We are using it for cloud security posture management to detect vulnerabilities, misconfigurations, threats, and malware in our cloud environment.
External reviews
228 reviews
from
and
External reviews are not included in the AWS star rating for the product.
IT Security Input
What do you like best about the product?
While I am a pretty casual user, Orca's API is quite simple to Operate, and I did not encounter any issues using it.
The remediations are quite easy to use, even for a non Cloud expert like me.
The dashboards look clean and informational.
The remediations are quite easy to use, even for a non Cloud expert like me.
The dashboards look clean and informational.
What do you dislike about the product?
The API capabilities are not profound enough (I used it for visibility dashboards in other platform).
The alerts window can get quite chaotic.
The alerts window can get quite chaotic.
What problems is the product solving and how is that benefiting you?
Helps us stay compliant and provides protection and visibilty in everything that relates to Cloud.
In-Depth Cloud Security Monitoring and Vulnerability Detection
What do you like best about the product?
The platform offers clear visibility into vulnerabilities and compliance risks, helping us prioritize and resolve issues effectively.
What do you dislike about the product?
The dashboard can sometimes feel cluttered with information, making it a bit overwhelming for newer users to navigate efficiently.
What problems is the product solving and how is that benefiting you?
Orca Security has greatly improved our cloud visibility by giving us agentless monitoring across all assets, which traditional tools often miss. It simplifies our security operations by consolidating vulnerability management, compliance, and threat detection into one platform. The risk prioritization feature is a huge benefit, allowing us to focus on the most critical issues first, saving time and resources.
Great cloud security platform
What do you like best about the product?
Orca provides greate visibility to our cloud environment, it helps us prioritise alerts and checks our environment with the latest vulnerabilities.
I really like the attack path feature it helps us closing gaps in our environments, also it provides as with a lot of the needed information about the resource or the alert that was triggered.
I really like the attack path feature it helps us closing gaps in our environments, also it provides as with a lot of the needed information about the resource or the alert that was triggered.
What do you dislike about the product?
Orca's searching capabilities could be better, sometimes it takes me more time than needed to be able to use their search engine.
Also I think the UI can be improved a little bit, with some alerts it can be overwhelming with the amount of details presented in the screen.
Also I think the UI can be improved a little bit, with some alerts it can be overwhelming with the amount of details presented in the screen.
What problems is the product solving and how is that benefiting you?
I have been using Orca Security for managing my cloud infrastructure, and overall, it helped me resolve a lot of issues for both cloud configuration and cloud vulnerabilities.
Fantastic, powerful tool for cloud security
What do you like best about the product?
Orca provides top-tier dashboards and easy dashboard customization which quickly surfaces critical risks.
Orca support replies rapidly and consistently works to resolve issues.
Orca installation in 2/3 of our main cloud environments was a smooth process, and the last environment took just an extra hour of work. Overall, a very smooth onboarding process, and great training resources were provided.
Orca provides incredibly rich, useful data about the risks it detects, with very low/none false positives.
Orca support replies rapidly and consistently works to resolve issues.
Orca installation in 2/3 of our main cloud environments was a smooth process, and the last environment took just an extra hour of work. Overall, a very smooth onboarding process, and great training resources were provided.
Orca provides incredibly rich, useful data about the risks it detects, with very low/none false positives.
What do you dislike about the product?
The compliance modules currently load extremely slowly, lack CIS critical controls v8.1, and waiting for the promised module rewrite next year sucks.
Orca knowledgebase documentation is tied to your Orca login. To faciliate non-technical staff (or folks who don't need console access) working with the tool, it would be great if they were decoupled.
Exporting risk data to CSV from Orca often requires selecting which of 119-250+ columns I want, at least once, unless you like getting a 1 GB CSV file (wow!)
Exporting to CSV frequently hangs (probably due to the default enormous CSV size), requiring the usage of scheduled reports, which is less convenient.
Orca knowledgebase documentation is tied to your Orca login. To faciliate non-technical staff (or folks who don't need console access) working with the tool, it would be great if they were decoupled.
Exporting risk data to CSV from Orca often requires selecting which of 119-250+ columns I want, at least once, unless you like getting a 1 GB CSV file (wow!)
Exporting to CSV frequently hangs (probably due to the default enormous CSV size), requiring the usage of scheduled reports, which is less convenient.
What problems is the product solving and how is that benefiting you?
Orca is an incredibly powerful tool. We're using it to detect vulnerabilities in virtual machines, misconfigured serverless functions, excessive IAM policies, unhardened virtual machines, VMs missing critical protective software, VMs under attack, and so much more, and that's just the tip of what Orca can do.
