Try our new research platform with insights from 80,000+ expert users

AWS Security Hub vs Orca Security comparison

Amazon Web Services (AWS) and Orca Security are both solutions in the Cloud Security Posture Management (CSPM) category. Amazon Web Services (AWS) is ranked #13 with an average rating of 7.6, while Orca Security is ranked #7 with an average rating of 8.7. Amazon Web Services (AWS) holds a 5.6% mindshare in CSPM, compared to Orca Security’s 8.0% mindshare. Additionally, 90% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 100% of Orca Security users who would recommend it.
AWS Security Hub
Read 20 AWS Security Hub reviews
  • 3,477 Views
  • 2,914 Comparison Views
90% willing to recommend
Orca Security
Read 17 Orca Security reviews
  • 7,504 Views
  • 5,159 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 8, 2024

Orca Security and AWS Security Hub are competing solutions in the cloud security industry. AWS Security Hub generally has the upper hand due to better integration within AWS ecosystems, but Orca Security is favored for its intuitive use and faster deployment.

Features: Orca Security is known for its agentless technology, full-stack visibility, and ease of providing immediate insights. AWS Security Hub is recognized for its comprehensive security checks, seamless integration with AWS-native tools, and a broader feature set that appeals to AWS-centric organizations.

Room for Improvement: Orca Security could enhance scalability, improve integration with non-AWS environments, and expand applicability. AWS Security Hub might benefit from more customizable dashboards, detailed alerts, and reducing its setup time for non-native services.

Ease of Deployment and Customer Service: Orca Security is praised for fast deployment with minimal configuration and responsive support. AWS Security Hub requires more configuration effort but benefits from extensive documentation and strong customer support. Orca's straightforward setup often leads to faster deployment compared to AWS's integration process.

Pricing and ROI: Orca Security receives positive reviews for its transparent pricing and effective ROI due to lower setup costs. AWS Security Hub, valued for its ROI, faces higher setup expenses as users may need to subscribe to additional services. Despite this, AWS's integration often justifies the higher initial investment.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed AWS Security Hub vs. Orca Security Report (Updated: October 2024).
Buyer's Guide
AWS Security Hub vs. Orca Security
October 2024
Download the complete report
Helped 817,354 peers since 2012
 

Categories and Ranking

AWS Security Hub
Ranking in Cloud Security Posture Management (CSPM)
13th
Average Rating
7.6
Reviews Sentiment
7.2
Number of Reviews
20
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (5th)
Orca Security
Ranking in Cloud Security Posture Management (CSPM)
7th
Average Rating
9.2
Reviews Sentiment
7.7
Number of Reviews
17
Ranking in other categories
Vulnerability Management (9th), Container Security (10th), Cloud Workload Protection Platforms (CWPP) (9th), Cloud-Native Application Protection Platforms (CNAPP) (6th), Data Security Posture Management (DSPM) (5th), Cloud Detection and Response (CDR) (1st)
 

Mindshare comparison

As of December 2024, in the Cloud Security Posture Management (CSPM) category, the mindshare of AWS Security Hub is 5.6%, up from 4.7% compared to the previous year. The mindshare of Orca Security is 8.0%, down from 10.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Security Posture Management (CSPM)
 

