Orca Security Reviews

When discussing the main use case for Orca Security, I am referring to implementations for my clients. I participate in several CSPM implementations for my company, but I cannot comment much on the customers due to confidentiality rules. The projects that I participate in typically involve a cloud environment that is already in production, such as AWS, Azure Cloud, or GCP. We create a context of the environment and connect multiple accounts for scanning all assets and containers in the cloud accounts of customers. We perform onboarding and create initial maps of risks. Orca Security supports remediation with clear technical evidence, objective remediation recommendations, and monitoring of risk reduction over time.

The best feature is Orca Side-Scanning. Because of this feature, the platform does not need to use agents for the detection of virtual machines, containers, and hosts. It can connect via a cloud-native API and perform out-of-band scanning using read-only access. Orca Side-Scanning has made things both easier and faster for security teams and for the people who have to act on findings. This platform is very useful for the maintenance of vulnerability in cloud environments, with the impact on the security team's workflow being a much faster time-to-value.

The Attack Path feature is a great option for the capabilities of Orca Security's strengths because it models network exposure, permissions, vulnerabilities, and trust relationships. This feature helps security teams think like attackers and identify high-impact risks.

In two implementation projects that I participated in, the customers reported difficulty with the options for generating specific reports. With these same customers, we had problems importing the custom tags from the connections in an AWS account. Orca Security needs report customization and custom collection, as well as custom tag collection improvements for the platform. Integration with Vulcan, a feature of Tenable, also needs improvement.

I have been using Orca Security for about one year.

Orca Security is stable in my experience.

The fact that Orca Security does not need to use local agents permits the scale-up for more assets in the environment to be easy.

We have interacted with their support team, and it is good.

Orca Security is my first experience with CSPM.

I have experience in license and installation, but I do not have experience in pricing because I am participating in the technical team.

I only participate in the implementation, but all the customers report good results from using Orca Security.

Orca Security typically delivers three major positive changes, in my opinion: a faster understanding of risks in cloud environments, better prioritization, and less noise. Orca Security enables collaboration between security and cloud teams for better troubleshooting and monitoring of the cloud environment. There is a faster time to visibility and results, along with a high reduction in security noise. I have a case of a customer who managed to significantly reduce the number of vulnerabilities in a team of development for web software and also in maintenance for virtual machines and containers for this environment.

The deployment of Orca Security in my organization depends on which client is doing the implementation.

The cloud providers my clients use most often with Orca Security are AWS and GCP.

I would suggest they test it and talk to Orca Security representatives because it will be a very positive experience for their company. I rate this product an eight out of ten.

We used Orca Security for about two to three months until I left the company. The product itself is really good. It helped us streamline the way we access our servers. It increased the amount of security for our product and allowed us to work from different various places without having to always use a VPN that we had used before.

A lot of the comfort of just being able to access our servers and upload to local servers without having any security risks and having to take extra precautions was the main benefit because we had the safety of actually being able to use Orca Security.

Orca Security's multi-tenant architecture helped the organization ensure consistent security coverage across different servers. Since we use different servers for our company, it helped balance out everything and work in a single environment. It helped localize everything in a comfortable way, which I really appreciated, because whenever we used different levels of our product, it helped us maintain things in a more comfortable way.

I assessed the effectiveness of Orca Security's content, malware prioritization system, and evaluated alerts based on severity and business impact, but I don't remember getting any alerts, which is presumably a good thing. The whole process of logging on, which is extensive in a good way, helped us maintain a high level of security with features such as two-step authentication. This created a sense of security when working from home or abroad.

I really love the way Orca Security worked. A potential improvement could be additional security features for the two-step authentication, such as fingerprint recognition similar to what Checkpoint does. That could be something to consider, though it's more about convenience than security as we didn't have any security issues.

The timeout settings could be made more customizable, as sometimes if I leave the office early, it's still running unless manually turned off. The process of turning it off isn't very straightforward, so making it easier to turn off manually would be beneficial. It would be good for any business to implement so they don't have to use a VPN. Security in today's age is important, and if a company can afford it, they should get it as it's the most valuable protection against threats.

We used Orca Security for about two to three months until I left the company.

The integration with existing workflows was handled by different engineers.

The main challenge or key issue we faced was security.

I did not integrate Orca Security with any other product features as I didn't get a chance to use it often since I was just logging on. However, the company is really happy using it, and they're still using it today according to friends who still work there.

Regarding metrics to validate performance, while logging on and maintaining the system takes time due to auto log off after a few hours, the time spent logging back on is minimal compared to the security benefits provided by the product. We found an increase in security, and being able to work without VPNs improved load times and efficiency.

I would recommend Orca Security to managers. We were a very small company, so it wasn't widely publicized.

I rate Orca Security a 9 out of 10.

We used Orca Security for Cloud Security Posture Management (CSPM), vulnerability assessment, and several other security controls, including Shimless Security. It helped us consolidate our security tools and provided a central view for organization-wide visibility.

