Our use case is very simple. Orca Security is used to monitor and have control over your client's cloud environment, specifically the CP-CFPM.
Orca Security CNAPP Cloud Security Platform
Orca Security CNAPPExternal reviews
228 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Easy on-boarding, massively effective
What do you like best about the product?
Orca is super-easy to set up, being agentless - and their engagement managers are very helpful. Once on, it shines - the whole landscape of attack surface-related issues are "in your face", easy to comprehend and address. It integrates with Jira in just a few clicks, it allows adding people and providing necessary visibility easily, and UX is really slick and useful
What do you dislike about the product?
Its pricing model is based on VMs - which is not only outdated in the world of highly containerized and vertical serverless cloud configurations, but also impedes effective deployment on large legacy accounts with many VMs on them. Granted, Orca folks makes all they can easy, being flexible and helpful, but if there is one thing I dislike about Orca, it is this pricing model
What problems is the product solving and how is that benefiting you?
It is a really good "one click" security posture evaluation tool - immediately showing the wealth of issues related to attack surface, as they propagate through enterprise tech landscape tiers
The best multi-purpose Cloud Security Posture Management out there.
What do you like best about the product?
Very easy to configure and get start with.
Excellent support for the 3 main Cloud providers.
They invested a lot in their product and it is incredibly more extensive than it was a couple years ago.
The pricing is relatively reasonable for smaller organizations.
Excellent Customer Success and Executive Teams.
The flexibility of its API, Sonar Queries and automations.
The full revamp of the Discovery feature has been impressive.
So many new perks have been keep coming up as part of the Premium plan: Shifleft, DSPM, API security, ThreatOptix.
The support is incredibly quick even during weekend. I've in all honesty never experienced a vendor as prompt as Orca to support their customers.
Excellent support for the 3 main Cloud providers.
They invested a lot in their product and it is incredibly more extensive than it was a couple years ago.
The pricing is relatively reasonable for smaller organizations.
Excellent Customer Success and Executive Teams.
The flexibility of its API, Sonar Queries and automations.
The full revamp of the Discovery feature has been impressive.
So many new perks have been keep coming up as part of the Premium plan: Shifleft, DSPM, API security, ThreatOptix.
The support is incredibly quick even during weekend. I've in all honesty never experienced a vendor as prompt as Orca to support their customers.
What do you dislike about the product?
I'm still waiting for a dark mode since the UI change.
Automations don't use Sonar querying language yet.
Could be interesting to have a Terraform module to manage configurations.
The new pricing model is a bit confusing.
Automations don't use Sonar querying language yet.
Could be interesting to have a Terraform module to manage configurations.
The new pricing model is a bit confusing.
What problems is the product solving and how is that benefiting you?
Before Orca we didn't have visibility on the vulnerabilities and configuration issues of our Cloud environment. Orca addressed one of our big compliance gap in a couple days and could easily be customized to our needs in a few weeks.
The tool was easy to use and implement with useful console.
What do you like best about the product?
Easy to use console. Ease of ingesting accounts, granular access control
What do you dislike about the product?
Changing of vulnerability classifcations.
What problems is the product solving and how is that benefiting you?
Centralize view of cloud environments including vulnerabilities.
Highly scalable and stable solution with good support
What is our primary use case?
What is most valuable?
One of the most valuable aspects is the agentless feature. Orca Security doesn't use agents at all.
What needs improvement?
Maybe the presentation of the data in the dashboard. It's a little bit chaotic. There is room for improvement.
For how long have I used the solution?
I have been using Orca Security for one and a half years.
What do I think about the stability of the solution?
I would rate the stability a ten out of ten. I never faced any problem with stability. Our client base is more SMB.
What do I think about the scalability of the solution?
I would rate the scalability a ten out of ten. It can easily scale and control a huge environment comprising thousands of VMs.
How are customer service and support?
The support is very good.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is very easy. We have deployed the solution on the public cloud. However, there is a roadmap, a feature to deploy also in private environments and on-prem environments.
What about the implementation team?
The deployment process takes at least an hour. To onboard, the process is very smooth. You have to collect some information from your cloud environment, specifically as an admin user of your cloud subscription. Then, you have to follow a three-step process inside the Orca platform because Orca will automatically create all the policies and data needed to onboard your subscription.
What's my experience with pricing, setup cost, and licensing?
Orca Security is cheaper compared to other solutions in the same space.
What other advice do I have?
I would recommend trying this solution once, at least for a month. It is a very good product.
Overall, I would rate the solution a ten out of ten.
Which deployment model are you using for this solution?
Public Cloud
Great Visibility
What do you like best about the product?
Plethora of information and visibility into our cloud environment.
What do you dislike about the product?
Managing roles, groups and permissions could be better. Search functionality could be improved.
What problems is the product solving and how is that benefiting you?
Solving our need for visibility into our increasing cloud environment.
Orca is great tool for cloud security
What do you like best about the product?
Orca provides visibility to my environment, is easy to onboard, and is a genuinely cloud-native solution.
What do you dislike about the product?
It's almost near real-time results. I hope in future; it can produce real-time results.
What problems is the product solving and how is that benefiting you?
Orca helps my organisation solve asset discovery and management in multi-cloud platforms. It also provides rich vulnerability insight for my organisation to fix and improve.
User-friendly and efficiently identifies and addresses internal vulnerabilities
What is our primary use case?
I've been working on this cloud security platform for the past one and a half years. Essentially, we focus on checking different components of AWS and Azure.
We check over containers, instances, and various other elements running in the cloud. Our work is specifically designed for the cloud environment. We identify and address internal vulnerabilities across applications and operating systems which we are using in the cloud.
If there are any patch management requirements, we ensure they are done across different applications and even API interfaces.
