External reviews
228 reviews
from
and
External reviews are not included in the AWS star rating for the product.
I like it how it detects and priorities range of security risks, vulnerability and malware
What do you like best about the product?
It detects and prioritizes a range of security risks, vulnerabilities, malware, and miss configuration.. it makes it easy for us to track things. it makes it easy for us to track things and prioritize things..and solve things according to the staff whose domain is. I love this software login is easy no need to manage anything everything is managed by other staff and they don't interact with production they take a copy of it and do their testing so our environment doesn't have a load for other tasks. security is our main concern which it solves pretty nicely. and if we have any issue staff is very active and supportive they help us to understand the issue and also help us to resolve it. triggering alerts and seeing reports on a basis that helps us track down the issue. I also love how they come forward and gave KT to all our staff so we can understand the tools or product. I used this for cloud compliances, cloud workload protection, vulnerability scanning, and cloud security posture. I would love to share these tools and give a review of them. from my side, the recommendation is ten on ten. hoping these reviews might help lots of buyers or customers to use these tools. there are other kinds of stuff in these tools that might help like a Different kind of dashboard. i only dislike that the Checking the file that is compromised or miss configurated is hard to see in the dashboard and I'm still not clear about whether it uses sonarqube or just sonar query. there are lots of component which makes it hard to understand or rem berthings
What do you dislike about the product?
Checking the file that is compromised or miss configurated is hard to see in the dashboard and I'm still not clear about whether it uses sonarqube or just sonar query. there are lots of component which makes it hard to understand or rem berthings
What problems is the product solving and how is that benefiting you?
It detects and prioritizes a range of security risks, vulnerabilities, malware, and miss configuration.. it makes it easy for us to track things. it makes it easy for us to track things and prioritize things..and solve things according to the staff whose domain is. I love this software login is easy no need to manage anything everything is managed by other staff and they don't interact with production they take a copy of it and do their testing so our environment doesn't have a load for other tasks. security is our main concern which it solves pretty nicely. and if we have any issue staff is very active and supportive they help us to understand the issue and also help us to resolve it. triggering alerts and seeing reports on a basis that helps us track down the issue. I also love how they come forward and gave KT to all our staff so we can understand the tools or product. I used this for cloud compliances, cloud workload protection, vulnerability scanning, and cloud security posture. I would love to share these tools and give a review of them. from my side, the recommendation is ten on ten. hoping these reviews might help lots of buyers or customers to use these tools. there are other kinds of stuff in these tools that might help like a Different kind of dashboard. i only dislike that the Checking the file that is compromised or miss configurated is hard to see in the dashboard and I'm still not clear about whether it uses sonarqube or just sonar query. there are lots of component which makes it hard to understand or rem berthings
More than adequate overview of cloud asset details. responsive support crew.
What do you like best about the product?
the Swagger api tool on the Orca ui is useful for testing api calls, and the api support team is on the ball for api support matters. the company is constantly looking for ways to improve its product, and does implement its ideas rapidly, and effectively. the csv export feature on nearly all pages is very useful. Using the orca api, and with a moderate amount of preparation, implementation of a robust, and automatically populated, db of the orca findings can be accomplished. This can be useful for the purposes of vuln instance detection and historical trending without having to log in to the ui.
What do you dislike about the product?
the ui, itself, is cluttered, and it is often difficult to find what you need. initially it was difficult to match cve's to assets, when using the api, but I believe Orca worked that out.
What problems is the product solving and how is that benefiting you?
It benefits us to have a one-stop-shop for visibility into our cloud assets.
great visibility for cloud security
What do you like best about the product?
very clear and understandable dashboard and interface, great insights into our cloud infrastructure security gaps (that can also be remedied directly from the Orca platform), great support.
the initial onboarding (connecting our systems) was extremely easy and fast.
the initial onboarding (connecting our systems) was extremely easy and fast.
What do you dislike about the product?
nothing yet. we haven't been using it that long..
What problems is the product solving and how is that benefiting you?
allows us to get a clear view of our security gaps on the cloud and fix them. gaps are labeled with severity so we can fix the important things first, alerts have detailed explanations so can fix them quickly.
Orca Security is an excellent tool. Very intuitive and effective.
What do you like best about the product?
The ease of use of the tool. It is very helpful.
What do you dislike about the product?
So far, I have nothing to say. Orca Security is a good tool
What problems is the product solving and how is that benefiting you?
Orca Security identifies, prioritizes and remediates security risks. It is providing better security for my company.
Very complete and easy to use security tool
What do you like best about the product?
The most helpful about orca is the ease of use, configuration and integrate with other tools. It gives a lot of visibility both as an inventory and security tool.
What do you dislike about the product?
Some security alerts need a deeper analysis to be helpful. For example, Guardduty alerts are redundant with the Guardduty alert itself, it generates more workload, and the information is practically the same.
