Try our new research platform with insights from 80,000+ expert users
Rooshan Naeem - PeerSpot reviewer
Security Engineer at Eon Health
Real User
Top 5Leaderboard
Effective automated scanning capabilities, low maintenance, and scales well
Pros and Cons
  • "The most valuable feature of Orca Security is the automated scanning tool, user-friendliness, and ease of use."
  • "The solution could improve by making the dashboards more elaborative and more descriptive."

What is our primary use case?

We are using primarily Orca Security for our vulnerability assessment management. We are using it for our container it does free image scanning to find security loopholes that might be present in our overall infrastructure. Additionally, it provides the remediation steps and an overall overview of the security of our infrastructure.

How has it helped my organization?

This solution has helped out organizations by recognizing security threats and vulnerabilities in the early stages of software development. That is one of the benefits that we are receiving from the tool. We are dealing with security loopholes and deficiencies in the earlier stages of our development.

We have the time to review the whole process and Orca Security provides security solutions to our clients. The solution has been beneficial for us to detect security loopholes in our early stages.

What is most valuable?

The most valuable feature of Orca Security is the automated scanning tool, user-friendliness, and ease of use.

What needs improvement?

The solution could improve by making the dashboards more elaborative and more descriptive.

Buyer's Guide
Orca Security
November 2024
Learn what your peers think about Orca Security. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.

For how long have I used the solution?

I have been using Orca Security for approximately two years.

What do I think about the stability of the solution?

The stability of Orca Security is good.

What do I think about the scalability of the solution?

Orca Security is scalable. We have 25 users using the solution in my organization.

How are customer service and support?

I have used the support a couple of times when we escalated some queries regarding the report formatting and the false positive.

Most of the time whenever we open a support ticket to their technical department the response time is quite high because we are dealing with frequent deployments. We expect them to respond within one or two days but they take quite a long time to respond back.

I rate the support from Orca Security a six out of seven.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

We used to use an open-source vulnerability management tool from OWASP regarding the guidelines that they had listed on their own site using management systems, such as REM, CS, and CVSs, which is a risk management framework. We were using those frameworks for our vulnerability assessment and management.

Orca Security is an enterprise solution, it scales well with your own infrastructure. We thought that the use cases covers and were aligned with our use cases, and this is why we switched.

How was the initial setup?

The initial setup of Orca Security is straightforward. I do not know how long the deployment took, but it is quite intensive, responsive, and has low latency.

I rate the initial setup of Orca Security an eight out of ten.

What about the implementation team?

The implementation of the solution was done in-house.

What's my experience with pricing, setup cost, and licensing?

We have a total of 25 licenses for this solution. The solution is on a pay-and-you-use model.

What other advice do I have?

The vendor handles the maintenance of the solution, such as patches, and different enhancements.

Every organization has its own needs and requirements, and configuring a tool with customization depends on the use case of the current organization. It is not a solution for all organizations. If you are dealing with small projects you don't need to switch to this enterprise solution. The usage of this solution depends on the organization's needs and requirements, another solution might be better.

I rate Orca Security an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Chief Security & Trust Officer at SiSense
Real User
Leaderboard
Provides visibility into all of our cloud-based environments and allows us to gather really specific intelligence through simple queries
Pros and Cons
  • "With its Cloud Security Posture Management capability, we have the ability to read across all of our cloud-based environments, which includes AWS and Azure. We have visibility into those environments. Seeing all vulnerabilities and configurations is really powerful for us, but ultimately, the ability to use the API to query across the fleet to understand what is the current state, what is the patch level, which ones are potentially exposed for a new CVE that just came out is even more valuable. It allows us to gather really specific intelligence through simple queries."
  • "They can expand a little bit in anti-malware detection. While we have pretty good confidence that it's going to detect some of the static malware, some of the detections are heuristics. There could be a growth in the library from where they're pulling their information, but we don't get a lot of those alerts based on the design of our products. In general, that might be an area that needs to be filled since they offer it as a service within it."

What is our primary use case?

With Orca, the main thing that we're leveraging is their Cloud Security Posture Management capability. 

It is a SaaS solution.

How has it helped my organization?

It provides the assurance that we have coverage across AWS specifically because we have so many accounts. As a large organization, we have prod environments for customers, and then we have our corporate environments and our playground environments where there are various levels of interactions, data flows, and business use cases. Because we have Orca, we have the competence and assurance that we know where our fleet and where our assets are.

The big thing for us was just making sure that the side channel scanning, which is their proprietary tech, does not really create any burden or load by adding an agent onto the box. It should just do another snapshot. It gives us a better performance overall because there is no implication down to the actual environment or AWS.