In summary, our goal is to maintain security settings across the cloud infrastructure, such as AWS and Azure, used by our company. We connect with the DevSecOps team to actively work on securing the cloud environment and remediate vulnerabilities. We make sure incidents are properly handled, and necessary updates are implemented without causing disruptions. To facilitate communication, we use SMS for incident closure. This has been our focus for the past year.
How has it helped my organization?
Previously, we had a hybrid model where we used both physical devices and VMs across the cloud to manage enterprise security solutions. With Orca Security, we have a specific solution that allows us to monitor internal vulnerabilities and the most exploitable ones across the cloud. This platform is dependable and includes a powerful AI engine that we are currently using.
It helps us identify and address vulnerabilities early on, including CPU weaknesses and other variations. Additionally, it provides remediation guidance and facilitates patching and updates. Furthermore, it gathers threat intelligence, which is beneficial during incidents.
What is most valuable?
Recently, Orca Security has updated its interface, making it more user-friendly. I find it particularly useful as it allows me to easily navigate the dashboard and prioritize actions based on severity and criticality.
This feature makes it easy for me to look at prototypes and determine the necessary steps to take, focusing on critical issues first. I love the interface dashboard.
What needs improvement?
I would say that there are some loading issues. Since this is a cloud-native platform, there may be a problem with connecting to the dashboard as soon as it's open. The interface can be a bit cranky and sometimes takes a lot of time to load. So, the way APIs are deployed for our dashboards or monitoring systems needs to be corrected and optimized.
In future releases, Orca Secure needs to have new integrations with different security solutions apart from the cloud. We have EDRs, XDRs, and MDRs. Orca Security should automate the process of connecting and integrating with these solutions. It can be an essential way of protecting the infrastructure in an effective manner.
For how long have I used the solution?
I have been using Orca Security for the last two years.
What do I think about the stability of the solution?
I would rate the stability of Orca Secure a nine out of ten.
What do I think about the scalability of the solution?
I would rate the scalability of Orca Secure a nine out of ten.
What about the implementation team?
We directly bought this product from Orca Security itself, so we did not use any third party to install or deploy it.
What was our ROI?
What's my experience with pricing, setup cost, and licensing?
The price is a bit expensive for smaller organizations. It can be expensive for smaller organizations, but if you are managing your infrastructure in the cloud, it's definitely worth trying.
We have certain subscriptions and licenses for around a thousand instances deployed across the cloud. We purchased the subscriptions for the necessary devices we are running. It has cost us a lot.
What other advice do I have?
I would definitely recommend using Orca Secure. It's a very good cloud security platform. Apart from what I've seen, it has a really extensive dashboard and analysis capabilities. It picturizes actual vulnerabilities and provides guidance for remediation. It's a valuable cloud security evaluation tool, and I would suggest it as the first thing to learn.
Overall, I would rate the solution a solid nine out of ten.
Instant on cloud security platform
What do you like best about the product?
I have been using Orca Security for the last couple of months and am very impressed with its capabilities and performance while being agentless.
It's incredible that it gives me 100% visibility into my or customers' cloud environments quickly and helps me detect and fix misconfigurations, vulnerabilities, malware, and compliance issues.
The dashboard shows me the most critical risks and compliance issues at a glance. The alerts are prioritized based on severity, accessibility, and business impact.
It's incredible that it gives me 100% visibility into my or customers' cloud environments quickly and helps me detect and fix misconfigurations, vulnerabilities, malware, and compliance issues.
The dashboard shows me the most critical risks and compliance issues at a glance. The alerts are prioritized based on severity, accessibility, and business impact.
What do you dislike about the product?
The only improvement I can think of for Orca Security is expanding its coverage to more cloud platforms and services.
What problems is the product solving and how is that benefiting you?
Agentless collection of data eliminates coverage gaps, vulnerability management for cloud, access to regulatory compliance frameworks to help prioritize risks, and continuous monitoring of the cloud estate.
Orca provides an amazing Cybersecurity insights instantaneously easily.
What do you like best about the product?
Easy to onboard to our existing clouds with an agentless approach. Very comprehensive on the Cybersecurity threats and vulnerabilities with daily updates. Comes with the recommended resolution for immediate action.
What do you dislike about the product?
No support for on-premise and private cloud workloads. Unable to automatically detect Windows ESU available on Azure. License costs cannot be reduced as workloads are optimised.
What problems is the product solving and how is that benefiting you?
The solution provides instant insights into the Cybersecurity landscape of our Cloud infrastructure and how to remediate vulnerabilities easily. We immediately see benefits within 30 days to reduce more than 30% of the threats and vulnerabilities within the organisation.
ORCA Security: Empowering Organizations with Simplified Cloud Intelligence and Risk Visibility
What do you like best about the product?
By leveraging ORCA Security, our collaboration with the DevOps Team has significantly improved. This streamlined solution allows security engineers to seamlessly share relevant findings, leading to more efficient remediation processes. With ORCA, we have successfully eliminated organizational hurdles between DevOps and Security teams, promoting a smoother and more effective working relationship.
What do you dislike about the product?
The User Interface occasionally experiences slower loading times, requiring some patience. There is room for improvement in the scanning capabilities, particularly in terms of providing more automated remediation for certain alerts. Integrating the ability to auto-remediate with Orca would be a valuable addition and enhance the overall user experience.
What problems is the product solving and how is that benefiting you?
Orca's deep visibility across AWS, Azure, and other cloud environments, Orca maximizes its comprehensive view to establish a robust risk management approach. Its advanced capabilities efficiently detect vulnerabilities, security misconfigurations, and compliance violations across various cloud workloads, including containers and VMs. By effectively prioritizing urgent alerts and minimizing alert fatigue, the Orca platform empowers security teams to take proactive measures and prevent potential threats.
showing 111 - 120