Orca Security Valuable Features

JJ
CISO at Lemonade Inc.

Orca's dashboard is excellent. My team needs to be able to focus on specific areas for improvement in our cloud environment. Most recently, we've started to get good use out of sonar, the search capabilities, and the alert creation. We plan on using that to automate notifications and remediations. So we have high hopes for that, but we haven't used much of that yet.

The visibility Orca provides is excellent. Orca allows agentless data collection directly from the cloud, so I assume there is no performance impact. It's important for a product not to get in the way of performance, but it's not my biggest concern. I mainly care about coverage. It was important for us to have a SaaS solution, but it wasn't critical. We prefer not to manage a service ourselves, so it matters.

View full review »
MK
Information Security Engineer at a educational organization with 10,001+ employees

Recently, Orca Security has updated its interface, making it more user-friendly. I find it particularly useful as it allows me to easily navigate the dashboard and prioritize actions based on severity and criticality. 

This feature makes it easy for me to look at prototypes and determine the necessary steps to take, focusing on critical issues first. I love the interface dashboard.

View full review »
GT
Cloud Security Contractor at TripAdvisor
The reporting and automated remediation capabilities are valuable to me. They're real game-changers. View full review »
Buyer's Guide
Cloud Security Posture Management (CSPM)
March 2024
Find out what your peers are saying about Orca Security, Wiz, Palo Alto Networks and others in Cloud Security Posture Management (CSPM). Updated: March 2024.
765,234 professionals have used our research since 2012.
Shahar Geiger Maor - PeerSpot reviewer
CISO at a recruiting/HR firm with 11-50 employees

Orca gives you great visibility into your assets. It shows you the issues and the things that you need to attend to first, by prioritizing things. You can see a lot of information that is not always visible, even to DevOps, to help you know about the machines and their status. It's very easy to see everything in a single dashboard. That makes it a very useful tool.

The fact that it prioritizes vulnerabilities and findings, and doesn't present you with hundreds of unuseful findings, is important. They focus the information and make you concentrate on the high-priority items. This is something that differentiates it from the others.

They also now have the ability to filter findings based on best practices, like CIS, PCI, and even GDPR. That means you can filter your environment based on a specific filter, and that helped us when doing our PCI audit. We were able to show the auditors what our environment looks like from a PCI perspective. That's another great feature that it offers.

It's also very easy to use, very intuitive, and very detailed.

Another new feature shows you outliers and abnormalities for IAMs and access. It focuses on users with too many permissions and provides you with recommendations on what to do as a result.

There is a feature that searches for secrets on your infra and what can be done with those secrets.

You can also do very complex search queries to find assets that you think may be relevant. For example, searching for Log4g references in the infrastructure was very easy.

I also like the fact that the solution includes the most potentially painful parts, out-of-the-box, like malware and secrets scans, IAM, attack vectors, and benchmarks against CIS and other best practices. That full suite is something that every security professional needs. It solves the issue of having to run multiple tools, such as a vulnerability scanner, a secrets scanner, and a role management/permission/authorization tool that searches for abnormalities. I think it's a no-brainer, given that it runs everything, and you don't need to pick and choose anything. Everything comes out-of-the-box and is very easy to use, plug-and-play, and you get an instant view of things on the dashboard.

View full review »
MH
Chief Technology Officer & Chief Information Security Officer at BeyondTrust

The most valuable features are vulnerability management and attack detection.

The vulnerability management does not require network scanning or agent technology, so I don't need to modify any of my products in order to do vulnerability assessments.

The monitoring of logs and attack scenarios are basically hands-free. It's a non-intrusive approach.

View full review »
EG
Co-founder at a tech services company with 1-10 employees

The compliance dashboard is one of the features that our customers find very interesting. Instead of having to run checklists and provide access to auditors, you can just generate a report from Orca.

The automation and alerting capabilities are very good. When there is a new vulnerability or a new issue, you can get an automated alert in Microsoft Teams or in Slack.

The visibility that Orca gives into the environment is really in-depth because of their site-scanning technology. They provide full visibility into everything running in the cloud environment. They can look at virtual machines; they can look at serverless; they can look at the configuration of users and roles. They can also see, for example, that a specific administrative user has no multifactor authentication configured. It covers the full stack and not only one specific item.

The alerting capabilities are now being added, which is a very good evolution.

The integration with SIEM tools is now in place, which is a nice feature.

View full review »
TS
Chief Security & Trust Officer at SiSense

With its Cloud Security Posture Management capability, we have the ability to read across all of our cloud-based environments, which includes AWS and Azure. We have visibility into those environments. Seeing all vulnerabilities and configurations is really powerful for us, but ultimately, the ability to use the API to query across the fleet to understand what is the current state, what is the patch level, which ones are potentially exposed for a new CVE that just came out is even more valuable. It allows us to gather really specific intelligence through simple queries.

Given the agentless deployment, its time-to-value is less than 24 hours. It took less than 24 hours, and we had intelligence and insight. Ultimately, it is getting access to the API, and then from there, it is about getting the side channel scanning going on. Once that is complete, the real-time proprietary nature of new assets pops up. We also have the visibility if an old asset has been sitting out there unused for a really long time.

