The standout part of Orca Security is the package approach. When they provide remediation or alerts, they also provide the exact path for a particular vulnerability or alert. They show us the specific path that needs to be fixed in order to remove the vulnerability or alert. They provide path information directly from the systems, so sometimes we don't need to log in directly and investigate ourselves. This feature is valuable, though there are occasional false positives, which is a normal part of security.

Regarding prioritization and assigning risk, Orca Security was good at analyzing risks contextually and holistically. As the tool and product mature, they will definitely announce new features. On a scale of ten, I would rate this around seven or eight. I have not given a ten because there are a few false positives and some areas where the product needs improvement on a regular basis. Sometimes they release the product, but modifications could still be required on their side.

It is good to prioritize risks with Orca Security because they are not only targeting the CVSS score but also the EPSS, which is the Exploit Prediction Scoring System. They monitor particular assets based on both approaches. On the CVSS side, they reference the National Vulnerability Database, and on the EPSS side, they target the Exploit Prediction Scoring System. So they are targeting both risk-based approaches as well as the CVSS approach.

View full review »

My experience with Orca Security is recent, as I used it about two months back while still in the previous organization, and I have recently switched jobs.

In my opinion, the best features of Orca Security are that it is very easy to deploy, primarily because it does not have agents, which are used in many other SIEM solutions or security solutions such as SentinelOne, Sentinel, Wazuh, or AlienVault. Those benefits include faster onboarding and reduced alert noise via intelligent prioritization. It also has better DevSecOps integrations with code scanning and SDLC visibility. The main advantages are that it is easy to set up with user-friendly dashboards, and the agentless design reduces operational friction. It also offers excellent visibility and exhaustive scanning of the cloud accounts, and Orca Security can be used on any cloud platform, whether it is AWS, Azure, GCP, or Oracle.

Using Orca Sensors has been beneficial since by default, Orca Security's cloud platform employs a side-scanning technology that connects cloud accounts via APIs. It offers workload block storage without needing to deploy a traditional agent on each workload. Orca Sensor is a lightweight sensor designed to supplement the agentless platform with runtime visibility. It uses EBPF for deep system-level observability, making it easy to deploy. The reason we use Orca Sensor is that it provides broad cloud-wide visibility and prioritized risk. Orca Sensor adds real-time monitoring and detects malicious behavior similar to other SIEM products. By using Orca Sensor, we can confirm if potential vulnerable code is executed in runtime. There are many features for Orca Sensors, as it fits into an agentless model, is easy to deploy via cloud APIs, and offers deep, real-time processing and network visibility.

Providing runtime visibility with Orca Sensor has been effective, as it complements Orca Security's core platform, which uses agentless side-scanning. This allows us to see what processes are running and detect real-time threats such as malware execution or privilege escalation. The hybrid approach lets organizations maintain agentless coverage for the entire cloud estate while applying deep runtime protection to critical workloads.

Prioritizing risks using Orca Security is generally easy and effective, especially compared to other tools I have used such as SentinelOne and Sentinel. Orca Security provides a risk score for everything, including attack path visualization and business impact context. This helps us propose risks while correlating multiple signals such as common CVEs and cloud misconfigurations. For example, a public EC2 instance with an admin IAM role running malicious scripts could be a critical risk. Compared to other cybersecurity tools, Orca Security's agentless architecture enhances its risk prioritization capabilities.

I have not seen many alerts in Orca Security during my tenure since the architecture was well-structured by our cybersecurity architect, leading to very few alerts. Some alerts were related to possibly malicious activity installed by our team or older versions of Java. However, I believe that Orca Security reduces alert volume because it combines vulnerability data into a unified view, speeding up cloud security workflow. It significantly reduces alert noise and accelerates alert handling by correlating risks with workloads, showing prioritized issues so the team can focus on remediation.

View full review »

I find Orca’s secret scanning and 'Shift Left' capabilities to be most valuable. The platform integrates directly into our GitHub and Azure DevOps pipelines, which allows us to automatically analyze pull requests for hardcoded passwords, API keys, and other sensitive credentials.

View full review »

What I love most about Orca Security is the easy integration with other tools. I really like it because it's very easy to integrate with other tools that are important for the company. It's already set up in the platform easily. I don't need to do unusual modifications or create a script. It's pretty easy to integrate these tools.

It is easy to prioritize risks using Orca Security because they have already been categorized. The severity of some risks is delivered from Orca Security, and I can set some kind of high-value asset designation. I can define what is a high-value asset or not. The attack paths also help me to understand the prioritization of the risks of these assets.