It provides agentless data directly from our cloud configuration and from the workload's runtime block storage. The agentless approach means that there is zero performance impact. That's kind of a big part. When you typically add an agent to any system, it's going to use some of the compute or the memory, but this has no performance implications. That part is exciting because when you think of the security realm, often, as a team out of the cost center and a business enabler, there are situations where if we do affect performance, it's not great for the business. So, we have the understanding and the Corporate EQ that we don't want to have any impact on performance. This enables us again with the confidence that we're getting the right information out without having that impact down to our engineers or our production support.

The agentless and direct collection of data enable Orca to see assets within our environmental and business contexts and prioritize truly critical security issues. It provides another notch up on confidence in terms of knowing what's in our production environment and having the ability to rapidly query in case there's a new CVE that's coming up. So if we know there is a drop in data, we have the ability to scan and see the assets and do the patch management as necessary or tear down boxes that don't need to be up there anymore. With the way it works, having visibility across the org is hands down the biggest benefit for us.

The agentless approach also means that we're able to avoid the need to deploy and maintain multiple tools.

What is most valuable?

With its Cloud Security Posture Management capability, we have the ability to read across all of our cloud-based environments, which includes AWS and Azure. We have visibility into those environments. Seeing all vulnerabilities and configurations is really powerful for us, but ultimately, the ability to use the API to query across the fleet to understand what is the current state, what is the patch level, which ones are potentially exposed for a new CVE that just came out is even more valuable. It allows us to gather really specific intelligence through simple queries.

Given the agentless deployment, its time-to-value is less than 24 hours. It took less than 24 hours, and we had intelligence and insight. Ultimately, it is getting access to the API, and then from there, it is about getting the side channel scanning going on. Once that is complete, the real-time proprietary nature of new assets pops up. We also have the visibility if an old asset has been sitting out there unused for a really long time.

What needs improvement?

They can expand a little bit in anti-malware detection. While we have pretty good confidence that it's going to detect some of the static malware, some of the detections are heuristics. There could be a growth in the library from where they're pulling their information, but we don't get a lot of those alerts based on the design of our products. In general, that might be an area that needs to be filled since they offer it as a service within it.

For how long have I used the solution?

We've been using the Orca solution for about a year and a half. 

What do I think about the stability of the solution?

It had maybe two periods of downtime if my memory serves me correctly, but it was hard to even know that the service was down because we weren't actively querying during those windows. These downtimes were probably for less than a few hours. I read about them through an email from the founder. We wouldn't have even noticed them if they didn't update us on it.

What do I think about the scalability of the solution?

We started with our production account, and then we kept scaling to our test environments, to our corporate environments, ultimately to every AWS account that we have out there. It is being used as extensively as we can in our environment. We have about 14 AWS accounts. If we need more environments, it will be included as part of the practice.

How are customer service and support?

Luckily, we have a shared Slack channel. So, we have an extended Slack channel, and we're in there with the founders, as well as key engineers and members. So, it's real-time for us. If we have an issue, we go in and just message out, and then we can have that full loop within that Slack channel. We were customer number nine, and having this Slack channel was just something that made sense at the time.

I would rate them a 10 out of 10. We get everything addressed pretty quickly.

Which solution did I use previously and why did I switch?

In terms of vulnerability assessment coverage, a lot of it was native tooling. We were using AWS GuardDuty across the environment as step one for anomaly detection, but for vulnerability management, there was very limited capacity.  We could leverage some of the existing tools that were out there to scan and perform analysis, but in reality, we're using a lot of what AWS offers. So, for the most part, it was native AWS tooling with GuardDuty and then just doing our best to query the fleet through AWS itself. Orca has really filled the gap for us.

How was the initial setup?

Because of its agentless nature, there is zero deployment time. It is mostly just getting the connection and performing the analysis. The deployment strategy is mostly, "Choose the accounts that are there and then hookup Orca." It took less than 24 hours, and we had intelligence and insight. 

What's my experience with pricing, setup cost, and licensing?

It is the cost of the visibility that you get. When you really sit down and think about what do you need to do to secure an environment with a low impact on the business, and you take a look out into the world, I think this tool is well justified around cost.

Which other solutions did I evaluate?

We were looking at a few other tools out there. Dome9 and Lacework were the big key ones that were out there. There were some of the old heavy hitters, but they really didn't add a ton of value to what we were looking for. Some of them were just AWS GuardDuty on steroids. 

For us, Orca just offered a better comprehensive solution. We had done enough demos and discussions, and we felt like, "Hey, it's worth the gamble on someone that's trying to solve something and maybe we can help drive the backlog or some of the features as well by being an early customer". That's a part of our strategy when it comes to choosing security solutions. It definitely fits our business needs.

