Try our new research platform with insights from 80,000+ expert users

AccuKnox Platform vs Orca Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Container Security
3rd
Ranking in Cloud Workload Protection Platforms (CWPP)
5th
Ranking in Cloud Security Posture Management (CSPM)
4th
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
4th
Average Rating
8.6
Number of Reviews
88
Ranking in other categories
Vulnerability Management (6th), Cloud and Data Center Security (5th), Compliance Management (3rd)
AccuKnox Platform
Ranking in Container Security
30th
Ranking in Cloud Workload Protection Platforms (CWPP)
26th
Ranking in Cloud Security Posture Management (CSPM)
32nd
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
24th
Average Rating
6.0
Number of Reviews
1
Ranking in other categories
Cloud Infrastructure Entitlement Management (CIEM) (8th)
Orca Security
Ranking in Container Security
14th
Ranking in Cloud Workload Protection Platforms (CWPP)
11th
Ranking in Cloud Security Posture Management (CSPM)
9th
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
9th
Average Rating
9.4
Number of Reviews
15
Ranking in other categories
Vulnerability Management (11th), Data Security Posture Management (DSPM) (6th), Cloud Detection and Response (CDR) (1st)
 

Featured Reviews

Andrew W - PeerSpot reviewer
Aug 29, 2024
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.
RaviUpadhyay - PeerSpot reviewer
Aug 28, 2024
Uses unique technologies for container security, flexible integration but lacks good user experience
There should always be some customized reports included. The dashboard is one thing, and the second is a report. Based on that, users can assist their environment. For example, for some Terraform code, customers want end-to-end things with their tool. They don’t want multiple tools. For a specific purpose, we need to look at different tools. They will look for a solution in one platform only so that the cost can be saved. If we use multiple tools, it means we need to give access to different ports in their environment. It is basically a kind of security compromise happening. Users have a lot of ports being used. So, basically, users don’t want to use multiple tools. They want a single tool that includes multiple features. The report part was missing. Also, some kind of clarity [flow clarity] is not in the tool as of now, but they are working on it. For example, if somebody manages the tool in their environment, the tool should be user-friendly. But this tool is not user-friendly as of now. This tool needs some kind of improvement so that new users or new security engineers can understand all the things in a short period of time. They can understand what is happening and how we can provide. They are catching the customer needs and working along with their development team. For example, some of the policies customers wanted to be placed at the organization level were missing. But AccuKnox have projections as well. Some of the good things they have used are flexible to integrate with other tools. For example, not from the security point of view, but maybe CI/CD, some third-party tools helping out to optimize the container image in terms of being lightweight or having a very low surface level. Basically, it protects against surface attacks. If a heavier image is used, it takes time to upload and impacts overall application performance. So, some tools are good for optimization.
Cédric Thian-Meng - PeerSpot reviewer
Apr 3, 2024
It contacts your account provider and fetches metadata, eliminating the need for snapshots or reserved space to copy client infrastructure
Orca Security has patented technologies. It's an agentless solution, so you don't need to install an agent. Instead, it contacts your account provider and fetches metadata, eliminating the need for snapshots or reserved space to copy client infrastructure. The multi-cloud capability displays essential information and potential vulnerabilities with granular detail. For instance, it identifies paths that attackers might exploit to gain root or admin access to machines. It is comprehensive, covering a wide range of software needs. They also integrate with CI/CD pipelines, enabling developers to ensure security from the early stages of code deployment. This integration provides a 100% guarantee on security, safeguarding images, configurations, and other crucial information throughout the development process.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The cloud misconfiguration is the most valuable feature."
"Cloud Native Security is user-friendly. Everything in the Cloud Native Security tool is straightforward, including detections, integration, reporting, etc. They are constantly improving their UI by adding plugins and other features."
"PingSafe's graph explorer is a valuable tool that lets us visualize all connected services."
"The management console is highly intuitive to comprehend and operate."
"Cloud Native Security's best feature is its ability to identify hard-coded secrets during pull request reviews."
"Cloud Native Security helps us discover vulnerabilities in a cloud environment like open ports that allow people to attack our environment. If someone unintentionally opens a port, we are exposed. Cloud Native Security alerts us so we can remediate the problem. We can also automate it so that Cloud Native Security will fix it."
"The most valuable feature of PingSafe is its integration with most of our technology stack, specifically all of our cloud platforms and ticketing software."
"The mean time to detect has been reduced."
"The platform is strong in container and kernel-level security."
"Orca's dashboard is excellent. My team needs to be able to focus on specific areas for improvement in our cloud environment. And most recently, we've started to get good use out of sonar, the search capabilities, and the alert creation."
"Orca Security has patented technologies. It's an agentless solution, so you don't need to install an agent. Instead, it contacts your account provider and fetches metadata, eliminating the need for snapshots or reserved space to copy client infrastructure."
"Orca's platform provides an agentless data collection facility that collects information directly from the cloud using APIs, with zero impact on performance."
"Orca's SideScanning is the biggest feature. It's the 'wow' factor... With Orca's SideScanning, they just need permissions for your account and that makes it so simple."
"The reporting and automated remediation capabilities are valuable to me. They're real game-changers."
"There are so many valuable features that I could list, but one that I appreciate is the PCI DSS compliance report."
"The most valuable feature of Orca Security is the automated scanning tool, user-friendliness, and ease of use."
"With its Cloud Security Posture Management capability, we have the ability to read across all of our cloud-based environments, which includes AWS and Azure. We have visibility into those environments. Seeing all vulnerabilities and configurations is really powerful for us, but ultimately, the ability to use the API to query across the fleet to understand what is the current state, what is the patch level, which ones are potentially exposed for a new CVE that just came out is even more valuable. It allows us to gather really specific intelligence through simple queries."
 