Orca Security has helped my company reduce the time it needs to address cloud security alerts and make it faster. When one critical risk or high risk is identified in my environment, I already receive notifications, even in email or in Teams, Slack, or any channel that is integrable to Orca Security. I receive a very fast notification to address the vulnerability and security issues to the teams.

View full review »

One of Orca Security's main features is its agentless architecture, enabling it to conduct cloud security gap analysis and vulnerability scans without installing agents. The tool offers visibility into attack paths and predicts potential impacts if an exploit occurs. Furthermore, it includes identity and risk access analysis, CIEM, and Kubernetes cluster scanning. The product integrates well with CI/CD pipelines for identifying IaC misconfigurations. I appreciate its side scanning and workload visibility, which is valuable for analysts involved in security posture management and audit evidence collection.

View full review »

The best features of Orca Security include automation and compatibility, which I really appreciate, and many of my clients value them as well. We have access to many features that differentiate this solution from other systems offering the same capabilities. For me, the most important aspect is how deeply you can investigate situations with this technology, including checking for leaks or similar issues.

In our opinion, Orca Sensor is the best solution available at the moment, and it significantly affects the visibility and protection of environments.

View full review »

Orca Security is a really strong product because it has a lot of different differentiators. Orca Security is based on agentless side scanning, so it has the ability to scan cloud workloads including virtual machines, containers, and serverless infrastructure all without installing any software or agents. This results in zero performance impact on production, which I think is the most important thing in the market share or in an eventual Gartner Quadrant.

Orca Security helps in preventing risks and attacks across the application lifecycles by scanning not only the apps in production, but also the apps or microservices in development. This provides complete visibility to your infrastructure.

View full review »

I appreciate Orca Security because I can see CSPM, KSPM, and DSPM. Orca Security works with major frameworks on security, such as NIST and CIS, allowing me to see comprehensive insights on my cloud environment. I appreciate the Orca Security CI/CD integration, the shift-left configuration, which helps me improve cloud maturity and DevSecOps maturity. From my perspective, Orca Security is a complete CNAPP platform with the most capabilities to work with cloud security.

View full review »

Orca Security's multi-tenant architecture helped the organization ensure consistent security coverage across different servers. Since we use different servers for our company, it helped balance out everything and work in a single environment. It helped localize everything in a comfortable way, which I really appreciated, because whenever we used different levels of our product, it helped us maintain things in a more comfortable way.

I assessed the effectiveness of Orca Security's content, malware prioritization system, and evaluated alerts based on severity and business impact, but I don't remember getting any alerts, which is presumably a good thing. The whole process of logging on, which is extensive in a good way, helped us maintain a high level of security with features such as two-step authentication. This created a sense of security when working from home or abroad.

View full review »

The GUI features are very good. Threat intelligence is also very good. 

View full review »

The best features of Orca Security include its ability to perform a lot of security controls without requiring any installation of agents, making it very easy to set up. This feature allowed us to replace a lot of tools with one comprehensive platform, enhancing our ability to consolidate the security footprint on a large scale. 

It provided us with visibility from a central point, increasing our view from the previous thirty percent to a full one hundred percent of our cloud environment. This comprehensive view facilitated improvements in our security posture.

View full review »

The vision related to security frameworks is very valuable for us, and we use that to be compliant with standards such as PCI DSS. The way to create dashboards is very useful for us as well.

It is easy for us to have one place to check things, and when we need to create some report for our teams or for another team, we use these compliance visuals to see what is compliant and what is not compliant.

View full review »

One of the valuable features of Orca Security is its design and options that allow flexible filtering and user-friendly visualization. 

Additionally, it covers a large scope of vulnerabilities, CVEs, malware, and misconfiguration. It also helps identify compliance issues in our cloud environments like AWS or GCP.

View full review »

One aspect that stands out is the seamless integration. Once our organization is configured, any cloud account under that organization is automatically detected in Orca Security, along with all the assets associated with it. 

Another valuable feature is the side scanning technology using a snapshot mechanism. This technology allows for coverage of almost all cloud assets without interrupting their operations.

View full review »

I find Orca Security's CIEM feature invaluable, as it focuses on entitlement and posture management, identifying assets with older OS versions, and asset misconfiguration. 

The CDR feature is also critical, focusing on detection and response, triggering alerts like brute force attacks and malware. It provides alert and asset details, which include multiple remediation actions. It combines functionalities of multiple security tools and collects alerts and logs from them.

View full review »

Orca Security has patented technologies. It's an agentless solution, so you don't need to install an agent. Instead, it contacts your account provider and fetches metadata, eliminating the need for snapshots or reserved space to copy client infrastructure.

The multi-cloud capability displays essential information and potential vulnerabilities with granular detail. For instance, it identifies paths that attackers might exploit to gain root or admin access to machines.

