Some of the customers use it to actually look at their assets in the cloud.
It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just scan the entire assets in the cloud.
Orca Security CNAPP Cloud Security Platform
Orca Security CNAPPExternal reviews
225 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Helps increase cloud visibility on different platforms, very stable product and quick to deploy
What is our primary use case?
How has it helped my organization?
It helps increase cloud visibility on different platforms. And also in terms of the security vulnerability in the cloud space. They recommend specific steps as well.
What needs improvement?
Actually, it's not all clouds that they are currently onboarded with. For instance, they are not yet with public cloud and many other private clouds.
Therefore, there is room for improvement, and more private clouds should be added. For the private cloud, we need to install agents into the environment.
For how long have I used the solution?
I have been using it for two years.
What do I think about the stability of the solution?
So far, we haven't faced any complaints at all after two years.
So, it has been a stable solution.
What do I think about the scalability of the solution?
Many enterprises that have lesser workloads in the cloud, so there's no point in them monitoring themselves. So those who have heavy workloads on the cloud need this tool too.
So it can handle large loads of information.
How are customer service and support?
Which solution did I use previously and why did I switch?
There is another company who copies them, like people from Wiz.
Theinterface is different, and we don't have a lot of updated stuff. They are copying Orca Security, and they are not the patent holder. The patent holder is Orca.
How was the initial setup?
This product is very fast to onboard; it takes just five minutes.
You just need to input the admin credentials for the cloud provider, meaning AWS, Azure, and Google. You can just pull it on, and then Orca covers the entire report already.
There's no need for integration because everything is on the cloud. That's why it's agentless.
Just a few steps for onboarding. It is really quick to deploy.
What's my experience with pricing, setup cost, and licensing?
Orca Security charges are based on cloud workloads. So, it's based on workloads.
If we look at one feature, it might be expensive. But if we're considering all the features they offer in monitoring and scanning, there aren't many tools out there that can do all they do in one tool. So if you compare that, then this is not really expensive. But if we compare just one feature, then it is more expensive than the others.
The user needs to utilize it as a package.
What other advice do I have?
I would recommend it. Overall, I would rate the solution an eight out of ten because it needs to expand more to support all the markets. They are not there yet.
Not all private clouds are supported, for example, SAP Cloud.
Easy to implement, incredibly detailed, offers great piece of mind
What do you like best about the product?
There is such a low barrier to implementation, and it gives you actionable insights as well as great remediation steps in no time at all.
What do you dislike about the product?
It's easy to spawn lots of tabs as each click through opens a new window. It can make navigation confusing, but that's picking really picky!
What problems is the product solving and how is that benefiting you?
Being in a highly regulated environment, we need to ensure we are identifying and responding to threats, emerging issues and ensuring our configuration is secure. The Dashboards and reports allow us to give management information to our audit, risk and assurance boards that shows a realistic cyber security posture and an understanding of the effort taken to keep us secure. Previoulsy, we used multiple tools and services, but still had blind spots. The Orca agentless service interogates our entire cloud estate and gives is real peace of mind as a result.
Excellent tool for identifying potential vulnerabilities
What do you like best about the product?
I like that Orca works from within your network and is able to find any areas of concern, rather than running externally and only finding open vulnerabilities.
What do you dislike about the product?
There were a number of false positives, and some recommended fixes and patches that did not work.
What problems is the product solving and how is that benefiting you?
We discontinued service with our previous vulnerability scanner after years of receiving monthly audits with no results (which is a good thing). Orca was able to scan from inside our network and point us to areas of concern, and helped us with GDPR compliance.
New Setup of Orca Security
What do you like best about the product?
The responsiveness of the tool while providing the ability to examine findings from numerous prospectives was very impressive. The method in which the data is collected and maintained accuracy, while providing numerous remediation methods across varying IaC platforms, how findings tie back to Cyber Control Policies and summaries of how and why findings are rated provides a total package of a Cloud Security Posture Mgmt tool
Configuration Setup had clear, easy instructions on setup, and Orca's Customer Care Support team was responsive and knowledgable
Upon setup, the tool was immediatly and regularly put to use as a core component in Cyber Posture assessment.
