Try our new research platform with insights from 80,000+ expert users

Orca Security vs Prisma Cloud by Palo Alto Networks comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Container Security
3rd
Ranking in Cloud Workload Protection Platforms (CWPP)
4th
Ranking in Cloud Security Posture Management (CSPM)
4th
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
3rd
Average Rating
8.6
Reviews Sentiment
7.8
Number of Reviews
103
Ranking in other categories
Vulnerability Management (6th), Cloud and Data Center Security (5th), Compliance Management (3rd)
Orca Security
Ranking in Container Security
9th
Ranking in Cloud Workload Protection Platforms (CWPP)
8th
Ranking in Cloud Security Posture Management (CSPM)
6th
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
6th
Average Rating
9.0
Reviews Sentiment
7.9
Number of Reviews
19
Ranking in other categories
Vulnerability Management (9th), Data Security Posture Management (DSPM) (6th), Cloud Detection and Response (CDR) (2nd)
Prisma Cloud by Palo Alto N...
Ranking in Container Security
1st
Ranking in Cloud Workload Protection Platforms (CWPP)
1st
Ranking in Cloud Security Posture Management (CSPM)
2nd
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
1st
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
108
Ranking in other categories
Web Application Firewall (WAF) (5th), Data Security Posture Management (DSPM) (1st)
 

Featured Reviews

Andrew W - PeerSpot reviewer
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.
CHINTAN MEHTA - PeerSpot reviewer
Consolidating security tools with comprehensive cloud visibility
The documentation for Orca Security could be improved. The compliance framework also needs enhancements, especially concerning integrations with other tools like ServiceNow's vulnerability modules, which are not as mature as expected. It should also increase its capability to ingest data from other security tools like CloudSight for endpoint detection and provide real-time monitoring.
VISHWJEET GAIKWAD - PeerSpot reviewer
Works very well for multi-cloud environments and is more cost-effective than cloud-native tools
Some of the clients onboard individual cloud accounts into Prisma Cloud. When any new service comes into the AWS, Azure, or any other cloud, Prisma Cloud generates a warning about the new service and any missing permissions to be able to ingest the logs. We then manually run a Terraform template for Azure or a CFT template for AWS. It is a manual task that we have to do as and when needed. It is a repetitive and manual task. They should find a way to automatically update the role with the CFT or Terraform template. It would be best if this task is automated. When an account is onboarded, if it is missing any permission, it should automatically be updated with the required permissions and policies. If they can do something from the AI security perspective, it will be helpful. I am not sure if it has any AI capabilities, but it would be helpful to have AI integration for finding out issues and remediating alerts.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It is fairly simple. Anybody can use it."
"My favorite feature is Storyline."
"Atlas security graph is pretty cool. It maps out relationships between components on AWS, like load balancers and servers. This helps visualize potential attack paths and even suggests attack paths a malicious actor might take."
"I would definitely recommend SentinelOne Singularity Cloud Security for infrastructure security."
"The features that stand out are threat detection using advanced artificial intelligence and machine learning, helping to identify and respond to threats in real-time."
"I did a lot of research before signing up and doing the demo. They have a good reputation as far as catching threats early on."
"The agentless vulnerability scanning is great."
"It is advantageous in terms of time-saving and cost reduction."
"I recommend Orca Security to others looking for a cloud security solution due to its seamless integration and side-scanning technology that does not hamper cloud asset performance."
"There are so many valuable features that I could list, but one that I appreciate is the PCI DSS compliance report."
"One of the valuable features of Orca Security is its design and options that allow flexible filtering and user-friendly visualization."
"With its Cloud Security Posture Management capability, we have the ability to read across all of our cloud-based environments, which includes AWS and Azure. We have visibility into those environments. Seeing all vulnerabilities and configurations is really powerful for us, but ultimately, the ability to use the API to query across the fleet to understand what is the current state, what is the patch level, which ones are potentially exposed for a new CVE that just came out is even more valuable. It allows us to gather really specific intelligence through simple queries."
"The reporting and automated remediation capabilities are valuable to me. They're real game-changers."
"The visibility Orca provides into my environment is at the highest level... When I dropped them into the environment, from the very get-go I had more insight into the risks in my environment than I had had during the entire two and a half years I had been here."
"Orca's SideScanning is the biggest feature. It's the 'wow' factor... With Orca's SideScanning, they just need permissions for your account and that makes it so simple."
"Another valuable feature with Orca, something that's not talked about enough, is its ability to rank your gaps and your tasks... You can get visibility with agents and there are a lot of ways to do that. But the ranking and the context across the entire environment, that is what is unique about Orca."
"The Twistlock vulnerability scanning tool is its most valuable feature. It provides us insight into security vulnerabilities, running inside both on-premise and public cloud-based container platforms. It is filling a gap that we have with traditional vulnerability scanning tools, where we don't have the ability to scan inside containers."
"CSPM is the most valuable feature."
"It has helped us build confidence in our security and compliance. Prisma Cloud enables us to implement all these SOC 2 compliances and check the security. It provides visibility and control regardless of how complex our environment is."
"The product provides very good network security."
"Prisma Cloud is quite simple to use. The web GUI is powerful. Prisma Cloud scans the overall architecture of the AWS network to identify open ports and other vulnerabilities, then highlights them."
"The solution will streamline and minimize manual efforts."
"Due to the maturity of most companies, security posture management is the most valuable feature."
"The most valuable feature is the option to add custom queries using the RQL language that they supply so that we can customize the compliance frameworks to what we need to look for."
 

