Try our new research platform with insights from 80,000+ expert users

CloudPassage vs Orca Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Cloud Workload Protection Platforms (CWPP)
4th
Ranking in Cloud Security Posture Management (CSPM)
3rd
Average Rating
8.8
Reviews Sentiment
7.9
Number of Reviews
107
Ranking in other categories
Vulnerability Management (6th), Cloud and Data Center Security (5th), Container Security (3rd), Cloud-Native Application Protection Platforms (CNAPP) (3rd), Compliance Management (2nd)
CloudPassage
Ranking in Cloud Workload Protection Platforms (CWPP)
40th
Ranking in Cloud Security Posture Management (CSPM)
49th
Average Rating
8.0
Number of Reviews
2
Ranking in other categories
No ranking in other categories
Orca Security
Ranking in Cloud Workload Protection Platforms (CWPP)
5th
Ranking in Cloud Security Posture Management (CSPM)
6th
Average Rating
9.0
Reviews Sentiment
7.9
Number of Reviews
19
Ranking in other categories
Vulnerability Management (8th), Container Security (11th), Cloud-Native Application Protection Platforms (CNAPP) (6th), Data Security Posture Management (DSPM) (6th), Cloud Detection and Response (CDR) (2nd)
 

Mindshare comparison

As of April 2025, in the Cloud Security Posture Management (CSPM) category, the mindshare of SentinelOne Singularity Cloud Security is 2.5%, up from 1.1% compared to the previous year. The mindshare of CloudPassage is 0.1%, up from 0.1% compared to the previous year. The mindshare of Orca Security is 6.7%, down from 9.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Security Posture Management (CSPM)
 

Featured Reviews

Andrew W - PeerSpot reviewer
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.
it_user854058 - PeerSpot reviewer
It helped us be more aware of what our security posture is, but not all of the features work in my environment
I would say CloudPassage is very useful for certain things. If you just want a few modules then focus on what you need and negotiate the price based on the individual module, rather than looking at the whole thing, because I didn't find all the modules very useful. Also, use Splunk in combination with it if you want reporting. I would give CloudPassage at least a seven out of 10. I rate it on the high-end because of the customer support - I've never seen any support that is comparable to that, it's very good, excellent. The support staff actually care, they actually follow up; it's very nice. And CloudPassage really listens to its customers. The product itself is very nice if you're only looking to check off your compliance requirements, but if you're looking for more of dashboarding and things like that, CloudPassage is improving but it's not quite there.
CHINTAN MEHTA - PeerSpot reviewer
Consolidating security tools with comprehensive cloud visibility
The documentation for Orca Security could be improved. The compliance framework also needs enhancements, especially concerning integrations with other tools like ServiceNow's vulnerability modules, which are not as mature as expected. It should also increase its capability to ingest data from other security tools like CloudSight for endpoint detection and provide real-time monitoring.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The agentless vulnerability scanning is great."
"Cloud Native Security helps us discover vulnerabilities in a cloud environment like open ports that allow people to attack our environment. If someone unintentionally opens a port, we are exposed. Cloud Native Security alerts us so we can remediate the problem. We can also automate it so that Cloud Native Security will fix it."
"The offensive security feature is valuable because it publicly detects the offensive and vulnerable things present in our domain or applications. It checks any applications with public access. Some of the applications give public access to certain files or are present over a particular domain. It detects and lets us know with evidence. That is quite good. It is protecting our infrastructure quite well."
"It integrates very well. We sell different products from different vendors. We know that the SentinelOne Singularity platform can be integrated with several different solutions from different vendors."
"I would definitely recommend SentinelOne Singularity Cloud Security for infrastructure security."
"The UI is responsive and user-friendly."
"It's positively affected the communication between cloud security, application developers, and AppSec teams."
"I would rate their support a ten out of ten."
"Policies are very easy to manage on a day-to-day basis."
"Key features are the Software Vulnerability Assessment and the CSM, which is the configuration check."
"Orca gives you great visibility into your assets. It shows you the issues and the things that you need to attend to first, by prioritizing things. You can see a lot of information that is not always visible, even to DevOps, to help you know about the machines and their status. It's very easy to see everything in a single dashboard. That makes it a very useful tool."
"Orca's SideScanning is the biggest feature. It's the 'wow' factor... With Orca's SideScanning, they just need permissions for your account and that makes it so simple."
"The visibility Orca provides into my environment is at the highest level... When I dropped them into the environment, from the very get-go I had more insight into the risks in my environment than I had had during the entire two and a half years I had been here."
"Orca Security has patented technologies. It's an agentless solution, so you don't need to install an agent. Instead, it contacts your account provider and fetches metadata, eliminating the need for snapshots or reserved space to copy client infrastructure."
"I find Orca Security's CIEM feature invaluable, as it focuses on entitlement and posture management, identifying assets with older OS versions, and asset misconfiguration."
"The most valuable feature of Orca Security is the automated scanning tool, user-friendliness, and ease of use."
"The best features of Orca Security include its ability to perform a lot of security controls without requiring any installation of agents, making it very easy to set up."
"Orca provides X-ray vision into everything within the cloud properties, whereas normally, this would require multiple tools."
 

