Some of the customers use it to actually look at their assets in the cloud.
It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just scan the entire assets in the cloud.
External reviews
228 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Review Orca Security for Cloud Workload
What do you like best about the product?
Orca is a great tool to describe our cloud security posture. I like it that it supports the major cloud vendors - Azure, AWS, Google. I like it that it is also able to show vulnerabilities in a great dashboard.
What do you dislike about the product?
The dashboard can perform slowly at times. Saving of views seems quirky. Some bugs need to be addressed.
What problems is the product solving and how is that benefiting you?
Visibility into our multiple Cloud workload in terms of security, vulnerabilities, best practices, etc.
Easy to use and accurate in covered resources, lacking some coverage areas
What do you like best about the product?
Well thought UI and accurate resource discovery.
What do you dislike about the product?
Issues with integration with AKS private clusters
What problems is the product solving and how is that benefiting you?
Fast vulnerability findings, helpful in planning security maintenance
Deep insights at an affordable price
What do you like best about the product?
The visibility into cloud workloads is unparalleled. You can get complete visibility into everything in your public cloud provider in 15 minutes, except for Kubernetes workloads, which require another 30 minutes to set up. Orca finds vulnerabilities and misconfigurations.
What do you dislike about the product?
Orca has indicated that it has no intention of expanding into on-prem workloads. If you have offices with network gear or servers, you must split your risk identification and prioritization process - one for each environment.
Additionally, Orca does not proactively communicate upcoming changes to its internal data model. If you're using advanced searches or automation that depend on the Orca data model, these can break or return unexpected results when the underlying data model changes.
Additionally, Orca does not proactively communicate upcoming changes to its internal data model. If you're using advanced searches or automation that depend on the Orca data model, these can break or return unexpected results when the underlying data model changes.
What problems is the product solving and how is that benefiting you?
Orca identifies and prioritizes risk in cloud environments. It detects risks on VMs, in containers, and in how you configure your public cloud provider. These are prioritized based on a number of factors, such as reachability, blast radius, the classification of data on the resource, what cloud privileges the resource has, etc.
An emerging cloud security technology with strong foundation
What do you like best about the product?
The biggest challenge in cloud security is the known unknowns. And Orca solves that problem by discovering a wide variety of assets and modeling their interrelationships. This helps organisations solve for the root cause of problems and saves huge amount of time spent merging excel sheets. The platform's capability to search for datasets and relations using queries is immensely powerful.
What do you dislike about the product?
Adoption of the platform is difficult for big organisations habitated their own toolsets.
What problems is the product solving and how is that benefiting you?
Orca solves for the tool consolidation goal of our organisation. With the use of risk scoring, our organisation is now able to better align resources solving for the true problem. The ease of using the platform has helped us roll out Orca in our organisation as a self serving security tool enabling businesses to drive security goals independently and faster.
Orca Security: Continuous Innovation Keeps Us Ahead of Threats
What do you like best about the product?
Orca Security has truly been a game-changer for our organization's cloud security. The platform consistently exceeds our expectations, thanks to its continuous development and improvement. Orca's ability to proactively identify and remediate vulnerabilities and threats has significantly strengthened our security posture.
What do you dislike about the product?
While Orca is incredibly powerful, there is a bit of a learning curve to fully utilize all of its features. The interface can be overwhelming at first, and it takes some time to master the platform's full capabilities.
What problems is the product solving and how is that benefiting you?
Orca Security has truly been a game-changer for our organization's cloud security. The platform consistently exceeds our expectations, thanks to its continuous development and improvement. Orca's ability to proactively identify and remediate vulnerabilities and threats has significantly strengthened our security posture.
Helps increase cloud visibility on different platforms, very stable product and quick to deploy
What is our primary use case?
How has it helped my organization?
It helps increase cloud visibility on different platforms. And also in terms of the security vulnerability in the cloud space. They recommend specific steps as well.
What needs improvement?
Actually, it's not all clouds that they are currently onboarded with. For instance, they are not yet with public cloud and many other private clouds.
Therefore, there is room for improvement, and more private clouds should be added. For the private cloud, we need to install agents into the environment.
For how long have I used the solution?
I have been using it for two years.
What do I think about the stability of the solution?
So far, we haven't faced any complaints at all after two years.
So, it has been a stable solution.
What do I think about the scalability of the solution?
Many enterprises that have lesser workloads in the cloud, so there's no point in them monitoring themselves. So those who have heavy workloads on the cloud need this tool too.
So it can handle large loads of information.
How are customer service and support?
Which solution did I use previously and why did I switch?
