can deploy it.

View full review »

As with all software, the user interface can always be made simpler to use. It would be helpful for people with very little knowledge, like somebody sitting behind the SOC, to allow them to be able to drill down into things a little bit easier than it is currently.

View full review »

With any security tool, there's always room for improvement. We were among the early adopters, and many of the major improvements that we were looking for have already been added. Right now, we're looking at what the other players in that space are offering and if it can be integrated into Orca. I had a discussion with Orca six months ago about implementing these features. But once you start customizing your tool for specific customers, it doesn't necessarily mean that it will match the needs of other customers, and you begin to branch out. In general, I think the Orca's roadmap is pretty well aligned to what we need today.

View full review »