Try our new research platform with insights from 80,000+ expert users

Orca Security vs Salt Security comparison

Orca Security and Salt Security are both solutions in the API Security category. Additionally, 100% of Orca Security users are willing to recommend the solution, compared to 100% of Salt Security users who would recommend it.
Orca Security
Read 20 Orca Security reviews
    100% willing to recommend
    Salt Security
    Read 1 Salt Security review
    • 1,059 Views
    • 811 Comparison Views
    100% willing to recommend
     

    Comparison Buyer's Guide

    Download the report
    Executive Summary
    We performed a comparison between Orca Security and Salt Security based on real PeerSpot user reviews.

    Find out what your peers are saying about Akamai, F5, Checkmarx and others in API Security.

    DOWNLOAD THE COMPLETE REPORT
    To learn more, read our detailed API Security Report (Updated: March 2025).
    Buyer's Guide
    API Security
    March 2025
    Download the complete report
    Helped 848,716 peers since 2012

    Review summaries and opinions

    We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
     

    Categories and Ranking

    Orca Security
    Average Rating
    9.0
    Reviews Sentiment
    7.8
    Number of Reviews
    20
    Ranking in other categories
    Vulnerability Management (8th), Container Security (11th), Cloud Workload Protection Platforms (CWPP) (5th), Cloud Security Posture Management (CSPM) (6th), Cloud-Native Application Protection Platforms (CNAPP) (6th), Data Security Posture Management (DSPM) (6th), Cloud Detection and Response (CDR) (2nd)
    Salt Security
    Average Rating
    0.0
    Reviews Sentiment
    8.7
    Number of Reviews
    1
    Ranking in other categories
    API Security (4th)
     

    Featured Reviews

    CHINTAN MEHTA - PeerSpot reviewer
    Consolidating security tools with comprehensive cloud visibility
    The documentation for Orca Security could be improved. The compliance framework also needs enhancements, especially concerning integrations with other tools like ServiceNow's vulnerability modules, which are not as mature as expected. It should also increase its capability to ingest data from other security tools like CloudSight for endpoint detection and provide real-time monitoring.
    Read full review
    IgmarRautenbach - PeerSpot reviewer
    Provides visibility and control over all APIs
    I've built integrations for different systems, and some specific integrations might not be built in yet. This might be an issue for large customers but is not a major concern overall. So, the integration part could be a bit extended. Every organization has different systems, but Salt integrates with 90% of them. If a custom integration is needed, they can build it. They're very good at integrations. So, Salt Security can provide a proof of concept with system integration and share results within two weeks, which often leads to customer purchases. At this point, the product covers everything needed. They keep adding new features, and my local customers haven't requested any missing functionality. The product roadmap is good for the market.
    Read full review

    Quotes from Members

    We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
     

    Pros

    "The best features of Orca Security include its ability to perform a lot of security controls without requiring any installation of agents, making it very easy to set up."
    "Another valuable feature with Orca, something that's not talked about enough, is its ability to rank your gaps and your tasks... You can get visibility with agents and there are a lot of ways to do that. But the ranking and the context across the entire environment, that is what is unique about Orca."
    "Orca's platform provides an agentless data collection facility that collects information directly from the cloud using APIs, with zero impact on performance."
    "Orca Security has patented technologies. It's an agentless solution, so you don't need to install an agent. Instead, it contacts your account provider and fetches metadata, eliminating the need for snapshots or reserved space to copy client infrastructure."
    "The vulnerability management does not require network scanning or agent technology, so I don't need to modify any of my products in order to do vulnerability assessments."
    "I recommend Orca Security to others looking for a cloud security solution due to its seamless integration and side-scanning technology that does not hamper cloud asset performance."
    "Orca's dashboard is excellent. My team needs to be able to focus on specific areas for improvement in our cloud environment. And most recently, we've started to get good use out of sonar, the search capabilities, and the alert creation."
    "Once our organization is configured, any cloud account under that organization is automatically detected in Orca Security, along with all the assets associated with it."
    More Orca Security pros
    "It's really great. I would rate the stability a nine out of ten. I haven't encountered any instability issues."
     

    Cons

    "There were a couple of times when Orca was down when I was trying to access it. I work strange hours because all of my team is in the UK right now. It was 2 a.m. on a Saturday and I was trying to log in but it wasn't working. But relative to my other security tools, Orca is definitely the most stable that I've seen."
    "I would be happy if they offered more automatic remediation options. They're working on that, but the more the better. For example, if they want you to harden a server, they would offer a hardening script that would be more aware of what's going on."
    "Orca Security can be improved as there should be some kind of central pane of glass. Similar to how cloud management works, Orca Security should have something comparable."
    "The documentation for Orca Security could be improved."
    "A notable limitation with Orca Security is its scanning feature. The automatic scan only runs every 24 hours, and if an alert is remediated within an hour, it still remains until the next scheduled scan."
    "I would like to see better customization options for security frameworks and better integration with reporting tools like Power BI or Grafana dashboards."
    "I think Orca could give me more alerts. It could give me a dashboard with all the specific types of alerts I want to see for the day. It should just be one click."
    "Orca Security could improve its ticket creation process. Currently, it allows for creating tickets in only one bucket, which requires monitoring to redirect tickets to the appropriate team."
    More Orca Security cons
    "The integration part could be a bit extended."
     