Cons

"The documentation that I use for the initial setup can be more detailed or written in a more user-friendly language to avoid troubles."
"We repeatedly get alerts on the tool dashboard that we've already solved on our end, but they still appear. That is somewhat irritating."
"I believe the UI/UX updates for SentinelOne Singularity Cloud Security have room for improvement."
"The cloud-based operations might pose challenges in areas with limited or unavailable internet connectivity. Desktop features might be useful for smaller organizations with less complex security needs."
"For vulnerabilities, they are showing CVE ID. The naming convention should be better so that it indicates the container where a vulnerability is present. Currently, they are only showing CVE ID, but the same CVE ID might be present in multiple containers. We would like to have the container name so that we can easily fix the issue."
"A beneficial improvement for PingSafe would be integration with Jira, allowing for a more streamlined ticketing system."
"I export CSV. I cannot export graphs. Restricting it to the CSV format has its own disadvantages. These are all machine IP addresses and information. I cannot change it to the JSON format. The export functionality can be improved."
"There can be a specific type of alert showing that a new type of risk has been identified."
"The solution could improve by making the dashboards more elaborative and more descriptive."
"I would be happy if they offered more automatic remediation options. They're working on that, but the more the better. For example, if they want you to harden a server, they would offer a hardening script that would be more aware of what's going on."
"We are PCI DSS compliant, so we need to scan our environment externally with tools vetted by the PCI DSS organization. Orca doesn't scan the environment externally. It only scans what's currently in the cloud."
"They can expand a little bit in anti-malware detection. While we have pretty good confidence that it's going to detect some of the static malware, some of the detections are heuristics. There could be a growth in the library from where they're pulling their information, but we don't get a lot of those alerts based on the design of our products. In general, that might be an area that needs to be filled since they offer it as a service within it."
"The presentation of the data in the dashboard is a little bit chaotic."
"As with all software, the user interface can always be made simpler to use. It would be helpful for people with very little knowledge, like somebody sitting behind the SOC, to allow them to be able to drill down into things a little bit easier than it is currently."
"I think Orca could give me more alerts. It could give me a dashboard with all the specific types of alerts I want to see for the day. It should just be one click."
"In the future, I'd like to see Orca work better with third-party vendors. Specifically, being able to provide sanitized results from third parties."
"The feedback that we have given to the Palo Alto team is that the UI can be improved. When you press the "back" button on your browser from the Investigate tab, the query that you're working on just disappears. It won't keep the query on the "back" button."
"Though Prisma Cloud by Palo Alto Networks provides excellent security, is a pioneer in this space, and knows what it's doing, from a user perspective, it would have been better if it was a little easier to use."
"It provides all the cloud details but is not entirely linked to the compute model."
"The solution does not currently support servers for GCP."
"The tool's UI is an area with certain shortcomings where improvements are required."
"Prisma Cloud's dashboards should be customizable. That's very important. Other similar solutions are more elastic so you have the power to create customized dashboards. In Prisma Cloud, you cannot do that."
"These tools have a set of signatures or rules that will alert you whenever something meets the criteria. In the future, they might include some machine learning or AI feature that allows you to ask questions about the context of the alert, and it will provide you answers based on the data that they have. Most vendors are doing it, and I believe they will do it in the future. The reporting bar could also use AI to add context based on the environment."
"I would like Prisma Cloud to improve its mapping feature to increase usability."
 