Featured Reviews

CobusFrey - PeerSpot reviewer
Not only does it easily integrate with third-party tools but also allows auto synchronization of logs
AWS Security Hub has advanced quite a bit over the last couple of years. The features are quite rich now. Before purchasing, one should develop an understanding of the product. I believe AWS Security Hub is one of the most friendly solutions for integration with third-party tools. I find the integration of AWS Security Hub to be the easiest with tools from Microsoft and a bit difficult with Google solutions. AWS Security Hub is compliant in many different ways. The development business I am part of is SOC compliant for AWS Security Hub, while the banks our organization works with have been PCI compliant for AWS Security Hub for three years. I would definitely recommend AWS Security Hub to others, yet I would also inquire about their purpose and knowledge of cloud solutions. If you know how to use AWS Security Hub, it can be a great solution to work with. The solution is more suitable for people working in the cloud instead of on-premises. I would rate AWS Security Hub a nine out of ten.
Read full review
Cédric Thian-Meng - PeerSpot reviewer
It contacts your account provider and fetches metadata, eliminating the need for snapshots or reserved space to copy client infrastructure
Orca Security has patented technologies. It's an agentless solution, so you don't need to install an agent. Instead, it contacts your account provider and fetches metadata, eliminating the need for snapshots or reserved space to copy client infrastructure. The multi-cloud capability displays essential information and potential vulnerabilities with granular detail. For instance, it identifies paths that attackers might exploit to gain root or admin access to machines. It is comprehensive, covering a wide range of software needs. They also integrate with CI/CD pipelines, enabling developers to ensure security from the early stages of code deployment. This integration provides a 100% guarantee on security, safeguarding images, configurations, and other crucial information throughout the development process.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Cloudposse is a valuable feature as it guarantees my security."
"I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."
"The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud."
"Finding out if your infrastructure is secure is a valuable feature."
"The solution shows us our compliance score."
"Easily integrates with third-party tools"
"AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."
"The platform has valuable features for security."
More AWS Security Hub pros
"Orca provides X-ray vision into everything within the cloud properties, whereas normally, this would require multiple tools."
"Orca Security has patented technologies. It's an agentless solution, so you don't need to install an agent. Instead, it contacts your account provider and fetches metadata, eliminating the need for snapshots or reserved space to copy client infrastructure."
"The best features of Orca Security include its ability to perform a lot of security controls without requiring any installation of agents, making it very easy to set up."
"Another valuable feature with Orca, something that's not talked about enough, is its ability to rank your gaps and your tasks... You can get visibility with agents and there are a lot of ways to do that. But the ranking and the context across the entire environment, that is what is unique about Orca."
"The initial setup is very easy."
"Orca Security has updated its interface, making it more user-friendly. I find it particularly useful as it allows me to easily navigate the dashboard and prioritize actions based on severity and criticality."
"The best features of Orca Security include its ability to perform a lot of security controls without requiring any installation of agents, making it very easy to set up."
"The vulnerability management does not require network scanning or agent technology, so I don't need to modify any of my products in order to do vulnerability assessments."
More Orca Security pros
 

Cons

"Shortening the response time for support tickets, particularly in production issues, could make the service more efficient."
"AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time."
"It is not flexible for multi-cloud environments."
"The solution will only give you insight if you have configure rule enabled. It should work more like Prisma Cloud and Dome9 which have a better approach."
"Many findings are too generic or irrelevant to the environment, which can lead to false positives."
"It's not user-friendly. Too much going on, too many unnecessary findings, not very visual. You can't do much compared to other similar tools that are cheaper and better."
"I would like a more fine-grained capability for creating custom rules and a more user-friendly experience programmatically in writing queries and configuring custom security rules, making it quicker and easier."
"The solution should be easier to learn and use"
More AWS Security Hub cons
"I would like to see an option to do security checks on a code level. This is possible because they have access to all of the code running in the cloud provider, and combining their site-scanning solution with that would be a nice add-on."
"It's not all clouds that they are currently onboarded with. For instance, they are not yet with public cloud and many other private clouds."
"The main drawback in an agentless approach is that if the solution detects a virus or malware in the environment, we need to manually remove it. But from my experience with other production environments, it's not straightforward to install agents in the hope they will automatically remediate viruses, even from production environments... Ultimately, the ability to auto-remediate is something that I would like to see."
"I would like to see better customization options for security frameworks and better integration with reporting tools like Power BI or Grafana dashboards."
"We are PCI DSS compliant, so we need to scan our environment externally with tools vetted by the PCI DSS organization. Orca doesn't scan the environment externally. It only scans what's currently in the cloud."
"As with all software, the user interface can always be made simpler to use. It would be helpful for people with very little knowledge, like somebody sitting behind the SOC, to allow them to be able to drill down into things a little bit easier than it is currently."
"The documentation for Orca Security could be improved."
"The solution could improve by making the dashboards more elaborative and more descriptive."
More Orca Security cons
 