    Pricing and Cost Advice

    "While it's competitive with Palo Alto Prisma, I think Orca's list price is very high. I would advise Orca to lower it because, at that price, I might consider alternatives like Wiz, which also offers agentless services."
    "The most expensive solution is Palo Alto. They claim to be very robust. The next most expensive is Wiz, followed by Orca and all the rest."
    "We have a total of 25 licenses for this solution. The solution is on a pay-and-you-use model."
    "Its license is a bit expensive."
    "The pricing depends on how many assets you have running in your cloud and how many environments you have. If you have a dev environment, test environment, and a production environment then it's really important that you have coverage for all of them."
    "Orca Security charges are based on cloud workloads. So, it's based on workloads. If we look at one feature, it might be expensive."
    "The price is a bit expensive for smaller organizations."
    "Orca is very competitive when compared to the alternatives and is not the most expensive in the market, that's for sure."
    More Orca Security pricing and cost advice
    Information not available
    report
    See which vendors are best for you
    Use our free recommendation engine to learn which API Security solutions are best for your needs.
    See recommendations
    848,716 professionals have used our research since 2012.
     

    Top Industries

    By visitors reading reviews
    Computer Software Company
    17%
    Financial Services Firm
    13%
    Manufacturing Company
    9%
    University
    6%
    Financial Services Firm
    17%
    Computer Software Company
    17%
    Manufacturing Company
    10%
    Comms Service Provider
    7%
     

    Company Size

    By reviewers
    Large Enterprise
    Midsize Enterprise
    Small Business
    No data available
     

    Questions from the Community

    What do you like most about Orca Security?
    It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just scan the entire assets in the cloud.
    See all answers
    What needs improvement with Orca Security?
    Orca Security could improve its ticket creation process. Currently, it allows for creating tickets in only one bucket, which requires monitoring to redirect tickets to the appropriate team. It woul...
    See all answers
    What is your primary use case for Orca Security?
    I am primarily using Orca Security for cloud security. Being part of the vulnerability management team, I utilize Orca Security for generating vulnerability alerts on cloud assets.
    See all answers
    What do you like most about Salt Security?
    It's really great. I would rate the stability a nine out of ten. I haven't encountered any instability issues.
    See all answers
    What is your experience regarding pricing and costs for Salt Security?
    It is an annual subscription fee. It's very affordable. The value it provides justifies the cost, considering automation and availability features. Compared to other solutions, it's within a typica...
    See all answers
    What needs improvement with Salt Security?
    I've built integrations for different systems, and some specific integrations might not be built in yet. This might be an issue for large customers but is not a major concern overall. So, the integ...
    See all answers
     

    Comparisons

    Wiz vs Orca Security Logo
    Wiz vs Orca Security
    Compared 36% of the time
    Microsoft Defender for Cloud vs Orca Security Logo
    Microsoft Defender for Cloud vs Orca Security
    Compared 9% of the time
    Prisma Cloud by Palo Alto Networks vs Orca Security Logo
    Prisma Cloud by Palo Alto Networks vs Orca Security
    Compared 7% of the time
    CrowdStrike Falcon Cloud Security vs Orca Security Logo
    CrowdStrike Falcon Cloud Security vs Orca Security
    Compared 5% of the time
    AWS Security Hub vs Orca Security Logo
    AWS Security Hub vs Orca Security
    Compared 4% of the time
    More Orca Security Competitors
    Akamai API Security vs Salt Security Logo
    Akamai API Security vs Salt Security
    Compared 47% of the time
    Cequence Security vs Salt Security Logo
    Cequence Security vs Salt Security
    Compared 20% of the time
    42Crunch API Security Platform vs Salt Security Logo
    42Crunch API Security Platform vs Salt Security
    Compared 10% of the time
    Traceable AI vs Salt Security Logo
    Traceable AI vs Salt Security
    Compared 10% of the time
    Wallarm NG WAF vs Salt Security Logo
    Wallarm NG WAF vs Salt Security
    Compared 5% of the time
    More Salt Security Competitors
     

    Product Reports

    Buyer's Guide
    Orca Security
    March 2025
    Orca Security reportDownload Orca Security product report
    Buyer's Guide
    API Security
    March 2025
    Salt Security reportDownload Salt Security product report
     

    Also Known As

    No data available
    Salt Security API Protection Platform
     

    Overview

    Orca Security is the pioneer of agentless cloud security that is trusted by hundreds of enterprises globally. Orca makes cloud security possible for enterprises moving to and scaling in the cloud with its patented SideScanning™ technology and Unified Data Model. The Orca Cloud Security Platform delivers the world's most comprehensive coverage and visibility of risks across AWS, Azure, Google Cloud and Kubernetes.

