Try our new research platform with insights from 80,000+ expert users

Microsoft Defender for Cloud vs Orca Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Vulnerability Management
6th
Ranking in Container Security
3rd
Ranking in Cloud Workload Protection Platforms (CWPP)
4th
Ranking in Cloud Security Posture Management (CSPM)
3rd
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
3rd
Average Rating
8.8
Reviews Sentiment
7.8
Number of Reviews
109
Ranking in other categories
Cloud and Data Center Security (5th), Compliance Management (2nd)
Microsoft Defender for Cloud
Ranking in Vulnerability Management
7th
Ranking in Container Security
4th
Ranking in Cloud Workload Protection Platforms (CWPP)
2nd
Ranking in Cloud Security Posture Management (CSPM)
4th
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
4th
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
76
Ranking in other categories
Container Management (9th), Data Security Posture Management (DSPM) (3rd), Microsoft Security Suite (4th), Compliance Management (3rd)
Orca Security
Ranking in Vulnerability Management
8th
Ranking in Container Security
11th
Ranking in Cloud Workload Protection Platforms (CWPP)
5th
Ranking in Cloud Security Posture Management (CSPM)
6th
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
6th
Average Rating
9.0
Reviews Sentiment
7.8
Number of Reviews
20
Ranking in other categories
Data Security Posture Management (DSPM) (6th), Cloud Detection and Response (CDR) (2nd)
 

Mindshare comparison

As of April 2025, in the Cloud Security Posture Management (CSPM) category, the mindshare of SentinelOne Singularity Cloud Security is 2.5%, up from 1.1% compared to the previous year. The mindshare of Microsoft Defender for Cloud is 10.4%, down from 12.5% compared to the previous year. The mindshare of Orca Security is 6.7%, down from 9.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Security Posture Management (CSPM)
 

Featured Reviews

Andrew W - PeerSpot reviewer
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.
Vibhor Goel - PeerSpot reviewer
A single tool for complete visibility and addressing security gaps
Currently, issues are structured in Microsoft Defender for Cloud at severity levels of high, critical, or warning, but these severity levels are not always right. For example, Microsoft might consider a port being open as critical, but that might not be the case for our company. Similarly, it might suggest closing some management ports, but you might need them to be able to log in, so the severity levels for certain things can be improved. Even though Microsoft Defender for Cloud provides a way to temporarily disable certain alerts or notifications without affecting our security score, it would be better to have more granularized control over these recommendations. Currently, we cannot even disable certain alerts or notifications. There should be an automated mechanism to design Azure policies based on the recommendations, possibly with AI integration. Instead of an engineer having to write a policy to fix security gaps, which is very time-consuming, there should be an inbuilt capability to auto-remediate everything and have proper control in place. Additionally, enabling Defender for Cloud at the resource group level, rather than only at the subscription level, would be beneficial.
CHINTAN MEHTA - PeerSpot reviewer
Consolidating security tools with comprehensive cloud visibility
The documentation for Orca Security could be improved. The compliance framework also needs enhancements, especially concerning integrations with other tools like ServiceNow's vulnerability modules, which are not as mature as expected. It should also increase its capability to ingest data from other security tools like CloudSight for endpoint detection and provide real-time monitoring.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Singularity Cloud Workload Security provides us with better security detection and more visibility. It is another resource that we can use to detect vulnerabilities in our company's systems. For example, it can help us detect new file processes that we are not familiar with, which could be used by attackers to exploit our systems. Singularity Cloud Workload Security can also help us diagnose and analyze data to determine whether it is malicious or not. Singularity Cloud Workload Security is like another pair of eyes that can help us protect our systems from cyberattacks."
"It is very straightforward. It is not complicated. For the information that it provides, it does a pretty good job."
"We really appreciate the Slack integration. When we have an incident, we get an instant notification. We also use Joe Sandbox, which Singularity can integrate with, so we can verify if a threat is legitimate."
"We like PingSafe's vulnerability assessment and management features, and its vulnerability databases."
"We use the infrastructure as code scanning, which is good."
"It has a user-friendly dashboard that I can access without any difficulty."
"The most valuable feature of PingSafe is its integration with most of our technology stack, specifically all of our cloud platforms and ticketing software."
"For Singularity, the task capability is easy to use and it has a very intuitive dashboard, which streamlines the processes."
"The most valuable features of the solution are the insights, meaning the remediation suggestions, as well as the incident alerts."
"My favorite part of Microsoft Defender for Cloud is the compliance features. Defender covers a wide range of workloads, on par with competing products on the market."
"The main feature is the security posture assessment through the security score. I find that to be very helpful because it gives us guidance on what needs to be secured and recommendations on how to secure the workloads that have been onboarded."
"When we started out, our secure score was pretty low. We adopted some of the recommendations that Security Center set out and we were able to make good progress on improving it. It had been in the low thirties and is now in the upper eighties."
"I would rate Microsoft Defender for Cloud a ten out of ten."
"The most valuable feature of Microsoft Defender for Cloud is its ability to assess an environment and give us a clear idea of what security components are lacking and which are not."
"Microsoft Defender for Cloud helps in improving our overall security posture. We have a nice overview of what is missing where and what can be improved."
"Defender for Cloud provides a prioritized list of remediations for security issues, reducing risk and improving security operations."
"The reporting and automated remediation capabilities are valuable to me. They're real game-changers."
"I find Orca Security's CIEM feature invaluable, as it focuses on entitlement and posture management, identifying assets with older OS versions, and asset misconfiguration."
"Another valuable feature with Orca, something that's not talked about enough, is its ability to rank your gaps and your tasks... You can get visibility with agents and there are a lot of ways to do that. But the ranking and the context across the entire environment, that is what is unique about Orca."
"The initial setup is very easy."
"With its Cloud Security Posture Management capability, we have the ability to read across all of our cloud-based environments, which includes AWS and Azure. We have visibility into those environments. Seeing all vulnerabilities and configurations is really powerful for us, but ultimately, the ability to use the API to query across the fleet to understand what is the current state, what is the patch level, which ones are potentially exposed for a new CVE that just came out is even more valuable. It allows us to gather really specific intelligence through simple queries."
"The GUI features are very good. Threat intelligence is also very good."
"There are so many valuable features that I could list, but one that I appreciate is the PCI DSS compliance report."
"The most valuable feature of Orca Security is the automated scanning tool, user-friendliness, and ease of use."
 