When choosing to go with Orca, the fact that it is a SaaS solution that is updated daily, and that new features are available at no additional cost was useful for us. That's the way it should be. There shouldn't be paywalls and all these other things. You're paying for the proprietary technology of the company and how they kind of package that up. They've been very open in terms of what features are available when and how they work.

When we first looked at Orca, we weren't skeptical about whether it could do all the things that they said it can do. That's because the way it was presented was very logical in terms of how they instrumented the technological approach, and then the background of the founders made a lot of sense. So, either it was going to work, or it wasn't going to work, and if it didn't work, then we'd have an issue. When we did a PoC, it worked very well for us in a short window of time, and we had the confidence that this was going to be the right tool for us.

What other advice do I have?

I would advise others to not just set it and forget it. This is an ongoing capability. Just like every vulnerability management process, it is an ongoing continuous cycle. So, I wouldn't leverage this for one-time use or quarterly use. This is real-time that you should be analyzing, and on top of that, as new vulnerabilities are set, use the search function.

Everything is included in Orca’s package, but Orca hasn't helped us to consolidate vendors or services. That's because we weren't replacing any existing ones. We didn't have six other things doing what they were doing. We were venturing out into a solution that has not ever been in place and figuring out exactly how to integrate it, how to leverage, and ultimately how to level up the organization.

I would rate this solution a 10 out of 10.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
Orca Security
November 2024
Learn what your peers think about Orca Security. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
reviewer1697910 - PeerSpot reviewer
Chief Risk Officer at a financial services firm with 51-200 employees
Real User
Provides good visibility, improves security, scales well, and the interface is easy to use
Pros and Cons
  • "Orca provides X-ray vision into everything within the cloud properties, whereas normally, this would require multiple tools."
  • "As with all software, the user interface can always be made simpler to use. It would be helpful for people with very little knowledge, like somebody sitting behind the SOC, to allow them to be able to drill down into things a little bit easier than it is currently."

What is our primary use case?

We use Orca Security in the cloud to protect all of our cloud-based AWS applications.

It secures all of our perimeter and AWS, as well as all of our databases, applications, and transport. For every facet of AWS, right down to operating systems, we use Orca to take a look at it.

How has it helped my organization?

Orca provides the capability for agentless data collection directly from your cloud configuration and from the workloads' runtime block storage, which is one of the massive advantages of the tool. The tool gives us the ability to monitor things as we spin them up and as we tear them down. I can't state emphatically enough how important the agentless tool is.

For example, when most people move their applications from on-premises to the Cloud, which is what we in IT call a forklift, they just copy it over or re-create it there. Very seldom do people actually re-engineer or re-architect their applications to take full advantage of the cloud.

With the cloud, you can create serverless applications and serverless databases, so that when you need something you can spin it up and use it. When you don't need it, you can tear it down or destroy it so that it's gone. This not only saves money and is very efficient but from a security perspective, it's critical because every time you have something running somewhere, it could be attacked. This is what is referred to as an attack surface.

By using serverless tools and agentless monitoring, you can tear it down when you're done and that reduces your attack surface dramatically. Without a tool like Orca, that's agentless, you would not be able to do that. You would have to install software on the application and keep it running in order to monitor it, which really defeats the whole purpose of the cloud.

In terms of performance, because it's agentless, it's not stealing cycles from your application. It's not what's called a heavy application.

The agentless and direct collection of data enables Orca to see assets within its environmental and business contexts and prioritize truly critical security issues. This is one of the huge advantages of Orca. It sees everything in the environment and through its AI, properly categorizes what the threats are and shows them to you in a much better way. It aggregates all of the alerts and determines what's really important, and then shows them to you. It greatly reduces the need for additional staff to pore through all of the alerts to try and determine what's real, what's critical, and what the real problems are. It does all of that work for you.

Prior to Orca, our cloud visibility was perhaps 20% of what it is now. This is the reason that we were delaying moving to the cloud. The additional coverage has allowed us to move critical applications to the web that we had been holding off on because of the lack of cloud visibility. We have now moved multiple critical applications and we're able to view them in a way that we would not have been able to without Orca.

An important thing to consider is that Orca is a one-size-fits-all solution, which is very rare in the security world where everything is piecemeal. Normally, to protect something, you need five or six different tools or products. In this case, one product gives you all of the visibility that you need for your landscape, into all of your cloud properties. It is really the best of all worlds.

It's critically important to keep things simple, and it helps that Orca has everything included out-of-the-box. You only need one tool and it's helpful because there are so many security solutions on the market that a lot of security people get confused and they end up with products that overlap each other. Part of the reason for this is that all of the security solutions are trying to expand into other areas, and become more useful on the whole.

When you end up with these overlaps in products, it confuses people including end-users and support staff. Oftentimes, you end up with redundancy or things that conflict because the software isn't designed to be compatible with all of the other tools that are out there in the market. You end up with a messy collage of tools trying to accomplish something and it doesn't work well. It ends up with gaps, overlaps, and it just creates problems for security.