Configuration Setup had clear, easy instructions on setup, and Orca's Customer Care Support team was responsive and knowledgable
Upon setup, the tool was immediatly and regularly put to use as a core component in Cyber Posture assessment.
What do you dislike about the product?
Part Orca's strength is the ability to examine finding from many different prospectives. By Cyber Control family, cloud provider platform, or by grouped accounts deemed higher or lower of importance.
This takes some training and regular use of the tool as simular view points can be achieved by numerous methods.
This takes some training and regular use of the tool as simular view points can be achieved by numerous methods.
What problems is the product solving and how is that benefiting you?
Orca immediatly helped with prioritization of findings for resolution and dashboards for easy to produce reports to DevSecOps or Management overview.
Simple and Easy Product to improve our Cloud Security Posture.
What do you like best about the product?
Prirotizes which one to work and easy setup.
What do you dislike about the product?
Consitently updates in web platform and i see staus page alerts for Increased Delay / Elevated Errors in Asset Scanning or something once a month.
What problems is the product solving and how is that benefiting you?
Show us our Security Posture tying to Compliance, Provide us which assest is at risk for latest CVE threads.
Fast, Reliable and Smart
What do you like best about the product?
Orca is big smart platform that has helped our organization to meet our compliance standards. The tool is not only very complete but also smart, easy to integrate and with excellent customer support. Extra features such as AI integration makes the platform easy to use, understand and easy to follow steps.
What do you dislike about the product?
Orca discontinued a whole page where it showed alert details and now is called "legacy page". This was very useful as we were able to see alerts in a better, big UI, now the remediation tab is smaller.
What problems is the product solving and how is that benefiting you?
- Keep the Infrastructure Compliant
- Security and Alerting
- Policies Enforcement
- Security and Alerting
- Policies Enforcement
Finally I can get accurate security impact estimations before creating infrastructure!
What do you like best about the product?
Shift-left. This is brilliant. You get to have proper infrastructure scanning AND infrastrucute as code analisis on pull request stage. I can't stress enough how important it is. If you create GKE cluster and want it to be secure, without shift-left you'll have to recreate it multiple times. With shift-left you only create it once.
Super easy to add new clouds and projects, super easy to implement scan in them, even with terraform. We are using it on daily basis.
Super easy to add new clouds and projects, super easy to implement scan in them, even with terraform. We are using it on daily basis.
What do you dislike about the product?
No issues with the service itself, I'd love to see Vanta integration for sure.
What problems is the product solving and how is that benefiting you?
I get fast and accurate notifications about infrastructure issues and vulnerabilities, instructions how to fix them (to some extent), easy to use UI.
Orca cloud security solution
What do you like best about the product?
Alerts, compliance, agentless approach, lateral movement, priortization of alerts, 100 % coverage etc these are the main features are excellent. easy to integrate. good customer support. easy to impelement the solution. very easy to use. i am using from last one year. Very good experience.
What do you dislike about the product?
sometime tool failed to load modules in identity and access management, and scoring system need to change
What problems is the product solving and how is that benefiting you?
overall cloud risk is solving by orca
A practical and reliable tool
What do you like best about the product?
Allows an agentless scan of our entire cloud infrastructure and improves the security of our environment daily.
What do you dislike about the product?
Do not have a VM agent outside the cloud provider, which restricts usage to a part of the information system.
What problems is the product solving and how is that benefiting you?
Allows the detection of CVEs, proposes corrections. Allows scanning of containers. Provides a first draft on numerous compliance certifications.
Great product that guides you through securing your environment
What do you like best about the product?
My favorite feature of Orca is being able to generate remediation steps depending on how you interact with the machine. It also has a dynamic security rating that is based on more factors than just the CVSS. Connecting our environment was also very easy to do thanks to their onboarding and support.
What do you dislike about the product?
It can be overwhelming at first until you create a custom view or become familiar with the interface. There is also no dark mode but that is pretty minor for me.
What problems is the product solving and how is that benefiting you?
It is keeping track of our handful of machines and helping us be aware of any security issues as well as show us how it can be used to traverse our infrastructure.
showing 91 - 100