What problems is the product solving and how is that benefiting you?
Orca is solving vulnerability scanning in the cloud, it is up to date with the latest CVEs and it is very easy to integrate with our ticketing platform to report to the correspondent teams.
An invaluable tool for taming our cloud estate
What do you like best about the product?
When we started using Orca, our cloud estate was in disarray. Our developers had run wild. Before making a run at a disciplined environment, our users had tinkered and deployed in their individual accounts and in our shared production environment. After a couple of years of wild growth, we were introduced to Orca. After an incredibly easy setup, Orca immediately brought into focus how seriously exposed some of our assets were. We were able to address these quickly. We even caught a live breach in our sandbox environment during our evaluation period!
So the best part of Orca is the tool itself, its ease of use and detail. But a close second is the people behind it. Our cadence calls keep us informed and give us a chance to provide feedback and ask questions -- to which there are always fast answers. In our case, these have led to a few product improvements that have made Orca even better.
So the best part of Orca is the tool itself, its ease of use and detail. But a close second is the people behind it. Our cadence calls keep us informed and give us a chance to provide feedback and ask questions -- to which there are always fast answers. In our case, these have led to a few product improvements that have made Orca even better.
What do you dislike about the product?
It's hard to find fault with a tool that has helped us so much. At first, I found the interface a little unwieldy and confusing, but continued use led to clarity and comfort.
What problems is the product solving and how is that benefiting you?
- Telling us where serious (and minor) security holes exist
- Locating and identifying unused assets that can be removed (reducing those AWS and Google Cloud bills!)
- Enumerating over-permitted users, groups and roles
- Spelling out (via attack vectors) exactly how an alerting asset can lead to exposure
- Near future: Providing compliance guidance
- Locating and identifying unused assets that can be removed (reducing those AWS and Google Cloud bills!)
- Enumerating over-permitted users, groups and roles
- Spelling out (via attack vectors) exactly how an alerting asset can lead to exposure
- Near future: Providing compliance guidance
Easy to use, comprehensive platform
What do you like best about the product?
The onboarding experience is simple and the initial results are available very fast. The remediations are reflected within 24 hrs.
What do you dislike about the product?
Multisubscription onboarding is not super straight forward
What problems is the product solving and how is that benefiting you?
The solution provides visibility into the risks that exist with cloud implementations.
Powerful platform, lots of capabilities with a few rough edges
What do you like best about the product?
Orca is an excellent platform for assessing the security posture of all your cloud accounts in a single interface. The tool easily integrates with cloud accounts from AWS, GCP, Azure and more and makes it easy to scan those accounts for poor configurations, misconfigurations, security problems, etc.
In addition, the "side-scanning" feature for performing vulnerability scanning on your compute instances is compelling and has zero impact on your running workloads.
In addition, the "side-scanning" feature for performing vulnerability scanning on your compute instances is compelling and has zero impact on your running workloads.
What do you dislike about the product?
There are a few areas where the development of the tool lags behind what I would like to see. For example, there is a great feature to group cloud accounts by business unit, but you can't leverage that business unit association in many of the reports yet. For example, want to see an inventory of VMs grouped by Business Unit? Can't do it....in fact, the business unit field isn't available in the inventory report at all. The Orca team has told me that this feature is coming very soon, and based on past experience, I believe they will eventually deliver this capability.
What problems is the product solving and how is that benefiting you?
Main problems the tool is allowing me to solve:
1) Assess configuration of cloud accounts against industry standard security baselines as well as against custom baselines that I've created based on my business needs
2) Scan Virtual Machines for vulnerabilities, malware, missing patches etc. without having to directly scan a running VM.
3) build alerts based on governance rules that I have in place for my business and generate notifications to my ticketing system when there are violations.
1) Assess configuration of cloud accounts against industry standard security baselines as well as against custom baselines that I've created based on my business needs
2) Scan Virtual Machines for vulnerabilities, malware, missing patches etc. without having to directly scan a running VM.
3) build alerts based on governance rules that I have in place for my business and generate notifications to my ticketing system when there are violations.
Excellent CSPM/CWPP with great onboarding and features
What do you like best about the product?
100% visibility into cloud assets with both broad and deep vulnerability detection (along with contextual information to assist in prioritization).
What do you dislike about the product?
Findings aren't grouped for scaled assets so alert volume can rapidly increase
What problems is the product solving and how is that benefiting you?
We needed full cloud asset visibility and automatic vulnerability detection. We're working towards automatic remediation and shifting left, both of which are Orca features.
Very informative tool and helps to protect the cloud environment
What do you like best about the product?
The graphic UI and the ability to provide insights about vulnerabilities on OS level without installing an agent
What do you dislike about the product?
Integrations might take a bout time to configure
What problems is the product solving and how is that benefiting you?
Cloud security posture management, ability to oversee everything that happens on cloud infra
showing 161 - 170