    At Orca Security, we’re on a mission to make it fast, easy, and cost effective for organizations to address critical cloud security issues so they can operate in the cloud with confidence.

      Key Platform Features: 

      • Agentless: Complete, centralized coverage of the entire cloud estate, without the need for installing and configuring agents or layering together multiple siloed tools. Full visibility of cloud misconfigurations, vulnerabilities, workload protection, malware scanning, image scanning, file integrity monitoring and more.

      • Asset Inventory: Get a complete inventory of all your public cloud assets, including detailed information on installed OSes, software, and applications, as well as data and network assets such as storage buckets, Virtual Private Clouds (VPCs), and Security Groups.

      • Attack Path Analysis: Visualize attack vectors to critical assets or crown jewels. See which assets are susceptible to lateral movement, assume roles, privilege escalation, and more.

      • Risk Prioritization: Prioritize the 1% of risks that matter the most, based on impact scores. Secure the vulnerabilities and misconfigured targets (critical assets) and eliminate the potential risks residing on the attack paths to those targets.

      • Cloud Threat Detection: Monitor for malicious activity within your entire cloud estate. Be aware of detected threats, user behavior anomalies and more.

      • Breach Forensics: Log every change and all activity into a central repository for investigation procedures to confirm or deny entry and compromises within the cloud estate.

      • Cloud To Dev (Shift Left): Orca’s built-in shift left capabilities enables DevOps to focus more security attention earlier in the CI/CD pipelines. Security teams are able to trace a production risk (misconfiguration or vulnerability) directly to the original source code repository from which it came, even down to the exact line of code that is at the root of the identified risk. 

      • Compliance: Choose from over 60 preconfigured compliance frameworks, cloud security best practices, CIS Benchmarks, or design and build your own compliance framework for fast and continuous reporting.

      • Security Score: The Orca Security Score is found on Orca’s Risk Dashboard and is updated daily. The overall score is calculated based on performance in the following five categories - Suspicious Activity, IAM, Data at Risk, Vulnerable Assets, and Responsiveness. Since the scores are percentage based and not raw numbers, you can objectively make comparisons to other organizations within your industry or business units of different sizes. In addition to reporting to senior management, the Orca Security Score can help with internal self-monitoring, as a way of measuring risk mitigation efforts, to know where to focus efforts, and track progress.

      Orca Security Benefits

      • Consolidate technologies to reduce costs and complexity:

      The more I can get out of this one solution, the better. I see Orca as the tool where we get all cloud-related security data.” - Joshua Scott, Head of Security and IT | Postman

      • Avoid costly breaches:

      "I look at proactive asset discovery, configuration management, and vulnerability management as being able to find a vulnerability before the bad guys do and being able to deal with it before something exploits it. This is what Orca does for us." - Doug Graham, CSO & CPO | Lionbridge

      • Increase team productivity and efficiency by focusing on high-value activities and solving the 1% of risks that matter most:

      "Orca is unique in that it locates vulnerabilities with precision and delivers tangible, actionable results – without having to sift through all the noise." - Aaron Brown, Senior Cloud Security Engineer | Sisense

      • Quick Time-to-Value with Immediate ROI:

      "Orca told us we could have some visibility within 5 or 10 minutes, and I thought, ‘There’s no way.’ Well, I was wrong. They really did it." - Thomas Hill, CISO | Live Oak Bank

      • Reduce MTTR and remove operational friction:

      We can’t ask developers things like ‘Did you think about security? When you start a new VM on AWS, can you please let me know so I’m able to scan it? Can you please deploy an agent on that machine for me?’ We need a better way to work. Orca provides that better way by eliminating organizational friction.” - Erwin Geirnaert, Cloud Security Architect | NG Data

        Orca Security

        The Salt Security API Protection Platform secures the APIs at the heart of all your modern applications. The platform collects API traffic across your entire application landscape and makes use of AI/ML and a big data engine to discover all your APIs and their exposed data, stop attacks, and eliminate vulnerabilities at their source.

        Salt Security
         

        Sample Customers

        BeyondTrust, Postman, Digital Turbine, Solarisbank, Lemonade, C6 Bank, Docebo, Vercel, and Vivino
        Appsflyer, Armis, City National Bank, Coralogix, Finastra, Gett, Honeybook, Payoneer
        Buyer's Guide
        API Security
        March 2025
        Download Free Report
        Find out what your peers are saying about Akamai, F5, Checkmarx and others in API Security. Updated: March 2025.
        DOWNLOAD NOW
        848,716 professionals have used our research since 2012.
        See our list of best API Security vendors and best Cloud Detection and Response (CDR) vendors.

        We monitor all API Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.