Pricing and Cost Advice

"Security Hub is not an expensive solution."
"The price of the solution is not very competitive but it is reasonable."
"The pricing is fine. It is not an expensive tool."
"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"AWS Security Hub's pricing is pretty reasonable."
"There are multiple subscription models, like yearly, monthly, and packaged."
"The price of AWS Security Hub is average compared to other solutions."
"It is the cost of the visibility that you get. When you really sit down and think about what do you need to do to secure an environment with a low impact on the business, and you take a look out into the world, I think this tool is well justified around cost."
"Overall, the pricing is reasonable and the discounts have been acceptable."
"The price is a bit expensive for smaller organizations."
"The most expensive solution is Palo Alto. They claim to be very robust. The next most expensive is Wiz, followed by Orca and all the rest."
"We have a total of 25 licenses for this solution. The solution is on a pay-and-you-use model."
"Orca Security is cheaper compared to other solutions in the same space."
"Orca is very competitive when compared to the alternatives and is not the most expensive in the market, that's for sure."
"I think their pricing model is aligned with market demand. Of course, Orca could probably better align their pricing model with the needs of smaller businesses as well as some larger-scale enterprises with millions of assets. But in all fairness, I think the Orca sales team has been accommodating and ensured that we're happy with the pricing."
More Orca Security pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
See recommendations
817,354 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
Read full review
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
13%
Manufacturing Company
10%
Government
8%
Computer Software Company
17%
Financial Services Firm
13%
Manufacturing Company
8%
University
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
See all answers
What do you like most about AWS Security Hub?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.
See all answers
What needs improvement with AWS Security Hub?
AWS Security Hub could improve its guidance links to resolve findings related to multiple resources. The implementation of more guidance links could enhance issue resolution. Additionally, shorteni...
See all answers
What do you like most about Orca Security?
It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just scan the entire assets in the cloud.
See all answers
What needs improvement with Orca Security?
The company is managed by industry veterans. It's a cloud-based product. They handle misconfigurations and analyse your runtime to detect malware. They're at the forefront regarding developer secur...
See all answers
What is your primary use case for Orca Security?
We use the solution to show misconfiguration. Often, users lack knowledge about their assets' fingerprints and their cloud provider's configurations.
See all answers
 

Comparisons

Microsoft Sentinel vs AWS Security Hub Logo
Microsoft Sentinel vs AWS Security Hub
Compared 38% of the time
Wiz vs AWS Security Hub Logo
Wiz vs AWS Security Hub
Compared 12% of the time
Prisma Cloud by Palo Alto Networks vs AWS Security Hub Logo
Prisma Cloud by Palo Alto Networks vs AWS Security Hub
Compared 11% of the time
Microsoft Defender for Cloud vs AWS Security Hub Logo
Microsoft Defender for Cloud vs AWS Security Hub
Compared 6% of the time
Oracle Security Monitoring and Analytics Cloud Service vs AWS Security Hub Logo
Oracle Security Monitoring and Analytics Cloud Service vs AWS Security Hub
Compared 3% of the time
More AWS Security Hub Competitors
Wiz vs Orca Security Logo
Wiz vs Orca Security
Compared 39% of the time
Microsoft Defender for Cloud vs Orca Security Logo
Microsoft Defender for Cloud vs Orca Security
Compared 10% of the time
Prisma Cloud by Palo Alto Networks vs Orca Security Logo
Prisma Cloud by Palo Alto Networks vs Orca Security
Compared 8% of the time
CrowdStrike Falcon Cloud Security vs Orca Security Logo
CrowdStrike Falcon Cloud Security vs Orca Security
Compared 5% of the time
Tenable Vulnerability Management vs Orca Security Logo
Tenable Vulnerability Management vs Orca Security
Compared 3% of the time
More Orca Security Competitors
 

Product Reports

Buyer's Guide
AWS Security Hub
November 2024
AWS Security Hub reportDownload AWS Security Hub product report
Buyer's Guide
Orca Security
November 2024
Orca Security reportDownload Orca Security product report
 

Also Known As

SQRRL
No data available
 

Learn More

Amazon Web Services (AWS)
Orca Security
 

Overview

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts. 

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments. 

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

Orca Security is the pioneer of agentless cloud security that is trusted by hundreds of enterprises globally. Orca makes cloud security possible for enterprises moving to and scaling in the cloud with its patented SideScanning™ technology and Unified Data Model. The Orca Cloud Security Platform delivers the world's most comprehensive coverage and visibility of risks across AWS, Azure, Google Cloud and Kubernetes.

At Orca Security, we’re on a mission to make it fast, easy, and cost effective for organizations to address critical cloud security issues so they can operate in the cloud with confidence.