Cons

"We are experiencing problems with Cloud Native Security reporting."
"I would like additional integrations."
"I believe the UI/UX updates for SentinelOne Singularity Cloud Security have room for improvement."
"I export CSV. I cannot export graphs. Restricting it to the CSV format has its own disadvantages. These are all machine IP addresses and information. I cannot change it to the JSON format. The export functionality can be improved."
"One of the issues with the product stems from the fact that it clubs different resources under one ticket."
"The documentation could be better."
"I'd like to see better onboarding documentation."
"PingSafe is an excellent CSPM tool, but the CWPP features need to improve, and there is a scope for more application security posture management features. There aren't many ASPM solutions on the market, and existing ones are costly. I would like to see PingSafe develop into a single pane of glass for ASPM, CSPM, and CWPP. Another feature I'd like to see is runtime protection."
"The solution could improve by being more intuitive and easier to use requiring less technical knowledge."
"I would like to see more connectors and plugins with other platforms."
"Defender is occasionally unreliable. It isn't 100% efficient in terms of antivirus detection, but it isn't an issue most of the time. It's also somewhat difficult to train new security analysts to use Defender."
"Another thing that could be improved was that they could recommend processes on how to react to alerts, or recommend best practices based on how other organizations do things if they receive an alert about XYZ."
"One of the main challenges that we have been facing with Azure Security Center is the cost. The costs are really a complex calculation, e.g., to calculate the monthly costs. Azure is calculating on an hourly basis for use of the resource. Because of this, we found it really complex to promote what will be our costs for the next couple of months. I think if Azure could reduce the complex calculation and come up with straightforward cost mapping that would be very useful from a product point of view."
"For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful."
"Early on, the lack of transparency is a challenge. Microsoft does not tell you the cost when they launch something."
"From a compliance standpoint, they can include some more metrics and some specific compliances such as GDPR."
"There were a couple of times when Orca was down when I was trying to access it. I work strange hours because all of my team is in the UK right now. It was 2 a.m. on a Saturday and I was trying to log in but it wasn't working. But relative to my other security tools, Orca is definitely the most stable that I've seen."
"We are PCI DSS compliant, so we need to scan our environment externally with tools vetted by the PCI DSS organization. Orca doesn't scan the environment externally. It only scans what's currently in the cloud."
"The documentation for Orca Security could be improved."
"Orca Security could improve its ticket creation process. Currently, it allows for creating tickets in only one bucket, which requires monitoring to redirect tickets to the appropriate team."
"Orca Security could improve its ticket creation process."
"I would be happy if they offered more automatic remediation options. They're working on that, but the more the better. For example, if they want you to harden a server, they would offer a hardening script that would be more aware of what's going on."
"Orca Security can be improved as there should be some kind of central pane of glass. Similar to how cloud management works, Orca Security should have something comparable."
"As with all software, the user interface can always be made simpler to use. It would be helpful for people with very little knowledge, like somebody sitting behind the SOC, to allow them to be able to drill down into things a little bit easier than it is currently."
 

