Orca Security Room for Improvement
From my perspective, Orca Security is a really good tool. I would say one area I would like to see CNAPP platforms get is more intelligence when it comes to risk prioritization, which correlates with vulnerability, exposing assets, identities, and active threats to help the security team focus on risks that are more likely to be exploited. I am a huge advocate for automation. I also think deeper automation for remediation or stronger integration with ticketing and CI/CD pipelines or more customization would help. Executive reporting would help the security team respond significantly faster and communicate risk more effectively if those kinds of improvements are made.
View full review »I think Orca Security should be more SMB friendly since I mostly work with enterprise customers who have more budget. Orca Security could include options for smaller businesses and improve on areas like agentless functionalities and cost efficiency for small-scale deployments.
I work in an SMB organization and find Orca Security quite expensive. They typically offer some credit periods to conduct proofs of value for various products.
For enterprises, I find Orca Security to be fairly priced, whereas it is a bit more expensive for SMBs.
View full review »Since I have not used Orca Security for 10 months, I am uncertain what areas still need improvement, as they may have rolled out features that addressed issues I faced in the past. However, I can say the tool is good. A few things could potentially be improved, particularly regarding false positives and the UI. What I observed is that they release updates to the platform without notifying the customer. Every time the UI is upgraded, they release something without notification. This could be a slight improvement. If they released some kind of notification to just inform the customer about UI changes, the customer would be aware of the changes that Orca Security is making in the backend.
View full review »Buyer's Guide
Orca Security
June 2026
Learn what your peers think about Orca Security. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
904,054 professionals have used our research since 2012.
The difference between agentless and agent solutions is that while agentless provides great visibility, it does not offer real-time blocking. Orca Security could improve in this area by combining agentless features with real-time blocking capabilities.
They could add automation to automatically fix detected vulnerabilities and improve real-time runtime protection. More specifically, Orca Security could enhance lateral movement detection.
Orca Sensor, while important for detailed scanning and detection, could benefit from better automation and support for Windows environments.
View full review »I see vulnerabilities as an area for improvement. In my opinion, the other platforms, such as Qualys and Prisma Cloud, have more efficiency in vulnerability detection, but Orca Security is not as strong in this area.
It is necessary to have a team because there is more responsibility, more activities, and it is necessary to have different opinions.
For example, when I have subscriptions by Azure or accounts by AWS, it is necessary to perform maintenance because you have to add a new subscription or new accounts in Orca Security. This configuration is not automatic; it is manual.
View full review »I think the downside of Orca Security is the reports. I don't have any good reports ready to deliver to an executive. If I need to deliver some reports to my account manager or an executive, I don't have anything ready. I need to extract information and put it in another tool to construct some reports or dashboards or to report to my manager.
View full review »Identifying areas in Orca Security that have room for improvement is challenging, as there are multiple considerations including price, customization, AI, UI, and factors that could make it better or easier to use. I must consult with someone in the field because I cannot provide this information at this time since I am not operating the solution directly.
What would make it a ten for me as an integrator is difficult to determine. I believe they need more time developing this solution, which means they need to be more comprehensive and extended in their approach. I think this represents the opinion of the majority.
View full review »I would add that the CDR, the Cloud Detection and Response that Orca Security offers, could be improved as it is not the best functionality that it offers. Orca Security is good at posture, but not at the response and alerting in real time.
Orca Security can be improved as it is very good at posture, but it does not detect attacks or behavioral attacks in the cloud on its own; it depends on other security features or logs like GuardDuty from Amazon, lacking its own intelligence to detect and respond to attacks.
Additionally, it could be useful if Orca Security has more context on the network and how the resources are exposed. For example, it could take into account that we have a firewall in front of an S3 in Amazon and understand that we do not have so much risk there because of that firewall, incorporating the network topology context, which today does not function as it should.
View full review »The price is one thing I would like to see improved because the pricing is a little elevated, as the pricing is based on the quantity of workloads. However, I think that since Orca Security is a medium company, you can negotiate the pricing if you are a medium company.
View full review »I have concerns about OCI support. When I work with Orca Security, the support for OCI is limited, so I cannot effectively work with the OCI environment.
View full review »Orca Security could benefit from more agentic workflows, where agentic workflows could be integrated with Orca Security to provide a quick view of large reports and issues we have. Additionally, data analytics capabilities could be improved.
View full review »In two implementation projects that I participated in, the customers reported difficulty with the options for generating specific reports. With these same customers, we had problems importing the custom tags from the connections in an AWS account. Orca Security needs report customization and custom collection, as well as custom tag collection improvements for the platform. Integration with Vulcan, a feature of Tenable, also needs improvement.
View full review »HG
Harsh Goenka
Cloud Architect at a outsourcing company with 51-200 employees
There is one issue that I encountered: when Orca Security provides CVEs and we attempt to implement its solutions, sometimes those solutions are not available on the cloud and cannot be implemented.
My main concern is the integration of Orca Security with generative AI for remediation inquiry.
Another concern I have is around the guardrails.
The primary improvement that Orca Security needs is to enhance its remediation steps based on the cloud platform being used.