With Orca, it's as if they took a whiteboard and set out to fix all of that, and do everything in one tool. What they built architecturally is a beautiful, simple, and easy-to-use product. 

We are frequently audited by our clients, which are Fortune companies in the finance, automotive, utility, and telecom industries. They audit us from a security perspective quite frequently. By using Orca, we can prove to them that we are secure in all of the core areas that they're looking at.

Like a lot of cloud SaaS tools, which is the new generation of technology, you expect things to be automatically updated for you. It's like using Chrome, where when you decide to take an update, you don't have to pay for it. You assume that the company behind the product is constantly updating it on your behalf. This is a model that is critically important from a security perspective.

Imagine buying an antivirus product and the company says that they're not giving you updates until you pay for them. A lot of companies do that but more of the newer companies will instead license you the product for a year or two at a time. During the license period, you get all of your version updates and everything you need. It's included and it's done automatically. That's the model that Orca chose and from a security perspective, it's the best model for a customer like me.

What is most valuable?

Orca provides X-ray vision into everything within the cloud properties, whereas normally, this would require multiple tools. As an analogy, for on-premises equipment, you would need different tools to be able to see the performance of a system, determine what versions of software applications are installed, and look at the security. You would need yet another one to give you a holistic view of all of the hardware inside of the system.

From this one platform, we can get visibility right down into the hardware through all of the applications, and through the operating system. One application provides an entire view of our security. Gartner coined the name Cloud-Native Application Protection Platform, in reference to this product, because Orca created did not exist previously. Orca literally invented a whole new way to view security in the cloud.

Because the interface is so simple, you don't need people that have tons of experience. You can take a lower-level person and give them basic instructions on what to watch for. If anything comes up with a high-level or medium-level alert, then they have to contact somebody else. It's literally that easy.

What needs improvement?

As with all software, the user interface can always be made simpler to use. It would be helpful for people with very little knowledge, like somebody sitting behind the SOC, to allow them to be able to drill down into things a little bit easier than it is currently.

For how long have I used the solution?

I have been using Orca Security for approximately two and a half years.

What do I think about the stability of the solution?

We haven't had a single stability issue. From my perspective, it's awesome.

What do I think about the scalability of the solution?

Scalability is built into the product. We've scaled this pretty tremendously up and down as we've needed to, based on serverless needs across VPCs, across servers, and across various instances. It scales perfectly across our environment.

It monitors all of our AWS instances. We give it everything. In fact, as we add more and more to the cloud, Orca is there already, ready to protect us, so we're scaling it. Every month we add more to it.

How are customer service and support?

We have been in touch with technical support a few times. It's been very few and far between but it was to ask about the meaning of some of the error messages that we saw.

I would rate the technical support a nine out of ten. We don't use it very much and as such, I don't have enough touchpoints to be able to assess it. I'm leery about rating something the highest possible score without having enough visibility into it.

There was a situation where we provided feedback to the vendor and they incorporated it into the product very quickly. We were very surprised that they listened and acted upon it so quickly and I think that this is more important than support because no product is perfect. They were eager to improve their product because they strive to be better. I can't say enough good things about them.

Which solution did I use previously and why did I switch?

There was nothing on the market, anything like their solution, prior to Orca coming along. It literally created a whole new category. It was the right tool at the right time and they had the vision to create it.

We were using a myriad of bolt-on tools at the time, to try to cobble things together, but we never really accomplished very much using them. That is why we went looking for the product that we did. Ultimately, we weren't moving anything to the cloud because we couldn't find the visibility that we wanted.

In order to move to the cloud, you need a tool like Orca to have visibility of all of your real estate, architecture, and applications that are out there. Without it, you literally have gaps you don't know about and you are running blind. It's like running with blinders on and you can only see where you're looking, versus being able to look 360 degrees around you. It gives you that level of visibility. It's truly X-ray visibility.

How was the initial setup?

The initial setup was amazingly easy. You don't have to really do anything outside of creating an account with them. It was absolutely simplistic. It exceeded our expectations from an installation perspective. It couldn't be easier.

Because there are no agents, you have no deployment time. Another beauty of it is that you don't have to sit there and try to install agents on every device and every server and every application and every instance or every VPC. It's just automatically done.

Once you give them access and they scan your environment, it's done for you. You don't have to do anything at all. It learns about your environment. You don't have to install anything, so it saves your time because you really don't do anything at all. It's the way that all software should be. They should do all of their learning on their own without you having to install things the whole way.

What about the implementation team?

We implemented it with our in-house team.

What was our ROI?

This product has saved us tremendous amounts of time and money.