Cons

"The resolution suggestions could be better, and the compliance features could be more customizable for Indian regulations. Overall, the compliance aspects are good. It gives us a comprehensive list, and its feedback is enough to bring us into compliance with regulations, but it doesn't give us the specific objects."
"One area for improvement could be the internal analysis process, specifically the guidance provided for remediation."
"Maybe container runtime security could be improved."
"Sometimes the Storyline ID is a bit wacky."
"The Automation tab is an add-on that doesn’t work properly. They provide a list of scripts that don’t work and I have asked support to assist but they won’t help. When running on various endpoints the script doesn’t work and if it does, it’s only a couple. There are a lot of useful scripts that would be beneficial to run forensics, event logs, and process lists running on the endpoint."
"The cost has the potential for improvement."
"When we request any changes, they must be reflected in the next update."
"I used to work on AWS. At times, I would generate a normal bug in my system, and then I would check PingSafe. The alert used to come after about three and a half hours. It used to take that long to generate the alert about the vulnerability in my system. If a hacker attacks a system and PingSafe takes three to four hours to generate an alert, it will not be beneficial for the company. It would be helpful if we get the alert in five to ten minutes."
"AccuKnox platform have AI-based features, but those aren’t fully developed yet."
"They can expand a little bit in anti-malware detection. While we have pretty good confidence that it's going to detect some of the static malware, some of the detections are heuristics. There could be a growth in the library from where they're pulling their information, but we don't get a lot of those alerts based on the design of our products. In general, that might be an area that needs to be filled since they offer it as a service within it."
"The main drawback in an agentless approach is that if the solution detects a virus or malware in the environment, we need to manually remove it. But from my experience with other production environments, it's not straightforward to install agents in the hope they will automatically remediate viruses, even from production environments... Ultimately, the ability to auto-remediate is something that I would like to see."
"The presentation of the data in the dashboard is a little bit chaotic."
"In the future, I'd like to see Orca work better with third-party vendors. Specifically, being able to provide sanitized results from third parties."
"I would like to see better customization options for security frameworks and better integration with reporting tools like Power BI or Grafana dashboards."
"We are PCI DSS compliant, so we need to scan our environment externally with tools vetted by the PCI DSS organization. Orca doesn't scan the environment externally. It only scans what's currently in the cloud."
"It's not all clouds that they are currently onboarded with. For instance, they are not yet with public cloud and many other private clouds."
"I would be happy if they offered more automatic remediation options. They're working on that, but the more the better. For example, if they want you to harden a server, they would offer a hardening script that would be more aware of what's going on."
 

Pricing and Cost Advice

"PingSafe is less expensive than other options."
"PingSafe falls somewhere in the middle price range, neither particularly cheap nor expensive."
"Pricing is based on modules, which was ideal for us."
"PingSafe is affordable."
"It is cheap."
"The price depends on the extension of the solution that you want to buy. If you want to buy just EDR, the price is less. XDR is a little bit more expensive. There are going to be different add-ons for Singularity."
"PingSafe is fairly priced."
"Its pricing is okay. It is in line with what other providers were providing. It is not cheap. It is not expensive."
Information not available
"We have a total of 25 licenses for this solution. The solution is on a pay-and-you-use model."
"Orca Security is cheaper compared to other solutions in the same space."
"Overall, the pricing is reasonable and the discounts have been acceptable."
"I think their pricing model is aligned with market demand. Of course, Orca could probably better align their pricing model with the needs of smaller businesses as well as some larger-scale enterprises with millions of assets. But in all fairness, I think the Orca sales team has been accommodating and ensured that we're happy with the pricing."
"Orca Security charges are based on cloud workloads. So, it's based on workloads. If we look at one feature, it might be expensive."
"Orca is very competitive when compared to the alternatives and is not the most expensive in the market, that's for sure."
"It is the cost of the visibility that you get. When you really sit down and think about what do you need to do to secure an environment with a low impact on the business, and you take a look out into the world, I think this tool is well justified around cost."
"The most expensive solution is Palo Alto. They claim to be very robust. The next most expensive is Wiz, followed by Orca and all the rest."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
814,325 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
19%
Financial Services Firm
16%
Manufacturing Company
10%
Insurance Company
5%
No data available
Computer Software Company
17%
Financial Services Firm
13%
Manufacturing Company
9%
University
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
I am personally not taking care of the pricing part, but when we moved from CrowdStrike to Singularity Cloud Native S...
What needs improvement with PingSafe?
They can provide some kind of alert when a new type of risk is there. There can be a specific type of alert showing t...
What is your experience regarding pricing and costs for AccuKnox Platform?
AccuKnox has fixed charges on that. Also, AccuKnox has cluster-based pricing, depending on how many cloud providers y...
What needs improvement with AccuKnox Platform?
There should always be some customized reports included. The dashboard is one thing, and the second is a report. Base...
What is your primary use case for AccuKnox Platform?
This product is for container-based security. It is a new tool; recently, they have been working independently with s...
What do you like most about Orca Security?
It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just ...
What needs improvement with Orca Security?
The company is managed by industry veterans. It's a cloud-based product. They handle misconfigurations and analyse yo...
What is your primary use case for Orca Security?
We use the solution to show misconfiguration. Often, users lack knowledge about their assets' fingerprints and their ...
 

Also Known As

PingSafe
No data available
No data available
 

Overview

 

Sample Customers

Information Not Available
Information Not Available
BeyondTrust, Postman, Digital Turbine, Solarisbank, Lemonade, C6 Bank, Docebo, Vercel, and Vivino
Find out what your peers are saying about Palo Alto Networks, Wiz, Microsoft and others in Cloud Security Posture Management (CSPM). Updated: October 2024.
814,325 professionals have used our research since 2012.