View full review »
Mauro Restante - PeerSpot reviewer
Cybersecurity Customer Service Manager and Technical Account Manager at Cybersel

One of the most valuable aspects is the agentless feature. Orca Security doesn't use agents at all.

View full review »
NR
CISO at a media company with 201-500 employees

Orca's SideScanning is the biggest feature. It's the "wow" factor. There are a few other solutions with that kind of functionality, but before Orca, nobody would do it. They would say, "You just have to put an agent somewhere, and we have to read your logs," and there was a lot of overhead and you had to make sure you kept these requirements happening. You always had to configure things to work. With Orca's SideScanning, they just need permissions for your account and that makes it so simple. It just works. And you get the insights that are super important.

Another valuable feature with Orca, something that's not talked about enough, is its ability to rank your gaps and your tasks. The one resource that's very finite is your engineers' time. Every CISO has the same problem: they have engineers, but not enough of them, and their engineers don't have enough time. Because of these limitations, the engineers need to focus on the most important tasks, and they need help to do that. The fact that Orca can take something that looks like a 10 out of 10, a critical CVE, and say, "Wait a second. It's not that important, because of A, B, C, D, E, and F reasons. You can delay it for your next patching cycle. But this issue, the one that's only a CVE 7, is explosive on the internet." That kind of ranking is super important because of the limited resources and time. I need to make sure that everybody is focused on the most important things. The ability to see that, seamlessly, along with the ranking, makes Orca a very good product.

One thing that has been really surprising to me is its ability to give us container posture. Everybody is talking about containers and there are so many container-specific companies. At one point we were wondering if we needed a container solution. We talked to Orca and started testing what's out there, and we were surprised to see that Orca is very strong in containers as well, including Kubernetes and Docker. The way they see it, it all has to do with your posture and how secure you are. That's their goal: that you will have the most secure cloud possible, based on best practices.

The fact that it's a cloud solution is also important. In the same way that I'm happy that Amazon maintains data centers and I don't have to, and that a lot of my solutions are maintained by their engineers, Orca allows my team to focus on more relevant tasks. I don't want anything on-prem. I don't want my team to deal with anything if they don't have to. Anything that would require in-house maintenance for us, is a no-go. The only admin with Orca is when you have a new account or there is a change to your account. You have to configure the Orca with it, but you can run an automation that helps you out with it.

Orca is also very good at keeping our data safe and masking it and not picking anything they don't need to pick. In that sense, it's also good.

View full review »
Rooshan Naeem - PeerSpot reviewer
Security Engineer at Eon Health

The most valuable feature of Orca Security is the automated scanning tool, user-friendliness, and ease of use.

View full review »
JR
CISO at a tech services company with 501-1,000 employees

The visibility Orca provides into my environment is at the highest level. I was super skeptical about Orca when I interviewed the Orca team. When they told me that you can just drop their software in and you don't need to log in to the machines, nor do they need to be powered on, I said, "How the heck are you doing that?" When they told me how it worked I said, "Woah, that's pretty simple. Why didn't I think of that?" When I dropped them into the environment, from the very get-go I had more insight into the risks in my environment than I had had during the entire two and a half years I had been here.

View full review »
MM
Chief Risk Officer at a financial services firm with 51-200 employees

Orca provides X-ray vision into everything within the cloud properties, whereas normally, this would require multiple tools. As an analogy, for on-premises equipment, you would need different tools to be able to see the performance of a system, determine what versions of software applications are installed, and look at the security. You would need yet another one to give you a holistic view of all of the hardware inside of the system.

From this one platform, we can get visibility right down into the hardware through all of the applications, and through the operating system. One application provides an entire view of our security. Gartner coined the name Cloud-Native Application Protection Platform, in reference to this product, because Orca created did not exist previously. Orca literally invented a whole new way to view security in the cloud.

Because the interface is so simple, you don't need people that have tons of experience. You can take a lower-level person and give them basic instructions on what to watch for. If anything comes up with a high-level or medium-level alert, then they have to contact somebody else. It's literally that easy.

View full review »
FB
CISO at a financial services firm with 51-200 employees

We like that Orca is continuously monitoring our environment. When you open the tool, you instantly get an overview of your current state of affairs. You see everything happening across your multi-cloud environment in one view. When you're working on GCP or Azure, and you also have some other elements within AWS, it isn't easy to have a tool that spans all these cloud environments. It's great to have a single dashboard that puts all your cloud environments at your fingertips.

Orca tool spans all our environments and gives us a compliance report. It can tell us where there are vulnerabilities within our environment and provide us with access to the logs of specific assets.

View full review »
Buyer's Guide
Cloud Security Posture Management (CSPM)
March 2024
Find out what your peers are saying about Orca Security, Wiz, Palo Alto Networks and others in Cloud Security Posture Management (CSPM). Updated: March 2024.
765,234 professionals have used our research since 2012.