Orca Security CNAPP Cloud Security Platform
Orca Security CNAPPExternal reviews
92 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Comprehensive tool at a very affordable price-point
What do you like best about the product?
Orca security has basically anything we could think of interms of CNAPP and CSPM capabilities. It gives us valuable insight and is truly an all in one cloud security package.
What do you dislike about the product?
We have not found many downsides of using Orca security, the only I could think of is the needd for competely different portals for our govcloud environments.
What problems is the product solving and how is that benefiting you?
Visibility, visibility, visibility. It is very hard to have accurate inventory without a specialized tool like orca. We are now able to see our infrastructure and how it is configured in a single pane of glass.
Orca is a game changer with Observability
What do you like best about the product?
Orca has really been a game changer helping accelerate our observably and security journey. The AI assisted search has increased our ability to quickly find and identify resources within our cloud subscriptions and identify vulnerabilities.
What do you dislike about the product?
The only missing offering is a cached dashboard to be used on team area kiosk dashboards within the team areas and displaying only that business unit's information.
What problems is the product solving and how is that benefiting you?
Security and observability in our multiple cloud subscriptions and environments.
Orca Security has led us to a greatly improved cloud security posture within days of use.
What do you like best about the product?
The interface is very intuitive and there was not a learning curve at all. Being able to create reports on pretty much any dashboard has been very helpful. Vulnerabilities and misconfigurations found by Orca give us more than enough information to be handed to our development team for remediation without having to do any additional research. Overall, this is a very well thought out platform.
What do you dislike about the product?
I honestly have not found anything I dislike yet.
What problems is the product solving and how is that benefiting you?
It was a very painful process to search for misconfigurations with IAM and networking in our environment. Orca has given us a way to have all of the data we need without having to spend hours searching and it most cases gives the instructions needed to remediate. It has also helped us add more shift left into our development process.
A near-complete DevSecOps and CSPM solution that is on track to go above and beyond
What do you like best about the product?
The tool provides a pragmatic view of you security posture. We all know CVEs err on the side of more severe criticality. Orca is aware of this too and tries to reserve the Critical status for things that should be looked at now.
Attack paths provide a seed for internal investigations.
Webhook oriented scans for your repositories are easy to implement.
Customer support is very good. Just a click and you get a chat bot that is quickly picked up by a human.
Attack paths provide a seed for internal investigations.
Webhook oriented scans for your repositories are easy to implement.
Customer support is very good. Just a click and you get a chat bot that is quickly picked up by a human.
What do you dislike about the product?
Attack paths aren't always accurate. For example, a ddos vulnerability won't lead to a pivot to an internal access. Not by itself anyway.
Out of the box scans are fairly infrequent in an environment where changes happen often.
Out of the box scans are fairly infrequent in an environment where changes happen often.
What problems is the product solving and how is that benefiting you?
Outside of the obvious security benefits, Orca provides a view of neglected resources which has led to significant resource clean up.
Fantastic, powerful tool for cloud security
What do you like best about the product?
Orca provides top-tier dashboards and easy dashboard customization which quickly surfaces critical risks.
Orca support replies rapidly and consistently works to resolve issues.
Orca installation in 2/3 of our main cloud environments was a smooth process, and the last environment took just an extra hour of work. Overall, a very smooth onboarding process, and great training resources were provided.
Orca provides incredibly rich, useful data about the risks it detects, with very low/none false positives.
Orca support replies rapidly and consistently works to resolve issues.
Orca installation in 2/3 of our main cloud environments was a smooth process, and the last environment took just an extra hour of work. Overall, a very smooth onboarding process, and great training resources were provided.
Orca provides incredibly rich, useful data about the risks it detects, with very low/none false positives.
What do you dislike about the product?
The compliance modules currently load extremely slowly, lack CIS critical controls v8.1, and waiting for the promised module rewrite next year sucks.
Orca knowledgebase documentation is tied to your Orca login. To faciliate non-technical staff (or folks who don't need console access) working with the tool, it would be great if they were decoupled.
Exporting risk data to CSV from Orca often requires selecting which of 119-250+ columns I want, at least once, unless you like getting a 1 GB CSV file (wow!)
Exporting to CSV frequently hangs (probably due to the default enormous CSV size), requiring the usage of scheduled reports, which is less convenient.
Orca knowledgebase documentation is tied to your Orca login. To faciliate non-technical staff (or folks who don't need console access) working with the tool, it would be great if they were decoupled.
Exporting risk data to CSV from Orca often requires selecting which of 119-250+ columns I want, at least once, unless you like getting a 1 GB CSV file (wow!)
Exporting to CSV frequently hangs (probably due to the default enormous CSV size), requiring the usage of scheduled reports, which is less convenient.
What problems is the product solving and how is that benefiting you?
Orca is an incredibly powerful tool. We're using it to detect vulnerabilities in virtual machines, misconfigured serverless functions, excessive IAM policies, unhardened virtual machines, VMs missing critical protective software, VMs under attack, and so much more, and that's just the tip of what Orca can do.
The solution is incredible. Easy deployment and full visibility
What do you like best about the product?
The ability to understand the risks of the cloud environment with its main threats and how we can remediate in an automated way.
What do you dislike about the product?
So far no difficulty encountered in usability
What problems is the product solving and how is that benefiting you?
All the visibility and exposure of my environment and the ability through templates to correct in an automated way.
Orca is the best one stop security finding solution
What do you like best about the product?
It has integration with all public cloud and it calculate the score , which helps to priorities the work.
customer support also very good.
customer support also very good.
What do you dislike about the product?
nothing found. it will be better if it create service now ticket automatically for critical and high findings.
What problems is the product solving and how is that benefiting you?
Orca detecting the security findings and vulnerebilities from our public cloud AWS and Azure.
Its calculating score, based on that we priorities the work. also Orca giving the remediations steps, which helps us to solve the finding.
Its calculating score, based on that we priorities the work. also Orca giving the remediations steps, which helps us to solve the finding.
Useful Tool with Learning Curve
What do you like best about the product?
The alerts are very helpful, especially with the trending vulnerabilities that are more urgent to patch. When there are alerts needing immediate attention, an Orca engineer will sometimes personally reach out to ensure they are being addressed and not dismissed as noise. The support provided during the regular cadence calls are helpful, and it was easy to integrate with other tools.
What do you dislike about the product?
There is a learning curve to learn how to query the platform for assets and alerts. The way findings can be vulnerabilities or alerts (likely both) can be confusing. A login is required to access documentation so it is hard to share with others.
What problems is the product solving and how is that benefiting you?
Orca is used mainly for cloud asset scanning and alerting. It correlates the different parts of our Cloud infrastructure and allows the mapping of attack paths.
Flexibilité et bonne technique
What do you like best about the product?
the offer is very customer-oriented, flexible, and reliable
What do you dislike about the product?
the pricing model during the contract
What problems is the product solving and how is that benefiting you?
the re-billing during the year
Hassle free security
What do you like best about the product?
How incredibly easy it is to get up and running.
What do you dislike about the product?
We are not 100% cloud, so it doesn't cover everything we need to monitor.
What problems is the product solving and how is that benefiting you?
Plays a huge roll in security visibility and helps us meet the needs for SOC 2 compliance.
showing 1 - 10