I would just say that you're doing yourself, your business, and your customers a disservice if you're not using Orca, or a tool like it, that provides a deep X-ray-like view into your environment to properly secure it.

We would not be in the cloud or have as much in the cloud without this tool. It's really a precursor to moving anything major into the cloud. In that regard, it's our future. Cloud is our future and without Orca carrying that future, we can't do the things that we want to do. It's very difficult for me to put a return on investment on it because it's so intertwined with everything that we do. We wouldn't be able to do the things that we do without it.

Which other solutions did I evaluate?

Our search for this product began because we wanted to move to the cloud and we knew that we were vulnerable if we moved up there. We didn't have the visibility that we needed so I actually went looking for this solution. I looked throughout the industry. I talked to everybody I knew and there was nothing. Everybody was cobbling solutions together, trying to achieve some sort of visibility.

A lot of people didn't even know that they were vulnerable or that they had gaps. We did and we saw it. We figured it out and we went looking for a solution.

Coincidentally, I was speaking with somebody at a conference who had recently learned about Orca and they told me about the product. Within a couple of months, he put me in contact with their co-founder and we entered discussions from that point.

What other advice do I have?

The analogy that I like to use when discussing Orca is similar to that of purchasing a used house. When you look at it from the street or after doing a walkthrough, you have no idea what is going on under the floors, or above the ceiling, or behind the walls. There can be all kinds of problems like faulty wiring or leaking plumbing, and you wouldn't know that they existed. This is where the beauty of Orca and the X-ray vision comes in.

You can see all of these things right down to the chip that's used in your cloud instance. It's literally an amazing perspective that to my knowledge, no other tool prior to Orca provided. In my analogy about the house, there is no tool that you can use to see behind everything before you buy a house. However, with Orca, you can see everything.

Everything is laid bare to you before you move your apps up there, or once you move them to the cloud and you begin to build out your real estate. Without a tool like Orca, you're flying blind like a pilot in an airplane without radar. You just can't do that.

When I first looked at Orca, I was somewhat skeptical about whether it could do everything that they claimed. In fact, I'm always skeptical to a degree. In this case, it's different. It literally blew me away based on what I could see. If I consider the analogy of the house, I expected to be able to see under the floor. What I didn't expect was to be able to see behind all of the walls and through the ceiling and through the roof and into the basement, and everywhere. I thought to myself that we couldn't live without this tool. That's how good it is.

If I could rate this product a 15 out of 10, I would. It has well exceeded my expectations and I remember that when I first looked at the Orca environment, I thought that it was amazing. I was able to click, drill down, do everything that I wanted to be able to do, and more.

I would rate this solution a ten out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
reviewer1731741 - PeerSpot reviewer
CISO at a financial services firm with 51-200 employees
Real User
It gives us visibility across all the assets in our multi-cloud environment in a single dashboard
Pros and Cons
  • "There are so many valuable features that I could list, but one that I appreciate is the PCI DSS compliance report."
  • "We are PCI DSS compliant, so we need to scan our environment externally with tools vetted by the PCI DSS organization. Orca doesn't scan the environment externally. It only scans what's currently in the cloud."

How has it helped my organization?

Orca gives us visibility across all the assets in our multi-cloud environment in a single dashboard. That kind of visibility is rare for us and most organizations within the Fintech space. You could understand particular vulnerabilities in a pocket of your environment, but not to the extent that Orca provides today. To protect a business, you first want to look at your environment and inventory all your assets. All of these assets are still managed in a spreadsheet in many organizations today. Some of them are using tools that list all of the assets. We had an inventory, but the Orca tool could identify assets we thought were no longer operational.

It isn't easy to quantify right now, but I can say that Orca gives us greater visibility of assets that we thought were gone but were correctly configured. Using Orca, we were able to identify certain assets that were still lying around and using an older operating system. Some of these were actually unpatched even though we thought they were patched.

What is most valuable?

We like that Orca is continuously monitoring our environment. When you open the tool, you instantly get an overview of your current state of affairs. You see everything happening across your multi-cloud environment in one view. When you're working on GCP or Azure, and you also have some other elements within AWS, it isn't easy to have a tool that spans all these cloud environments. It's great to have a single dashboard that puts all your cloud environments at your fingertips.

Orca tool spans all our environments and gives us a compliance report. It can tell us where there are vulnerabilities within our environment and provide us with access to the logs of specific assets.

What needs improvement?

With any security tool, there's always room for improvement. We were among the early adopters, and many of the major improvements that we were looking for have already been added. Right now, we're looking at what the other players in that space are offering and if it can be integrated into Orca. I had a discussion with Orca six months ago about implementing these features. But once you start customizing your tool for specific customers, it doesn't necessarily mean that it will match the needs of other customers, and you begin to branch out. In general, I think the Orca's roadmap is pretty well aligned to what we need today.