There is another company who copies them, like people from Wiz.
Theinterface is different, and we don't have a lot of updated stuff. They are copying Orca Security, and they are not the patent holder. The patent holder is Orca.
How was the initial setup?
This product is very fast to onboard; it takes just five minutes.
You just need to input the admin credentials for the cloud provider, meaning AWS, Azure, and Google. You can just pull it on, and then Orca covers the entire report already.
There's no need for integration because everything is on the cloud. That's why it's agentless.
Just a few steps for onboarding. It is really quick to deploy.
What's my experience with pricing, setup cost, and licensing?
Orca Security charges are based on cloud workloads. So, it's based on workloads.
If we look at one feature, it might be expensive. But if we're considering all the features they offer in monitoring and scanning, there aren't many tools out there that can do all they do in one tool. So if you compare that, then this is not really expensive. But if we compare just one feature, then it is more expensive than the others.
The user needs to utilize it as a package.
What other advice do I have?
I would recommend it. Overall, I would rate the solution an eight out of ten because it needs to expand more to support all the markets. They are not there yet.
Not all private clouds are supported, for example, SAP Cloud.
Great product that guides you through securing your environment
What do you like best about the product?
My favorite feature of Orca is being able to generate remediation steps depending on how you interact with the machine. It also has a dynamic security rating that is based on more factors than just the CVSS. Connecting our environment was also very easy to do thanks to their onboarding and support.
What do you dislike about the product?
It can be overwhelming at first until you create a custom view or become familiar with the interface. There is also no dark mode but that is pretty minor for me.
What problems is the product solving and how is that benefiting you?
It is keeping track of our handful of machines and helping us be aware of any security issues as well as show us how it can be used to traverse our infrastructure.
Innovative and understands what customers need
What do you like best about the product?
Helpful: Feature rich on security.
Upsides:
- Great documentation
- Vendor integration
Upsides:
- Great documentation
- Vendor integration
What do you dislike about the product?
Least helpful:
Downsides:
- Some of the sections of the application takes time to load
- When copy and paste an Orca specific URL (document), if clients are not logged in yet, it will force us to log in or SSO, but it did not keep the initial URL that we paste
- It would be great in Alert section, on the left nav, adding Asset K8s in cluster in addtion to Asset K8s Namespace
- When displaying the alert, ie. GKE cluster has an unsupported master node version, it will be great to dispaly in "client face" what GKE version and what is/are that available for upgrade
Downsides:
- Some of the sections of the application takes time to load
- When copy and paste an Orca specific URL (document), if clients are not logged in yet, it will force us to log in or SSO, but it did not keep the initial URL that we paste
- It would be great in Alert section, on the left nav, adding Asset K8s in cluster in addtion to Asset K8s Namespace
- When displaying the alert, ie. GKE cluster has an unsupported master node version, it will be great to dispaly in "client face" what GKE version and what is/are that available for upgrade
What problems is the product solving and how is that benefiting you?
Secret detection, Vulnerability scan, integration with other frameworks. All of these are important for us internally for security reason, as well as customers requirements.
ORCA Security: Empowering Organizations with Simplified Cloud Intelligence and Risk Visibility
What do you like best about the product?
By leveraging ORCA Security, our collaboration with the DevOps Team has significantly improved. This streamlined solution allows security engineers to seamlessly share relevant findings, leading to more efficient remediation processes. With ORCA, we have successfully eliminated organizational hurdles between DevOps and Security teams, promoting a smoother and more effective working relationship.
What do you dislike about the product?
The User Interface occasionally experiences slower loading times, requiring some patience. There is room for improvement in the scanning capabilities, particularly in terms of providing more automated remediation for certain alerts. Integrating the ability to auto-remediate with Orca would be a valuable addition and enhance the overall user experience.
What problems is the product solving and how is that benefiting you?
Orca's deep visibility across AWS, Azure, and other cloud environments, Orca maximizes its comprehensive view to establish a robust risk management approach. Its advanced capabilities efficiently detect vulnerabilities, security misconfigurations, and compliance violations across various cloud workloads, including containers and VMs. By effectively prioritizing urgent alerts and minimizing alert fatigue, the Orca platform empowers security teams to take proactive measures and prevent potential threats.
Let Orca secure the cloud assets
What do you like best about the product?
It has provided quite a number of integrations with other external services, which save us some time for configuring it
What do you dislike about the product?
The suggested remediation steps might not always be accurate
What problems is the product solving and how is that benefiting you?
It enables continuous monitoring of all our cloud environments
showing 21 - 30