    Key Platform Features: 

    • Agentless: Complete, centralized coverage of the entire cloud estate, without the need for installing and configuring agents or layering together multiple siloed tools. Full visibility of cloud misconfigurations, vulnerabilities, workload protection, malware scanning, image scanning, file integrity monitoring and more.

    • Asset Inventory: Get a complete inventory of all your public cloud assets, including detailed information on installed OSes, software, and applications, as well as data and network assets such as storage buckets, Virtual Private Clouds (VPCs), and Security Groups.

    • Attack Path Analysis: Visualize attack vectors to critical assets or crown jewels. See which assets are susceptible to lateral movement, assume roles, privilege escalation, and more.

    • Risk Prioritization: Prioritize the 1% of risks that matter the most, based on impact scores. Secure the vulnerabilities and misconfigured targets (critical assets) and eliminate the potential risks residing on the attack paths to those targets.

    • Cloud Threat Detection: Monitor for malicious activity within your entire cloud estate. Be aware of detected threats, user behavior anomalies and more.

    • Breach Forensics: Log every change and all activity into a central repository for investigation procedures to confirm or deny entry and compromises within the cloud estate.

    • Cloud To Dev (Shift Left): Orca’s built-in shift left capabilities enables DevOps to focus more security attention earlier in the CI/CD pipelines. Security teams are able to trace a production risk (misconfiguration or vulnerability) directly to the original source code repository from which it came, even down to the exact line of code that is at the root of the identified risk. 

    • Compliance: Choose from over 60 preconfigured compliance frameworks, cloud security best practices, CIS Benchmarks, or design and build your own compliance framework for fast and continuous reporting.

    • Security Score: The Orca Security Score is found on Orca’s Risk Dashboard and is updated daily. The overall score is calculated based on performance in the following five categories - Suspicious Activity, IAM, Data at Risk, Vulnerable Assets, and Responsiveness. Since the scores are percentage based and not raw numbers, you can objectively make comparisons to other organizations within your industry or business units of different sizes. In addition to reporting to senior management, the Orca Security Score can help with internal self-monitoring, as a way of measuring risk mitigation efforts, to know where to focus efforts, and track progress.

    Orca Security Benefits

    • Consolidate technologies to reduce costs and complexity:

    The more I can get out of this one solution, the better. I see Orca as the tool where we get all cloud-related security data.” - Joshua Scott, Head of Security and IT | Postman

    • Avoid costly breaches:

    "I look at proactive asset discovery, configuration management, and vulnerability management as being able to find a vulnerability before the bad guys do and being able to deal with it before something exploits it. This is what Orca does for us." - Doug Graham, CSO & CPO | Lionbridge

    • Increase team productivity and efficiency by focusing on high-value activities and solving the 1% of risks that matter most:

    "Orca is unique in that it locates vulnerabilities with precision and delivers tangible, actionable results – without having to sift through all the noise." - Aaron Brown, Senior Cloud Security Engineer | Sisense

    • Quick Time-to-Value with Immediate ROI:

    "Orca told us we could have some visibility within 5 or 10 minutes, and I thought, ‘There’s no way.’ Well, I was wrong. They really did it." - Thomas Hill, CISO | Live Oak Bank

    • Reduce MTTR and remove operational friction:

    We can’t ask developers things like ‘Did you think about security? When you start a new VM on AWS, can you please let me know so I’m able to scan it? Can you please deploy an agent on that machine for me?’ We need a better way to work. Orca provides that better way by eliminating organizational friction.” - Erwin Geirnaert, Cloud Security Architect | NG Data

       

      Sample Customers

      Edmunds, Frame.io, GoDaddy, Realtor.com
      BeyondTrust, Postman, Digital Turbine, Solarisbank, Lemonade, C6 Bank, Docebo, Vercel, and Vivino
      Buyer's Guide
      AWS Security Hub vs. Orca Security
      October 2024
      Free Report: AWS Security Hub vs. Orca Security
      Find out what your peers are saying about AWS Security Hub vs. Orca Security and other solutions. Updated: October 2024.
      DOWNLOAD NOW
      817,354 professionals have used our research since 2012.
      See our AWS Security Hub vs. Orca Security report.
      See our list of best Cloud Security Posture Management (CSPM) vendors.

      We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.