For how long have I used the solution?

We are fortunate to have been using Orca since its inception. I think we were among Orca's first customers. We're always searching for new tools with intriguing capabilities that can help us better protect our organization. When I came across Orca, I felt it offered something others on the market didn't. 

How are customer service and support?

I rate Orca support 9.5 out of 10. Whenever we've sent a support ticket, Orca responds in less than an hour to tell us that they've received the request and are looking into it. We get a reply a couple of hours later most of the time. Sometimes it needed more work, but I think it was pretty fast.

Support is one of the essential features you look for when purchasing a tool. Of course, you could buy a SaaS product, but if there is no support behind it, you'll have difficulty configuring it properly within your environment. Sometimes, you expect certain features to work correctly, but maybe you are configuring the solution wrong, so it's great to have support personnel available to respond to all your queries. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

When we started using the Orca tool, we already had some tools offering some of these features. However, we realized we didn't need to have all these agent-based tools installed across our environment to understand our risk footprint. We quickly understood that it would be easier to deploy across our entire multi-cloud environment if we went agentless with the Orca tool. It would offer us more capabilities than Qualys or even some of the AWS tooling available today, and we could consolidate everything under one tool.

AWS has some tools that give you visibility into your environment. They can tell you where your PII is or if your assets are correctly configured. However, every new feature that AWS releases is only available in the US first. Sometimes they're not available in Japan, Canada, and Europe until months or years later. We're still waiting for these features to be available here in Japan. For example, AWS Macie is still not available in Japan today, and it has been two years now. There are many capabilities like this that we want the cloud provider to release in other countries, but it's not available today.

What's more, if I run some AWS tooling, it will only scan my AWS environment but not my GCP or Azure environments. It's complicated to consolidate all of these reports in one place at the end of the month. Orca gives me a single view across all my environments.

How was the initial setup?

One of Orca's most significant advantages is that you can deploy it within your environment with a single click. There were no agents to install, so the deployment was quite easy. We simply entered the information about the cloud that we wanted to gain visibility into, and it was done. It can take days or weeks to deploy some other tools within an environment, especially if you're on-prem and sometimes on the cloud as well. We could deploy Orca in a matter of minutes. It was up and running within 15 minutes the first time we set it up.  

What was our ROI?

When you're talking about return on investment, you have to consider the resources needed to implement, maintain, and support a tool. With Orca, we didn't need to deploy or upgrade anything, and we didn't need to understand anything about support because they already had great support. I think we're saving hundreds of thousands of dollars every year in staffing costs alone. The time-to-value was instant. 

What's my experience with pricing, setup cost, and licensing?

When we purchased Orca, it came with everything we needed. We didn't need to buy any additional features, extensions, etc. You pay one price, and you have access to everything. I think their pricing model is aligned with market demand. Of course, Orca could probably better align their pricing model with the needs of smaller businesses as well as some larger-scale enterprises with millions of assets. But in all fairness, I think the Orca sales team has been accommodating and ensured that we're happy with the pricing.

Which other solutions did I evaluate?

When we purchased Orca, there was some overlap with tools like Qualys that scan your environment for vulnerabilities. But Qualys is not well-suited for specific microservices. It doesn't give you all the visibility that you need in a particular area of your environment. 

We are PCI DSS compliant, so we need to scan our environment externally with tools vetted by the PCI DSS organization. Orca doesn't scan the environment externally. It only scans what's currently in the cloud. There is some overlap between Orca and other tools, but others can scan externally. I still don't think Orca is in the business of scanning assets externally because they only scan internally. That's why we purchased it.

What other advice do I have?

I would rate Orca 9.5 out of 10. It covers our entire multi-cloud environment in a single view and tells us everything we need to know about our vulnerability footprint. For example, it can tell us whether our S3 bucket is misconfigured. There are so many valuable features that I could list, but one that I appreciate is the PCI DSS compliance report. Someone asked me if I would recommend Orca the other day, and I told them not to take my word for it. They should just try it.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
reviewer2199855 - PeerSpot reviewer
Director at a tech services company with 201-500 employees
Reseller
Top 20Leaderboard
Helps increase cloud visibility on different platforms, very stable product and quick to deploy
Pros and Cons
  • "It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just scan the entire assets in the cloud."
  • "It's not all clouds that they are currently onboarded with. For instance, they are not yet with public cloud and many other private clouds."

What is our primary use case?

Some of the customers use it to actually look at their assets in the cloud.

It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just scan the entire assets in the cloud.

How has it helped my organization?

It helps increase cloud visibility on different platforms. And also in terms of the security vulnerability in the cloud space. They recommend specific steps as well. 

What needs improvement?