View full review »DM
Danny Mishkit
Software Developer at a tech vendor with 1,001-5,000 employees
I really love the way Orca Security worked. A potential improvement could be additional security features for the two-step authentication, such as fingerprint recognition similar to what Checkpoint does. That could be something to consider, though it's more about convenience than security as we didn't have any security issues.
The timeout settings could be made more customizable, as sometimes if I leave the office early, it's still running unless manually turned off. The process of turning it off isn't very straightforward, so making it easier to turn off manually would be beneficial. It would be good for any business to implement so they don't have to use a VPN. Security in today's age is important, and if a company can afford it, they should get it as it's the most valuable protection against threats.
View full review »Orca Security can improve the way that a customer can create auto-remediation without depending on support to do that. Perhaps creating one space to implement a script or to create the auto-remediation inside the platform without support would be beneficial.
View full review »The documentation for Orca Security could be improved. The compliance framework also needs enhancements, especially concerning integrations with other tools like ServiceNow's vulnerability modules, which are not as mature as expected.
It should also increase its capability to ingest data from other security tools like CloudSight for endpoint detection and provide real-time monitoring.
View full review »Orca needs improvement in snoozing or dismissing specific alarms. Currently, snoozing dismisses all future vulnerabilities related to a CVE. Another improvement is in handling alerts for multiple files with the same CVE; it should provide an option to manage each file separately without affecting others.
View full review »Orca Security could improve its ticket creation process. Currently, it allows for creating tickets in only one bucket, which requires monitoring to redirect tickets to the appropriate team. It would be beneficial to have segregation for different projects.
Additionally, Orca Security could improve in reporting OS package vulnerabilities, such as missing MS patches or Linux patches.
View full review »Orca Security can be improved as there should be some kind of central pane of glass. Similar to how cloud management works, Orca Security should have something comparable. They have something right now, but it is not fully developed. For example, if they have something similar to Palo Alto Panorama, it would be a great tool for their existing customers.
View full review »SS
Srinath Swarna
Works at Ultraviolet Cyber
A notable limitation with Orca Security is its scanning feature. The automatic scan only runs every 24 hours, and if an alert is remediated within an hour, it still remains until the next scheduled scan. A more frequent or on-demand scanning option might mitigate this issue.
View full review »I experienced some problems with custom tags in Orca Security where I tried to separate the environment for business units so I could ask the tech lead responsible for that vulnerability to fix them. I had some problems trying to add custom tags because they create one custom tag for all assets in our environment, and they don't have that feature well prepared for this kind of situation.
The scans you try to perform on the platform can take a very long time to complete. I didn't face any delay or lagging issues otherwise, but the scans take considerable time.
View full review »The company is managed by industry veterans. It's a cloud-based product. They handle misconfigurations and analyse your runtime to detect malware. They're at the forefront regarding developer security. The platform is vast, inundated with information. One can easily feel overwhelmed by the sheer volume of data.
The solution is very detail-oriented, which can be overwhelming for nontechnical people. On the other hand, understanding the security posture is very valuable for a technical person.
GT
GuilhermeTeles
Cloud Security Contractor at TripAdvisor
Maybe better customization options for security frameworks and better integration with reporting tools like Power BI or Grafana dashboards. Modularizing reports and dashboards would be fantastic. Simplifying the way users build custom frameworks would be good.
View full review »
I would say that there are some loading issues. Since this is a cloud-native platform, there may be a problem with connecting to the dashboard as soon as it's open. The interface can be a bit cranky and sometimes takes a lot of time to load. So, the way APIs are deployed for our dashboards or monitoring systems needs to be corrected and optimized.
In future releases, Orca Secure needs to have new integrations with different security solutions apart from the cloud. We have EDRs, XDRs, and MDRs. Orca Security should automate the process of connecting and integrating with these solutions. It can be an essential way of protecting the infrastructure in an effective manner.
View full review »The solution could improve by making the dashboards more elaborative and more descriptive.
The main drawback in an agentless approach is that if the solution detects a virus or malware in the environment, we need to manually remove it. But from my experience with other production environments, it's not straightforward to install agents in the hope they will automatically remediate viruses, even from production environments. If you make mistakes, you can cause huge damage to your environment and, when it comes to production, there is zero tolerance for errors. And realistically, you can't use the most important feature of an agent, which is the remediation, because remediating on production is not something that is easy to do.
Orca's agentless approach makes more sense. Even if you have an agent, it takes resources. In addition, you need to deploy, maintain, and update an agent, which amounts to a lot of unnecessary work. And lastly, while it's true that an agent sees more when compared with an agentless solution, the gap is very small.
In the end, to make sure that we progress and that our security level is increasing, we need to take action. Orca is only a detection tool. It shows you the problems, but you need to make sure that the problems are fixed. It's a fair trade-off because production is a different environment. It's not like endpoint security where the cost of ruining an endpoint is worth the risk. You would rather kill an endpoint than risk being infected with malware. But this is not the same approach for data center or cloud security.
Ultimately, the ability to auto-remediate is something that I would like to see.