Great visibility
What do you like best about the product?
To gain full visibilty in cloud environments
What do you dislike about the product?
Vuln sources / False positives
GUI
Documentation
GUI
Documentation
What problems is the product solving and how is that benefiting you?
Visibilty about the cloud security posture
One of the Most Effective Security Tools I Have Ever Used
What do you like best about the product?
Orca is great about helping security teams priortize vulnerabilities based on factors other than just CVSS scores so that we make the most efficient use of our time.
What do you dislike about the product?
I think there is room for improvement in some parts of the UX. Orca is great about gathering a ton of data about our resources, misconfigurations, and vulnerabilities, but I think there is still room for improvement in terms of summarizing large quantities of vulnerabilities and pivoting to them from the dashboards.
What problems is the product solving and how is that benefiting you?
Inventorying cloud resources, vulnerability scanning, and vulnerability prioritization. Priortizing the right vulnerabilties allows our team to be more effective with our time.
Detect vulnerabilities and compliance issues quickly with flexible filtering and visualization
What is our primary use case?
How has it helped my organization?
Orca has helped us reduce the time it takes to address cloud security alerts because of its risk-based calculation and immediate notifications for critical assets and popular vulnerabilities.
What is most valuable?
One of the valuable features of Orca Security is its design and options that allow flexible filtering and user-friendly visualization.
Additionally, it covers a large scope of vulnerabilities, CVEs, malware, and misconfiguration. It also helps identify compliance issues in our cloud environments like AWS or GCP.
What needs improvement?
Orca needs improvement in snoozing or dismissing specific alarms. Currently, snoozing dismisses all future vulnerabilities related to a CVE. Another improvement is in handling alerts for multiple files with the same CVE; it should provide an option to manage each file separately without affecting others.
For how long have I used the solution?
I have been using Orca Security for around one year.
What do I think about the stability of the solution?
We have experienced some problems with the frontend, which occurred around three times a year, usually when updates introduced new lines of code that disrupted functionality.
What do I think about the scalability of the solution?
Scalability is automatically managed. When you onboard an organization, Orca will find new projects, folders, and resources without any additional effort required.
How are customer service and support?
I contacted support quite often, and they felt like family due to the frequency. I would rate the quality of support as nine stars out of ten due to their quick and helpful responses.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have used CrowdStrike before but was not happy with its features in the CSPM realm. Many of my friends in cybersecurity use Wyz and are pleased with it.
How was the initial setup?
Seventy percent of the deployment was completed successfully with documentation. However, we needed support from Orca for AWS onboarding. GCP was the easiest to onboard, followed by Azure, with AWS being the most challenging.
What's my experience with pricing, setup cost, and licensing?
Pricing is flexible, depending on the number of licenses, contract duration, and future plans. The initial price seemed high, however, after negotiation, the final price was ideal.
Which other solutions did I evaluate?
I evaluated CrowdStrike and have heard positive feedback about Wyz from peers.
What other advice do I have?
New users should have admin rights and follow Orca's clear documentation and web interface instructions for onboarding.
It's rated eight out of ten for its overall performance.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Orca Security Review
What do you like best about the product?
It has a useful dashboard and general user interface. It alerts on the most important issues.
What do you dislike about the product?
I am new to the product and I do not dislike anything so far.
What problems is the product solving and how is that benefiting you?
It gives us the necessary alerts needed to help keep our environment safe.
Orca vulnerability tracking user analyst
What do you like best about the product?
It is most helpful that it easily identifies the VM owner when a vulnerability is alerted
What do you dislike about the product?
The lack of customizable alert notifications and reporting has been difficult
What problems is the product solving and how is that benefiting you?
Orca is notifying when there are critical vulnerabilities on our local cloud servers
One of the best cloud security tools that deepen your knowledge and keeps you secure in the cloud
What do you like best about the product?
The product managers know well the cloud security business and are open to improve the product based on the client suggestions.
Navigation flow is nice as well as the findings that go more in depth.
Navigation flow is nice as well as the findings that go more in depth.
What do you dislike about the product?
Right now the RBAC. There are issues when multiple teams share the same cloud account and you want to measure their security.
Also would have been nice to have an onboarding in 3 steps: Control Plane, Data Plane and Scanning of the Managed Databases.
Also would have been nice to have an onboarding in 3 steps: Control Plane, Data Plane and Scanning of the Managed Databases.
What problems is the product solving and how is that benefiting you?
Bringing visibility into the cloud environments and helping to fix vulnerabilities and security issues;
showing 31 - 40