It is comprehensive, covering a wide range of software needs. They also integrate with CI/CD pipelines, enabling developers to ensure security from the early stages of code deployment. This integration provides a 100% guarantee on security, safeguarding images, configurations, and other crucial information throughout the development process.

View full review »

Orca Security is a very user-friendly platform. We were migrating from another technology to Orca Security, and my first contact with Orca was excellent for seeing and understanding our cloud environment. It was very intuitive for me to use the platform.

I really appreciated how Orca Security uses AI. It was easier for me to explain to developers what they should fix. Sometimes it also has an auto-fix feature where AI provides the steps to fix that vulnerability. From an AppSec point of view, this is something that has been a game changer for me.

View full review »

The reporting and automated remediation capabilities are valuable to me. They're real game-changers. View full review »

The most valuable feature of Orca Security is the automated scanning tool, user-friendliness, and ease of use.

View full review »

Orca gives you great visibility into your assets. It shows you the issues and the things that you need to attend to first, by prioritizing things. You can see a lot of information that is not always visible, even to DevOps, to help you know about the machines and their status. It's very easy to see everything in a single dashboard. That makes it a very useful tool.

The fact that it prioritizes vulnerabilities and findings, and doesn't present you with hundreds of unuseful findings, is important. They focus the information and make you concentrate on the high-priority items. This is something that differentiates it from the others.

They also now have the ability to filter findings based on best practices, like CIS, PCI, and even GDPR. That means you can filter your environment based on a specific filter, and that helped us when doing our PCI audit. We were able to show the auditors what our environment looks like from a PCI perspective. That's another great feature that it offers.

It's also very easy to use, very intuitive, and very detailed.

Another new feature shows you outliers and abnormalities for IAMs and access. It focuses on users with too many permissions and provides you with recommendations on what to do as a result.

There is a feature that searches for secrets on your infra and what can be done with those secrets.

You can also do very complex search queries to find assets that you think may be relevant. For example, searching for Log4g references in the infrastructure was very easy.

I also like the fact that the solution includes the most potentially painful parts, out-of-the-box, like malware and secrets scans, IAM, attack vectors, and benchmarks against CIS and other best practices. That full suite is something that every security professional needs. It solves the issue of having to run multiple tools, such as a vulnerability scanner, a secrets scanner, and a role management/permission/authorization tool that searches for abnormalities. I think it's a no-brainer, given that it runs everything, and you don't need to pick and choose anything. Everything comes out-of-the-box and is very easy to use, plug-and-play, and you get an instant view of things on the dashboard.

View full review »

We like that Orca is continuously monitoring our environment. When you open the tool, you instantly get an overview of your current state of affairs. You see everything happening across your multi-cloud environment in one view. When you're working on GCP or Azure, and you also have some other elements within AWS, it isn't easy to have a tool that spans all these cloud environments. It's great to have a single dashboard that puts all your cloud environments at your fingertips.

Orca tool spans all our environments and gives us a compliance report. It can tell us where there are vulnerabilities within our environment and provide us with access to the logs of specific assets.

View full review »

The compliance dashboard is one of the features that our customers find very interesting. Instead of having to run checklists and provide access to auditors, you can just generate a report from Orca.

The automation and alerting capabilities are very good. When there is a new vulnerability or a new issue, you can get an automated alert in Microsoft Teams or in Slack.

The visibility that Orca gives into the environment is really in-depth because of their site-scanning technology. They provide full visibility into everything running in the cloud environment. They can look at virtual machines; they can look at serverless; they can look at the configuration of users and roles. They can also see, for example, that a specific administrative user has no multifactor authentication configured. It covers the full stack and not only one specific item.

The alerting capabilities are now being added, which is a very good evolution.

The integration with SIEM tools is now in place, which is a nice feature.

View full review »

The most valuable features are vulnerability management and attack detection.

The vulnerability management does not require network scanning or agent technology, so I don't need to modify any of my products in order to do vulnerability assessments.

The monitoring of logs and attack scenarios are basically hands-free. It's a non-intrusive approach.

View full review »

Orca's dashboard is excellent. My team needs to be able to focus on specific areas for improvement in our cloud environment. Most recently, we've started to get good use out of sonar, the search capabilities, and the alert creation. We plan on using that to automate notifications and remediations. So we have high hopes for that, but we haven't used much of that yet.

The visibility Orca provides is excellent. Orca allows agentless data collection directly from the cloud, so I assume there is no performance impact. It's important for a product not to get in the way of performance, but it's not my biggest concern. I mainly care about coverage. It was important for us to have a SaaS solution, but it wasn't critical. We prefer not to manage a service ourselves, so it matters.