Actually, it's not all clouds that they are currently onboarded with. For instance, they are not yet with public cloud and many other private clouds.  

Therefore, there is room for improvement, and more private clouds should be added. For the private cloud, we need to install agents into the environment.

For how long have I used the solution?

I have been using it for two years. 

What do I think about the stability of the solution?

So far, we haven't faced any complaints at all after two years. 

So, it has been a stable solution.

What do I think about the scalability of the solution?

Many enterprises that have lesser workloads in the cloud, so there's no point in them monitoring themselves.  So those who have heavy workloads on the cloud need this tool too.

So it can handle large loads of information.

How are customer service and support?

 

Which solution did I use previously and why did I switch?

There is another company who copies them, like people from Wiz.

Theinterface is different, and we don't have a lot of updated stuff. They are copying Orca Security, and they are not the patent holder. The patent holder is Orca.

How was the initial setup?

This product is very fast to onboard; it takes just five minutes. 

You just need to input the admin credentials for the cloud provider, meaning AWS, Azure, and Google. You can just pull it on, and then Orca covers the entire report already.

There's no need for integration because everything is on the cloud. That's why it's agentless.

Just a few steps for onboarding. It is really quick to deploy.

What's my experience with pricing, setup cost, and licensing?

Orca Security charges are based on cloud workloads. So, it's based on workloads.  

If we look at one feature, it might be expensive. But if we're considering all the features they offer in monitoring and scanning, there aren't many tools out there that can do all they do in one tool. So if you compare that, then this is not really expensive. But if we compare just one feature, then it is more expensive than the others.

The user needs to utilize it as a package. 

What other advice do I have?

I would recommend it. Overall, I would rate the solution an eight out of ten because it needs to expand more to support all the markets. They are not there yet.

Not all private clouds are supported, for example, SAP Cloud.

Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
Flag as inappropriate
PeerSpot user
Mauro Restante - PeerSpot reviewer
Cybersecurity Customer Service Manager and Technical Account Manager at Cybersel
Reseller
Top 5Leaderboard
Highly scalable and stable solution with good support
Pros and Cons
  • "The initial setup is very easy."
  • "The presentation of the data in the dashboard is a little bit chaotic."

What is our primary use case?

Our use case is very simple. Orca Security is used to monitor and have control over your client's cloud environment, specifically the CP-CFPM.

What is most valuable?

One of the most valuable aspects is the agentless feature. Orca Security doesn't use agents at all.

What needs improvement?

Maybe the presentation of the data in the dashboard. It's a little bit chaotic. There is room for improvement.

For how long have I used the solution?

I have been using Orca Security for one and a half years. 

What do I think about the stability of the solution?

I would rate the stability a ten out of ten. I never faced any problem with stability. Our client base is more SMB.  

What do I think about the scalability of the solution?

I would rate the scalability a ten out of ten. It can easily scale and control a huge environment comprising thousands of VMs. 

How are customer service and support?

The support is very good.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is very easy. We have deployed the solution on the public cloud. However, there is a roadmap, a feature to deploy also in private environments and on-prem environments.

What about the implementation team?

The deployment process takes at least an hour. To onboard, the process is very smooth. You have to collect some information from your cloud environment, specifically as an admin user of your cloud subscription. Then, you have to follow a three-step process inside the Orca platform because Orca will automatically create all the policies and data needed to onboard your subscription.

What's my experience with pricing, setup cost, and licensing?

Orca Security is cheaper compared to other solutions in the same space. 

What other advice do I have?

I would recommend trying this solution once, at least for a month. It is a very good product. 

Overall, I would rate the solution a ten out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
reviewer1694079 - PeerSpot reviewer
CISO at a tech services company with 501-1,000 employees
Real User
I just drop Orca in and it shows me the abstract risk of everything in that cloud, forming the basis of my security program
Pros and Cons
  • "The visibility Orca provides into my environment is at the highest level... When I dropped them into the environment, from the very get-go I had more insight into the risks in my environment than I had had during the entire two and a half years I had been here."
  • "There were a couple of times when Orca was down when I was trying to access it. I work strange hours because all of my team is in the UK right now. It was 2 a.m. on a Saturday and I was trying to log in but it wasn't working. But relative to my other security tools, Orca is definitely the most stable that I've seen."

What is our primary use case?

Orca is the inceptive tool that I deploy when I join a company. It will be one of the first things I do after an awareness training program. The reason is that Orca serves the function of giving me insights into the resting risk state, abstractly, because it combines so many signals without actually having to govern the assets. As soon as I have access to the AWS or GCP or Azure accounts, I just drop Orca in and it shows me the abstract risk of everything in that cloud.

How has it helped my organization?