Pricing and Cost Advice

"SentinelOne Singularity Cloud Security is costly."
"We found it to be fine for us. Its price was competitive. It was something we were happy with. We are not a Fortune 500 company, so I do not know how pricing scales at the top end, but for our cloud environment, it works very well."
"PingSafe is less expensive than other options."
"PingSafe is not very expensive compared to Prisma Cloud, but it's also not that cheap. However, because of its features, it makes sense to us as a company. It's fairly priced."
"I would rate the cost a seven out of ten with ten being the most costly."
"PingSafe falls somewhere in the middle price range, neither particularly cheap nor expensive."
"The tool is cost-effective."
"As a partner, we receive a discount on the licenses."
"Orca is very competitive when compared to the alternatives and is not the most expensive in the market, that's for sure."
"The price is a bit expensive for smaller organizations."
"The pricing depends on how many assets you have running in your cloud and how many environments you have. If you have a dev environment, test environment, and a production environment then it's really important that you have coverage for all of them."
"We have a total of 25 licenses for this solution. The solution is on a pay-and-you-use model."
"It is the cost of the visibility that you get. When you really sit down and think about what do you need to do to secure an environment with a low impact on the business, and you take a look out into the world, I think this tool is well justified around cost."
"Overall, the pricing is reasonable and the discounts have been acceptable."
"I think their pricing model is aligned with market demand. Of course, Orca could probably better align their pricing model with the needs of smaller businesses as well as some larger-scale enterprises with millions of assets. But in all fairness, I think the Orca sales team has been accommodating and ensured that we're happy with the pricing."
"While it's competitive with Palo Alto Prisma, I think Orca's list price is very high. I would advise Orca to lower it because, at that price, I might consider alternatives like Wiz, which also offers agentless services."
"Prisma Cloud is a high-end enterprise solution, making it quite expensive."
"Our licensing fees are $18,000 USD per year."
"The pricing is good. They gave us some good discounts right at the end of the year based on the value that it brings, visibility, and the ability to build in cloud, compliance, and security within one dashboard."
"Its licensing cost depends on the type of license such as the business license or the enterprise license. The enterprise license is costlier than the business license, but we get more visibility and more modules. If you have a multi-cloud environment and subscribe to each cloud's native CSPM tool, it is costly. If you are using a single tool like Prisma Cloud, with a single license, you can monitor all environments, such as Google Cloud, Azure, AWS, and Oracle Cloud. The cost of Prisma Cloud is less than the cost of subscribing to the CSPM tool of each cloud provider. This is where Prisma Cloud can save costs."
"If a competitor came along and said, "We'll give you half the price," that doesn't necessarily mean that's the right answer, at all. We wouldn't necessarily entertain it that way. Does it do what we need it to do? Does it work with the things that we want it to work with? That is the important part for us. Pricing wasn't the big consideration it might be in some organizations. We spend millions on public cloud. In that context, it would not make sense to worry about the small price differences that you get between the products."
"The cost was not on the higher side. Overall, the cost gets recovered with its implementation."
"Prisma Cloud is quite scalable. In our current licensing model, we're able to heavily extend our cloud workload and onboard a lot of customers. It really helps, and it is on par with other solutions."
"Prisma Cloud is more expensive than some other solutions, but when we consider all of its use cases, the cost averages out."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
831,265 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
19%
Financial Services Firm
15%
Manufacturing Company
9%
Government
5%
Computer Software Company
17%
Financial Services Firm
13%
Manufacturing Company
8%
University
6%
Educational Organization
17%
Financial Services Firm
13%
Computer Software Company
13%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
SentinelOne is relatively cheap. If ten is the most expensive, I would rate it a seven.
What needs improvement with PingSafe?
The areas with room for improvement include the cost, which is higher compared to other security platforms. The dashb...
What do you like most about Orca Security?
It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just ...
What needs improvement with Orca Security?
Orca Security could improve its ticket creation process. Currently, it allows for creating tickets in only one bucket...
What is your primary use case for Orca Security?
I am primarily using Orca Security for cloud security. Being part of the vulnerability management team, I utilize Orc...
What is your primary use case for Prisma Cloud by Palo Alto Networks ?
Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
What Cloud-Native Application Protection Platform do you recommend?
We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We...
What do you think of Aqua Security vs Prisma Cloud?
Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valu...
 

Also Known As

PingSafe
No data available
Palo Alto Networks Prisma Cloud, Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
 

Overview

 

Sample Customers

Information Not Available
BeyondTrust, Postman, Digital Turbine, Solarisbank, Lemonade, C6 Bank, Docebo, Vercel, and Vivino
Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
Find out what your peers are saying about Orca Security vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: January 2025.
831,265 professionals have used our research since 2012.