Cons

"We use PingSafe and also SentinelOne. If PingSafe integrated some of the endpoint security features of SentinelOne, it would be the perfect one-stop solution for everything. We wouldn't need to switch between the products. At my organization, I am responsible for endpoint security and vulnerability management. Integrating both functions into one application would be ideal because I could see all the alerts, heat maps, and reports in one console."
"While it is good, I think the solution's console could be improved."
"We had a glitch in PingSafe where it fed us false positives in the past."
"We are experiencing problems with Cloud Native Security reporting."
"SentinelOne Singularity Cloud Security has limited legacy system support and may not fully support older operating systems or legacy environments."
"One area for improvement could be the internal analysis process, specifically the guidance provided for remediation."
"PingSafe's current documentation could be improved to better assist customers during the cluster onboarding process."
"SentinelOne currently lacks a break glass account feature, which is critical for implementing Single Sign-On."
"The reports and graphs are unintuitive."
"Of all the advertised functions, I only find two things that really work in my environment, even though I wanted to use all of them. They're not flexible enough to be used."
"In the CSM module the policies are really hard to work with it. It is not very flexible at all. I would suggest that they change that. Right now, the scan is based on the group that the server is in. What happens if the server is in multiple groups?"
"Anything outside of the software vulnerability management and the CSM, things like the GhostPort, need some improvement. The dashboard is in beta. It looks really good, I wish it would come out of beta."
"Another improvement would be that, in addition to focusing on endpoint compliance, they would focus on general compliance."
"The documentation for Orca Security could be improved."
"I would like to see an option to do security checks on a code level. This is possible because they have access to all of the code running in the cloud provider, and combining their site-scanning solution with that would be a nice add-on."
"A notable limitation with Orca Security is its scanning feature. The automatic scan only runs every 24 hours, and if an alert is remediated within an hour, it still remains until the next scheduled scan."
"The main drawback in an agentless approach is that if the solution detects a virus or malware in the environment, we need to manually remove it. But from my experience with other production environments, it's not straightforward to install agents in the hope they will automatically remediate viruses, even from production environments... Ultimately, the ability to auto-remediate is something that I would like to see."
"I think Orca could give me more alerts. It could give me a dashboard with all the specific types of alerts I want to see for the day. It should just be one click."
"The automatic scan only runs every 24 hours, and if an alert is remediated within an hour, it still remains until the next scheduled scan."
"Orca needs improvement in snoozing or dismissing specific alarms."
 

Pricing and Cost Advice

"The tool is cost-effective."
"SentinelOne is quite costly compared to other security platforms."
"The cost for PingSafe is average when compared to other CSPM tools."
"SentinelOne Singularity Cloud Security is costly."
"It is cost-effective compared to other solutions in the market."
"PingSafe falls somewhere in the middle price range, neither particularly cheap nor expensive."
"It is cheap."
"The pricing is fair. It is not inexpensive, and it is also not expensive. When managing a large organization, it is going to be costly, but it meets the business needs. In terms of what is out there on the market, it is fair and comparable to what I have seen, so I do not have any complaints about the cost"
"CloudPassage is a little bit on the expensive side. So my suggestion is that the company lower its price point a wee bit or sell modules, separate them in modules, because I only find two things that are useful to me, yet I pay for four or five modules. It didn't seem like it was a fair deal."
"We also evaluated VMware NSX, but the pricing and features available in a CloudPassage implementation were decisive in deciding to go with CP."
"Overall, the pricing is reasonable and the discounts have been acceptable."
"The most expensive solution is Palo Alto. They claim to be very robust. The next most expensive is Wiz, followed by Orca and all the rest."
"While it's competitive with Palo Alto Prisma, I think Orca's list price is very high. I would advise Orca to lower it because, at that price, I might consider alternatives like Wiz, which also offers agentless services."
"The price is a bit expensive for smaller organizations."
"Orca Security is cheaper compared to other solutions in the same space."
"The pricing depends on how many assets you have running in your cloud and how many environments you have. If you have a dev environment, test environment, and a production environment then it's really important that you have coverage for all of them."
"Orca is very competitive when compared to the alternatives and is not the most expensive in the market, that's for sure."
"It is the cost of the visibility that you get. When you really sit down and think about what do you need to do to secure an environment with a low impact on the business, and you take a look out into the world, I think this tool is well justified around cost."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
845,406 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
16%
Manufacturing Company
9%
Government
5%
No data available
Computer Software Company
17%
Financial Services Firm
13%
Manufacturing Company
9%
University
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
It is cost-effective compared to other solutions in the market.
What needs improvement with PingSafe?
In version 2, a lot of rules have been deployed for Kubernetes security and CDR, which makes a lot of issues of criti...
Ask a question
Earn 20 points
What do you like most about Orca Security?
It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just ...
What needs improvement with Orca Security?
Orca Security could improve its ticket creation process. Currently, it allows for creating tickets in only one bucket...
What is your primary use case for Orca Security?
I am primarily using Orca Security for cloud security. Being part of the vulnerability management team, I utilize Orc...
 

Also Known As

PingSafe
CloudPassage Halo
No data available
 

Overview

 

Sample Customers

Information Not Available
Citrix
BeyondTrust, Postman, Digital Turbine, Solarisbank, Lemonade, C6 Bank, Docebo, Vercel, and Vivino
Find out what your peers are saying about CloudPassage vs. Orca Security and other solutions. Updated: February 2025.
845,406 professionals have used our research since 2012.