View full review »With any security tool, there's always room for improvement. We were among the early adopters, and many of the major improvements that we were looking for have already been added. Right now, we're looking at what the other players in that space are offering and if it can be integrated into Orca. I had a discussion with Orca six months ago about implementing these features. But once you start customizing your tool for specific customers, it doesn't necessarily mean that it will match the needs of other customers, and you begin to branch out. In general, I think the Orca's roadmap is pretty well aligned to what we need today.
View full review »I would like to see an option to do security checks on a code level. This is possible because they have access to all of the code running in the cloud provider, and combining their site-scanning solution with that would be a nice add-on. This would guarantee our customers that whatever is running in their cloud production is secure on all layers.
It would be nice if this solution had the capability of fixing issues. As it is now, it only reports them. Having a button to patch a product, disable a service, or delete a VM would be nice. At this point, this is something they might not want to do because they are only doing audits rather than making changes. It is also something that would require having additional permissions, including write access using the API.
View full review »MH
Morey Haber
Chief Technology Officer & Chief Information Security Officer at BeyondTrust
In the future, I'd like to see Orca work better with third-party vendors. Specifically, being able to provide sanitized results from third parties.
I would like to see support for FedRAMP certification.
View full review »Orca could give me more alerts. It could give me a dashboard with all the specific types of alerts I want to see for the day. It should just be one click. This is one area where I feel Datadog is better. Datadog has something called Security Signals, where they give you a dashboard, and you can structure it by the day or specify a period. It just tells you the different security signals that have occurred with a very obvious risk designation by color. That makes it easier than Orca's current view. So I think Orca could improve its interface.
Another shortcoming of Orca is that it doesn't integrate with our particular non-standard ticketing system. So we have to finish developing an appropriate webhook for it. Other than that, it's integrated well with our identity provider and with our cloud environments.
View full review »TS
Ty Sbano
Chief Security & Trust Officer at SiSense
They can expand a little bit in anti-malware detection. While we have pretty good confidence that it's going to detect some of the static malware, some of the detections are heuristics. There could be a growth in the library from where they're pulling their information, but we don't get a lot of those alerts based on the design of our products. In general, that might be an area that needs to be filled since they offer it as a service within it.
View full review »As with all software, the user interface can always be made simpler to use. It would be helpful for people with very little knowledge, like somebody sitting behind the SOC, to allow them to be able to drill down into things a little bit easier than it is currently.
View full review »I would be happy if they offered more automatic remediation options. They're working on that, but the more the better. For example, if they want you to harden a server, they would offer a hardening script that would be more aware of what's going on.
I would also be happy if they added more and more coverage. The cloud itself is changing, with Amazon and Azure adding more and more capabilities. Orca is working really hard to meet the challenge, but the more they add, the better it is for me.
Another improvement would be that, in addition to focusing on endpoint compliance, they would focus on general compliance.
These are things that they're working on and their roadmap is very good. If they keep to the roadmap, I'm pretty sure they'll get to the places they want to get to. For instance, I really want them to add IAM permissions and they added that.
They know where they're going—they understand how to secure a cloud—and they keep growing in that direction.
One final suggestion I would add is for Orca to improve user education. A lot of times they have features and capabilities but they don't tell us about them. They don't even have a "What's New" newsletter. I have said to them, "Tell us what's going on. You've got a lot of cool stuff here. Why do I have to ask you? Let me know." If you have Google products, Google sends out a newsletter every week with new features. It's important to know that kind of information. It's also a marketing tool to let users know that they're constantly improving. Orca is constantly improving, but they don't always communicate that.
View full review »I'm thinking about room for improvement that is really grand, in terms of ways that may not be possible. I like to partner with innovators and that's why I partnered with Orca. I don't think what I have in mind is possible—but I didn't think Orca was possible either when I met them.
If they could disrupt the host intrusion detection space (HIDS) that would be huge. If I could have them assess risk in real-time—which does not seem possible from the block storage analysis perspective—and they could figure that out without an agent, there would be no need for other security tools except for CI/CD pipeline analysis.
I'm thinking about "omniscient" and "omnipresent." That's what Orca does from a resting state risk standpoint. It's the "all-seeing eye." If it could do that from an active state standpoint in real-time, or even to the second, minute, or hour, that would be big stuff. If they could crack that I don't know what would stop them from dominating the market completely.
On a more practical level, Orca doesn't work in data centers right now. If a company has a large data center footprint, Orca is not necessarily the best solution for that business. If 20 percent of my risk lies in the cloud, and 80 percent is in data centers, I should probably go with an agent-based solution, assuming I can deploy it.
View full review »Maybe the presentation of the data in the dashboard. It's a little bit chaotic. There is room for improvement.
View full review »Actually, it's not all clouds that they are currently onboarded with. For instance, they are not yet with public cloud and many other private clouds.
Therefore, there is room for improvement, and more private clouds should be added. For the private cloud, we need to install agents into the environment.
View full review »Buyer's Guide
Orca Security
June 2026
Learn what your peers think about Orca Security. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
904,054 professionals have used our research since 2012.






