The best features of Orca Security include its ability to perform a lot of security controls without requiring any installation of agents, making it very easy to set up. This feature allowed us to replace a lot of tools with one comprehensive platform, enhancing our ability to consolidate the security footprint on a large scale. 

It provided us with visibility from a central point, increasing our view from the previous thirty percent to a full one hundred percent of our cloud environment. This comprehensive view facilitated improvements in our security posture.

The documentation for Orca Security could be improved. The compliance framework also needs enhancements, especially concerning integrations with other tools like ServiceNow's vulnerability modules, which are not as mature as expected. 

It should also increase its capability to ingest data from other security tools like CloudSight for endpoint detection and provide real-time monitoring.

I was an administrator of Orca Security in my previous organization for almost two years.

There were some stability issues in the initial months of using Orca Security, but overall, it has room for improvement and is rated seven out of ten.

Orca Security's scalability is rated nine out of ten due to its challenge in scaling Kubernetes workloads, which require additional steps on top of connecting cloud accounts.

The technical support has room for improvement. The expertise levels could be improved, and on a scale from one to ten, I rate the support as six or seven out of ten.

Neutral

We used several other tools before Orca, such as Microsoft Defender, Twistlock (Prisma Cloud), Rapid7, and AlgoSec. Orca Security replaced these by consolidating their functionalities into a single platform, which helped us save significant costs.

The initial setup of Orca Security was easy. We started with the cloud accounts we already had visibility and control over, then presented its value to the organization.

Orca Security significantly improved our visibility from 30% to 100%, enabling better security posture improvements rather than just general cost savings.

The cost of Orca Security is competitive compared to other market solutions.

I would recommend Orca Security to other users and rate it eight out of ten.

Public Cloud

Other

I use Orca Security to analyze misconfiguration and to alert our SOC team when a misconfiguration occurs in our environment so that we can open an incident and solve it.

For example, we have one alert that triggers when a security group is created and a resource is created and exposed to the internet without an ACL attached on the resource and with the security group allowing any IP from the internet to access the resource.

We have created some custom alerts, and we are trying to create some automatic remediation using Orca Security. However, we need to open a ticket to support Orca Security to inform them that we need it, and it will go to the development team, which is not ideal for us as a customer.

I use the risk score related to our vulnerability management program in Orca Security to analyze and prioritize how to fix issues and what we need to fix first. Any resources that have a risk score more than seven are critical for us, and we prioritize the fix accordingly.

I use Orca Security in our public cloud environment.

Using Orca Security, I have visibility in our environment without depending on another team. I can connect our AWS accounts and our cloud accounts directly on the platform, allowing me to see and analyze our environment automatically.

We use AWS, Azure, and GCP.

I find that using the AI search feature is particularly valuable, as you do not need extensive knowledge of the platform to identify resources and define what you need to find.

The vision related to security frameworks is very valuable for us, and we use that to be compliant with standards such as PCI DSS. The way to create dashboards is very useful for us as well.

It is easy for us to have one place to check things, and when we need to create some report for our teams or for another team, we use these compliance visuals to see what is compliant and what is not compliant.

Orca Security can improve the way that a customer can create auto-remediation without depending on support to do that. Perhaps creating one space to implement a script or to create the auto-remediation inside the platform without support would be beneficial.

I have been using the solution for the last two years.

Orca Security is stable.

We used the Prisma solution from Palo Alto in the past, and I believe we changed to Orca Security because of the price that Orca Security offered. However, that is not something that relates directly to me, so I am not certain about that.

Public Cloud

Other

We are using it for cloud security posture management to detect vulnerabilities, misconfigurations, threats, and malware in our cloud environment.

Orca has helped us reduce the time it takes to address cloud security alerts because of its risk-based calculation and immediate notifications for critical assets and popular vulnerabilities.

One of the valuable features of Orca Security is its design and options that allow flexible filtering and user-friendly visualization. 

Additionally, it covers a large scope of vulnerabilities, CVEs, malware, and misconfiguration. It also helps identify compliance issues in our cloud environments like AWS or GCP.

Orca needs improvement in snoozing or dismissing specific alarms. Currently, snoozing dismisses all future vulnerabilities related to a CVE. Another improvement is in handling alerts for multiple files with the same CVE; it should provide an option to manage each file separately without affecting others.

I have been using Orca Security for around one year.

We have experienced some problems with the frontend, which occurred around three times a year, usually when updates introduced new lines of code that disrupted functionality.

Scalability is automatically managed. When you onboard an organization, Orca will find new projects, folders, and resources without any additional effort required.

I contacted support quite often, and they felt like family due to the frequency. I would rate the quality of support as nine stars out of ten due to their quick and helpful responses.

Positive

I have used CrowdStrike before but was not happy with its features in the CSPM realm. Many of my friends in cybersecurity use Wyz and are pleased with it.

Seventy percent of the deployment was completed successfully with documentation. However, we needed support from Orca for AWS onboarding. GCP was the easiest to onboard, followed by Azure, with AWS being the most challenging.

Pricing is flexible, depending on the number of licenses, contract duration, and future plans. The initial price seemed high, however, after negotiation, the final price was ideal.

