I've been working on this cloud security platform for the past one and a half years. Essentially, we focus on checking different components of AWS and Azure.
We check over containers, instances, and various other elements running in the cloud. Our work is specifically designed for the cloud environment. We identify and address internal vulnerabilities across applications and operating systems which we are using in the cloud.
If there are any patch management requirements, we ensure they are done across different applications and even API interfaces.
In summary, our goal is to maintain security settings across the cloud infrastructure, such as AWS and Azure, used by our company. We connect with the DevSecOps team to actively work on securing the cloud environment and remediate vulnerabilities. We make sure incidents are properly handled, and necessary updates are implemented without causing disruptions. To facilitate communication, we use SMS for incident closure. This has been our focus for the past year.
Previously, we had a hybrid model where we used both physical devices and VMs across the cloud to manage enterprise security solutions. With Orca Security, we have a specific solution that allows us to monitor internal vulnerabilities and the most exploitable ones across the cloud. This platform is dependable and includes a powerful AI engine that we are currently using.
It helps us identify and address vulnerabilities early on, including CPU weaknesses and other variations. Additionally, it provides remediation guidance and facilitates patching and updates. Furthermore, it gathers threat intelligence, which is beneficial during incidents.
Recently, Orca Security has updated its interface, making it more user-friendly. I find it particularly useful as it allows me to easily navigate the dashboard and prioritize actions based on severity and criticality.
This feature makes it easy for me to look at prototypes and determine the necessary steps to take, focusing on critical issues first. I love the interface dashboard.
I would say that there are some loading issues. Since this is a cloud-native platform, there may be a problem with connecting to the dashboard as soon as it's open. The interface can be a bit cranky and sometimes takes a lot of time to load. So, the way APIs are deployed for our dashboards or monitoring systems needs to be corrected and optimized.
In future releases, Orca Secure needs to have new integrations with different security solutions apart from the cloud. We have EDRs, XDRs, and MDRs. Orca Security should automate the process of connecting and integrating with these solutions. It can be an essential way of protecting the infrastructure in an effective manner.
I have been using Orca Security for the last two years.
I would rate the stability of Orca Secure a nine out of ten.
I would rate the scalability of Orca Secure a nine out of ten.
We directly bought this product from Orca Security itself, so we did not use any third party to install or deploy it.
The price is a bit expensive for smaller organizations. It can be expensive for smaller organizations, but if you are managing your infrastructure in the cloud, it's definitely worth trying.
We have certain subscriptions and licenses for around a thousand instances deployed across the cloud. We purchased the subscriptions for the necessary devices we are running. It has cost us a lot.
I would definitely recommend using Orca Secure. It's a very good cloud security platform. Apart from what I've seen, it has a really extensive dashboard and analysis capabilities. It picturizes actual vulnerabilities and provides guidance for remediation. It's a valuable cloud security evaluation tool, and I would suggest it as the first thing to learn.
Overall, I would rate the solution a solid nine out of ten.
