Try our new research platform with insights from 80,000+ expert users

Orca Security vs Tenable Vulnerability Management comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Zafran Security
Sponsored
Ranking in Vulnerability Management
27th
Average Rating
9.6
Reviews Sentiment
8.1
Number of Reviews
3
Ranking in other categories
Continuous Threat Exposure Management (CTEM) (6th)
Orca Security
Ranking in Vulnerability Management
8th
Average Rating
9.0
Reviews Sentiment
7.8
Number of Reviews
20
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (5th), Cloud Security Posture Management (CSPM) (6th), Cloud-Native Application Protection Platforms (CNAPP) (6th), Data Security Posture Management (DSPM) (6th), Cloud Detection and Response (CDR) (2nd)
Tenable Vulnerability Manag...
Ranking in Vulnerability Management
5th
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
42
Ranking in other categories
Risk-Based Vulnerability Management (3rd)
 

Mindshare comparison

As of April 2025, in the Vulnerability Management category, the mindshare of Zafran Security is 0.4%. The mindshare of Orca Security is 4.7%, down from 5.8% compared to the previous year. The mindshare of Tenable Vulnerability Management is 6.9%, down from 9.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management
 

Featured Reviews

Israel Cavazos Landini - PeerSpot reviewer
Weekly insights and risk analysis facilitate informed security decisions
I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.
CHINTAN MEHTA - PeerSpot reviewer
Consolidating security tools with comprehensive cloud visibility
The documentation for Orca Security could be improved. The compliance framework also needs enhancements, especially concerning integrations with other tools like ServiceNow's vulnerability modules, which are not as mature as expected. It should also increase its capability to ingest data from other security tools like CloudSight for endpoint detection and provide real-time monitoring.
Mani Bommisetty - PeerSpot reviewer
Streamlines vulnerability management with excellent reporting and potential AI integration
Tenable is user-friendly and excels in reporting. It allows me to easily fetch and schedule reports. The software's discovery feature aids in strengthening our security posture. The single-sensor installation process on various operating systems is smooth, unlike Rapid7, which requires different versions for separate systems. Furthermore, Tenable enables vulnerability management through potential AI integration that consolidates efforts and resolves multiple vulnerabilities simultaneously.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We are able to see the real risk of a vulnerability on our environment with our security tools."
"Zafran has become an indispensable tool in our cybersecurity arsenal."
"Zafran is an excellent tool."
"I find Orca Security's CIEM feature invaluable, as it focuses on entitlement and posture management, identifying assets with older OS versions, and asset misconfiguration."
"Orca's SideScanning is the biggest feature. It's the 'wow' factor... With Orca's SideScanning, they just need permissions for your account and that makes it so simple."
"Orca Security has patented technologies. It's an agentless solution, so you don't need to install an agent. Instead, it contacts your account provider and fetches metadata, eliminating the need for snapshots or reserved space to copy client infrastructure."
"I find Orca Security's CIEM feature invaluable, as it focuses on entitlement and posture management, identifying assets with older OS versions, and asset misconfiguration."
"Orca provides X-ray vision into everything within the cloud properties, whereas normally, this would require multiple tools."
"I would rate the quality of support as nine stars out of ten due to their quick and helpful responses."
"With its Cloud Security Posture Management capability, we have the ability to read across all of our cloud-based environments, which includes AWS and Azure. We have visibility into those environments. Seeing all vulnerabilities and configurations is really powerful for us, but ultimately, the ability to use the API to query across the fleet to understand what is the current state, what is the patch level, which ones are potentially exposed for a new CVE that just came out is even more valuable. It allows us to gather really specific intelligence through simple queries."
"The reporting and automated remediation capabilities are valuable to me. They're real game-changers."
"They are on a good trajectory as a company and investing in R&D in the right ways."
"The solution is quite friendly."
"The interface is fine."
"The solution is easy to use and configuration is smooth with no complexities."
"I would rate Tenable's dashboards and reporting capabilities for illustrating security posture a nine out of ten, with ten being the best."
"It's a recommended tool for penetration testers because it's effective for that purpose."
"It helps us create remediation projects and assign the console’s responsibility to specific engineers."
"The price of Tenable.io Vulnerability Management is reasonable as it is ten times cheaper than other options."
 