I evaluated CrowdStrike and have heard positive feedback about Wyz from peers.

New users should have admin rights and follow Orca's clear documentation and web interface instructions for onboarding. 

It's rated eight out of ten for its overall performance.

Public Cloud

Other

I am primarily using Orca Security for cloud security. Being part of the vulnerability management team, I utilize Orca Security for generating vulnerability alerts on cloud assets.

One aspect that stands out is the seamless integration. Once our organization is configured, any cloud account under that organization is automatically detected in Orca Security, along with all the assets associated with it. 

Another valuable feature is the side scanning technology using a snapshot mechanism. This technology allows for coverage of almost all cloud assets without interrupting their operations.

Orca Security could improve its ticket creation process. Currently, it allows for creating tickets in only one bucket, which requires monitoring to redirect tickets to the appropriate team. It would be beneficial to have segregation for different projects. 

Additionally, Orca Security could improve in reporting OS package vulnerabilities, such as missing MS patches or Linux patches.

I have been using Orca Security for one year.

I would rate the stability as nine out of ten. I personally have not encountered any bugs or issues with the console. It runs almost 24/7.

I would rate the scalability as nine out of ten. The seamless integration allows us to automatically reflect any connected project from our cloud into the console.

I would rate customer service between eight and nine out of ten. The support team assists with issues and provides information on new updates, helping us understand the product better.

Positive

Previously, we used Rapid7 for vulnerability management. We switched because we moved from on-premises to the cloud, which required a cloud security solution.

I am not sure about the pricing, as all decisions related to pricing and configuration were made by a different department.

I recommend Orca Security to others looking for a cloud security solution due to its seamless integration and side-scanning technology that does not hamper cloud asset performance. It also offers automation for ticket creation directly from alerts.

I'd rate the solution eight out of ten.

Our clients use Orca Security for various reasons. We implement it for the clients.

Orca Security has helped reduce the time it takes to address cloud security alerts. It has reduced alerts by almost 30% to 40%. It was initially 300 alerts, and recently with one customer, it reduced to 30% to 40%, which is a good value add for this.

It takes approximately three to six months to see time to value.

The GUI features are very good. Threat intelligence is also very good. 

Orca Security can be improved as there should be some kind of central pane of glass. Similar to how cloud management works, Orca Security should have something comparable. They have something right now, but it is not fully developed. For example, if they have something similar to Palo Alto Panorama, it would be a great tool for their existing customers.

I have approximately two years of experience working with this tool.

Orca Security is a very good solution. I consider it stable.

Scalability doesn't really apply here because this is a posture management tool. At the end of the day, whether we have 10 servers, 50 servers, or even 500 servers in the form, we provide just one entry for Orca Security.

I would rate technical support from Orca Security as very good. Orca Security is very good in this regard.

Positive

Deployment is pretty easy. If you take professional services from them, you have to pay the money. If you do not need any professional services, or if there is any vendor for your organization, you can give it to that vendor. The vendor will deploy the tools for you. It is an easy tool.

Our clients are using a hybrid deployment model for Orca Security. Many customers are predominantly using the cloud. If the cloud is not there, a hybrid deployment is used.

The customer asks us to implement Orca Security, and we deploy it based on their best practices.

Its license is a bit expensive.

The decision is taken by the customer. Some customers go for it because it is in Gartner's Top 5 and has good reviews. They request us to deploy it. 

We do not use Orca Security for cost optimization. We have different tools for that. 

I tried integrating it with ServiceNow, but I have not integrated it with any other solutions such as Cisco or Palo Alto. We are using it as a standalone service for every customer.

I would rate Orca Security a nine out of ten.

I use Orca Security as a CSPM tool primarily for cloud security and posture management. I utilize its CIEM and CDR features extensively. CIEM focuses on cloud infrastructure and entitlement management, and CDR deals with cloud detection and response.

I find Orca Security's CIEM feature invaluable, as it focuses on entitlement and posture management, identifying assets with older OS versions, and asset misconfiguration. 

The CDR feature is also critical, focusing on detection and response, triggering alerts like brute force attacks and malware. It provides alert and asset details, which include multiple remediation actions. It combines functionalities of multiple security tools and collects alerts and logs from them.

A notable limitation with Orca Security is its scanning feature. The automatic scan only runs every 24 hours, and if an alert is remediated within an hour, it still remains until the next scheduled scan. A more frequent or on-demand scanning option might mitigate this issue.

I've been using Orca Security for one and a half years.

The stability of Orca Security is satisfactory, and I would rate it nine out of ten. I have experienced very little downtime.

Orca Security is highly scalable, and I would rate its scalability as eight to nine. I have observed minimal downtime.

I have had experiences where I needed to contact Orca support to address issues with alerts that remained active even after remediation. Based on my interactions, I would rate the support team a six out of ten.

Neutral

Orca Security's pricing is known to be a bit high, however, I'm not directly involved in that aspect.

I have not used any alternatives to Orca Security.

I would rate Orca Security overall as eight out of ten.

Hybrid Cloud

Other