View full review »

With its Cloud Security Posture Management capability, we have the ability to read across all of our cloud-based environments, which includes AWS and Azure. We have visibility into those environments. Seeing all vulnerabilities and configurations is really powerful for us, but ultimately, the ability to use the API to query across the fleet to understand what is the current state, what is the patch level, which ones are potentially exposed for a new CVE that just came out is even more valuable. It allows us to gather really specific intelligence through simple queries.

Given the agentless deployment, its time-to-value is less than 24 hours. It took less than 24 hours, and we had intelligence and insight. Ultimately, it is getting access to the API, and then from there, it is about getting the side channel scanning going on. Once that is complete, the real-time proprietary nature of new assets pops up. We also have the visibility if an old asset has been sitting out there unused for a really long time.

View full review »

Orca provides X-ray vision into everything within the cloud properties, whereas normally, this would require multiple tools. As an analogy, for on-premises equipment, you would need different tools to be able to see the performance of a system, determine what versions of software applications are installed, and look at the security. You would need yet another one to give you a holistic view of all of the hardware inside of the system.

From this one platform, we can get visibility right down into the hardware through all of the applications, and through the operating system. One application provides an entire view of our security. Gartner coined the name Cloud-Native Application Protection Platform, in reference to this product, because Orca created did not exist previously. Orca literally invented a whole new way to view security in the cloud.

Because the interface is so simple, you don't need people that have tons of experience. You can take a lower-level person and give them basic instructions on what to watch for. If anything comes up with a high-level or medium-level alert, then they have to contact somebody else. It's literally that easy.

View full review »

Orca's SideScanning is the biggest feature. It's the "wow" factor. There are a few other solutions with that kind of functionality, but before Orca, nobody would do it. They would say, "You just have to put an agent somewhere, and we have to read your logs," and there was a lot of overhead and you had to make sure you kept these requirements happening. You always had to configure things to work. With Orca's SideScanning, they just need permissions for your account and that makes it so simple. It just works. And you get the insights that are super important.

Another valuable feature with Orca, something that's not talked about enough, is its ability to rank your gaps and your tasks. The one resource that's very finite is your engineers' time. Every CISO has the same problem: they have engineers, but not enough of them, and their engineers don't have enough time. Because of these limitations, the engineers need to focus on the most important tasks, and they need help to do that. The fact that Orca can take something that looks like a 10 out of 10, a critical CVE, and say, "Wait a second. It's not that important, because of A, B, C, D, E, and F reasons. You can delay it for your next patching cycle. But this issue, the one that's only a CVE 7, is explosive on the internet." That kind of ranking is super important because of the limited resources and time. I need to make sure that everybody is focused on the most important things. The ability to see that, seamlessly, along with the ranking, makes Orca a very good product.

One thing that has been really surprising to me is its ability to give us container posture. Everybody is talking about containers and there are so many container-specific companies. At one point we were wondering if we needed a container solution. We talked to Orca and started testing what's out there, and we were surprised to see that Orca is very strong in containers as well, including Kubernetes and Docker. The way they see it, it all has to do with your posture and how secure you are. That's their goal: that you will have the most secure cloud possible, based on best practices.

The fact that it's a cloud solution is also important. In the same way that I'm happy that Amazon maintains data centers and I don't have to, and that a lot of my solutions are maintained by their engineers, Orca allows my team to focus on more relevant tasks. I don't want anything on-prem. I don't want my team to deal with anything if they don't have to. Anything that would require in-house maintenance for us, is a no-go. The only admin with Orca is when you have a new account or there is a change to your account. You have to configure the Orca with it, but you can run an automation that helps you out with it.

Orca is also very good at keeping our data safe and masking it and not picking anything they don't need to pick. In that sense, it's also good.

View full review »

The visibility Orca provides into my environment is at the highest level. I was super skeptical about Orca when I interviewed the Orca team. When they told me that you can just drop their software in and you don't need to log in to the machines, nor do they need to be powered on, I said, "How the heck are you doing that?" When they told me how it worked I said, "Woah, that's pretty simple. Why didn't I think of that?" When I dropped them into the environment, from the very get-go I had more insight into the risks in my environment than I had had during the entire two and a half years I had been here.

View full review »

One of the most valuable aspects is the agentless feature. Orca Security doesn't use agents at all.

View full review »

Recently, Orca Security has updated its interface, making it more user-friendly. I find it particularly useful as it allows me to easily navigate the dashboard and prioritize actions based on severity and criticality. 

This feature makes it easy for me to look at prototypes and determine the necessary steps to take, focusing on critical issues first. I love the interface dashboard.

View full review »