Cons

"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"There were a couple of times when Orca was down when I was trying to access it. I work strange hours because all of my team is in the UK right now. It was 2 a.m. on a Saturday and I was trying to log in but it wasn't working. But relative to my other security tools, Orca is definitely the most stable that I've seen."
"Orca Security can be improved as there should be some kind of central pane of glass. Similar to how cloud management works, Orca Security should have something comparable."
"The automatic scan only runs every 24 hours, and if an alert is remediated within an hour, it still remains until the next scheduled scan."
"I would like to see better customization options for security frameworks and better integration with reporting tools like Power BI or Grafana dashboards."
"As with all software, the user interface can always be made simpler to use. It would be helpful for people with very little knowledge, like somebody sitting behind the SOC, to allow them to be able to drill down into things a little bit easier than it is currently."
"A notable limitation with Orca Security is its scanning feature. The automatic scan only runs every 24 hours, and if an alert is remediated within an hour, it still remains until the next scheduled scan."
"The documentation for Orca Security could be improved."
"I would like to see an option to do security checks on a code level. This is possible because they have access to all of the code running in the cloud provider, and combining their site-scanning solution with that would be a nice add-on."
"The solution must be promoted more in the market."
"The solution must provide penetration testing."
"The reporting was never great in Tenable Vulnerability Management, so, in my company, we imported all the data into Ivanti RiskSense to start using it for reporting."
"Users get confused between VPR and CVSS ratings."
"The stability has room for improvement."
"An area of improvement for this solution is being able to customize the dashboard. For example, the dashboard does not allow us to view a previous months vulnerability results alongside current results to make comparisons."
"The one drawback that we have found is the reports."
"It can have more integration."
 

Pricing and Cost Advice

Information not available
"Orca Security is cheaper compared to other solutions in the same space."
"The price is a bit expensive for smaller organizations."
"Orca Security charges are based on cloud workloads. So, it's based on workloads. If we look at one feature, it might be expensive."
"It is the cost of the visibility that you get. When you really sit down and think about what do you need to do to secure an environment with a low impact on the business, and you take a look out into the world, I think this tool is well justified around cost."
"Orca is very competitive when compared to the alternatives and is not the most expensive in the market, that's for sure."
"We have a total of 25 licenses for this solution. The solution is on a pay-and-you-use model."
"Overall, the pricing is reasonable and the discounts have been acceptable."
"Its license is a bit expensive."
"Tenable charges around $40 per device."
"Tenable.io Vulnerability Management's pricing solution model isn't great."
"The solution is not too expensive."
"The tool is reasonably priced."
"The product costs us around $137,000 annually for 4000 to 5000 assets."
"I would rate the pricing a five out of ten. It is in the middle."
"A yearly payment has to be made toward the solution's licensing costs."
"The total cost we pay for this solution is over 45K. This is for a large education organization."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
849,335 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
11%
Manufacturing Company
7%
Retailer
6%
Computer Software Company
17%
Financial Services Firm
13%
Manufacturing Company
9%
University
6%
Educational Organization
25%
Computer Software Company
12%
Financial Services Firm
9%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?
I find that the pricing for Zafran aligns well with the comprehensive features it offers. The asset and user-based li...
What needs improvement with Zafran Security?
While Zafran Security is already a powerful tool, there are areas where it could be further improved to provide even ...
What is your primary use case for Zafran Security?
Our primary use case for Zafran involves leveraging it to enhance our vulnerability risk scoring methodology. In toda...
What do you like most about Orca Security?
It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just ...
What needs improvement with Orca Security?
Orca Security can be improved as there should be some kind of central pane of glass. Similar to how cloud management ...
What is your primary use case for Orca Security?
Our clients use Orca Security for various reasons. We implement it for the clients.
What's the difference between Tenable Nessus and Tenable.io Vulnerability Management?
Tenable Nessus is a vulnerability assessment solution that is both easy to deploy and easy to manage. The design of ...
What needs improvement with Tenable.io Vulnerability Management?
I would suggest HP WebInspect as a better option than Tenable.io. My current client doesn't have access to it. Howeve...
 

Also Known As

No data available
No data available
Tenable.io
 

Overview

 

Sample Customers

Information Not Available
BeyondTrust, Postman, Digital Turbine, Solarisbank, Lemonade, C6 Bank, Docebo, Vercel, and Vivino
Global Payments AU/NZ
Find out what your peers are saying about Orca Security vs. Tenable Vulnerability Management and other solutions. Updated: April 2025.
849,335 professionals have used our research since 2012.