Pricing and Cost Advice

"The pricing is fair. It is not inexpensive, and it is also not expensive. When managing a large organization, it is going to be costly, but it meets the business needs. In terms of what is out there on the market, it is fair and comparable to what I have seen, so I do not have any complaints about the cost"
"Its pricing was a little less than other providers."
"PingSafe is cost-effective for the amount of infrastructure we have. It's reasonable for what they offer compared to our previous solution. It's at least 25 percent to 30 percent less."
"PingSafe falls within the typical price range for cloud security platforms."
"Pricing is based on modules, which was ideal for us."
"PingSafe is affordable."
"The cost for PingSafe is average when compared to other CSPM tools."
"While SentinelOne Singularity Cloud Security offers robust protection, its high cost may be prohibitive for small and medium-sized businesses."
"Our clients complain about the cost of Microsoft Defender for Cloud."
"The product's pricing policy is generally favorable."
"This is a worldwide service and depending on the country, there will be different prices."
"We only use the free tier, so we haven't faced any pricing, setup costs, or licensing challenges."
"There is a helpful cost-reducing option that allows you to integrate production subscriptions with non-production subscriptions."
"The pricing and licensing of Microsoft Defender for Cloud have been good for us. We appreciate the licensing approach based on employee count rather than a big enterprise license."
"While we pay for any additional features, the pricing seems competitive, though I am not involved in the specific cost details."
"Azure Defender is definitely pricey, but their competitors cost about the same. For example, a Palo Alto solution is the same price per endpoint, but the ground strikes cost a bit more than Azure Defender. Still, it's pricey for a company like ours. Maybe well-established organizations can afford it, but it might be too costly for a startup."
"Overall, the pricing is reasonable and the discounts have been acceptable."
"Its license is a bit expensive."
"We have a total of 25 licenses for this solution. The solution is on a pay-and-you-use model."
"The most expensive solution is Palo Alto. They claim to be very robust. The next most expensive is Wiz, followed by Orca and all the rest."
"It is the cost of the visibility that you get. When you really sit down and think about what do you need to do to secure an environment with a low impact on the business, and you take a look out into the world, I think this tool is well justified around cost."
"While it's competitive with Palo Alto Prisma, I think Orca's list price is very high. I would advise Orca to lower it because, at that price, I might consider alternatives like Wiz, which also offers agentless services."
"I think their pricing model is aligned with market demand. Of course, Orca could probably better align their pricing model with the needs of smaller businesses as well as some larger-scale enterprises with millions of assets. But in all fairness, I think the Orca sales team has been accommodating and ensured that we're happy with the pricing."
"Orca is very competitive when compared to the alternatives and is not the most expensive in the market, that's for sure."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
848,576 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
16%
Manufacturing Company
9%
Government
5%
Computer Software Company
14%
Financial Services Firm
13%
Manufacturing Company
9%
Government
7%
Computer Software Company
17%
Financial Services Firm
13%
Manufacturing Company
9%
University
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
It is cost-effective compared to other solutions in the market.
What needs improvement with PingSafe?
The documentation could be better. Besides improving the documentation, obtaining a professional or partner specializ...
How is Prisma Cloud vs Azure Security Center for security?
Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening acros...
What do you like most about Microsoft Defender for Cloud?
The entire Defender Suite is tightly coupled, integrated, and collaborative.
What is your experience regarding pricing and costs for Microsoft Defender for Cloud?
Initially, the cost was reasonable, but additional services from Microsoft sometimes incur extra expenses that seem h...
What do you like most about Orca Security?
It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just ...
What needs improvement with Orca Security?
Orca Security could improve its ticket creation process. Currently, it allows for creating tickets in only one bucket...
What is your primary use case for Orca Security?
I am primarily using Orca Security for cloud security. Being part of the vulnerability management team, I utilize Orc...
 

Also Known As

PingSafe
Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
No data available
 

Interactive Demo

Demo not available
Demo not available
 

Overview

 

Sample Customers

Information Not Available
Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
BeyondTrust, Postman, Digital Turbine, Solarisbank, Lemonade, C6 Bank, Docebo, Vercel, and Vivino
Find out what your peers are saying about Microsoft Defender for Cloud vs. Orca Security and other solutions. Updated: March 2025.
848,576 professionals have used our research since 2012.