Using Orca, I build up a security program. Orca not only attests to and assesses these risks and helps me identify risks that need to be mitigated, but it also helps me build an entire security program because it does it —and this is key—in a deterministic fashion, where it's wholly governing the ecosystem.

Orca’s platform provides agentless data directly from your cloud configuration with zero performance impact. The way they do it is brilliant: They pull snapshots. So it just cannot affect the performance of the machine. From my understanding, the snapshot process in the major clouds is completely benign and does not affect the performance. First of all, that means it can analyze machines that I don't have access to. That in itself is the most game-changing thing I have seen, not just in security but in technology, in my 25-year career. Agents are a huge problem in security. They're necessary for certain things, but even if an agent doesn't cause performance issues it's not about having performance issues. It's about the perception, the concern, the fear, the accountability, and the confidence in the tool because of the small risk of those performance issues being caused.

Orca does more than allow you to see assets within their environmental and business contexts to prioritize critical security issues. The trend in security over the last two or three years ago has been to raise risks that are real. But Orca is doing more than that. Orca combines all these signals to aggregate risk. There is a discipline that they exercise in the way they process all the signals together. Whenever there is an Orca alert that there is an imminent compromise or an actual compromise, which are the two highest severities out of four, they're actionable, every time. We might have encountered a couple that weren't actionable, out of a couple of hundred. 

What is most valuable?

The visibility Orca provides into my environment is at the highest level. I was super skeptical about Orca when I interviewed the Orca team. When they told me that you can just drop their software in and you don't need to log in to the machines, nor do they need to be powered on, I said, "How the heck are you doing that?" When they told me how it worked I said, "Woah, that's pretty simple. Why didn't I think of that?" When I dropped them into the environment, from the very get-go I had more insight into the risks in my environment than I had had during the entire two and a half years I had been here.

What needs improvement?

I'm thinking about room for improvement that is really grand, in terms of ways that may not be possible. I like to partner with innovators and that's why I partnered with Orca. I don't think what I have in mind is possible—but I didn't think Orca was possible either when I met them. 

If they could disrupt the host intrusion detection space (HIDS) that would be huge. If I could have them assess risk in real-time—which does not seem possible from the block storage analysis perspective—and they could figure that out without an agent, there would be no need for other security tools except for CI/CD pipeline analysis. 

I'm thinking about "omniscient" and "omnipresent." That's what Orca does from a resting state risk standpoint. It's the "all-seeing eye." If it could do that from an active state standpoint in real-time, or even to the second, minute, or hour, that would be big stuff. If they could crack that I don't know what would stop them from dominating the market completely.

On a more practical level, Orca doesn't work in data centers right now. If a company has a large data center footprint, Orca is not necessarily the best solution for that business. If 20 percent of my risk lies in the cloud, and 80 percent is in data centers, I should probably go with an agent-based solution, assuming I can deploy it.

For how long have I used the solution?

We became an Orca customer in February of 2020. We use their SaaS solution which is deployed on the three major public clouds.

What do I think about the stability of the solution?

There were a couple of times when Orca was down when I was trying to access it. I work strange hours because all of my team is in the UK right now. It was 2 a.m. on a Saturday and I was trying to log in but it wasn't working. That was pretty bad. What if I was trying to attend to an emergency security issue?

But relative to my other security tools, Orca is definitely the most stable that I've seen.

What do I think about the scalability of the solution?

It is deployed everywhere in our company. It is a requirement that when we build a cloud or we have a new business joining the company, that it be deployed at inception. It is one of the very first things that I require before any integration is done.

How are customer service and support?

We have used their technical support, but we haven't needed it very much.

When Orca was a very early stage startup and they were working out the kinks, one of our clouds, GCP, was not as easy to deploy in because we have 400 workloads running there. We didn't ask for any support but their CEO stepped up, worked all night, and did it himself.

Orca is focusing on what is right when it comes to customer success. Every business has a limited amount of resources and has to take a certain amount of risk. They didn't build a sales team until pretty late in the game. That speaks to why they're respected so much in the industry. They have a relatively new customer success team, maybe because they haven't had a need for it. When I encounter a problem I will want to put it to the test. I think they'll do pretty well. They have scaled up a bit.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We did not have a previous solution. Before I had Orca, my option for governing at the level that Orca governs was to use network TAP devices from companies like ExtraHop Networks, but they're not capable of gleaning the information that Orca can.

How was the initial setup?

Deploying it only takes a couple of minutes and it hasn't required any maintenance at all. It's so easy to deploy that you can switch away from it pretty easily too. I just don't know anyone who wants to. The stickiness is only in their excellence. For the consumer that's a win-win.

For our deployment they brought in a junior CSM who was brilliant, a wonderful CSM. I was pressuring him and making him very nervous, but he explained the install process: "You copy this URL and paste it here." My DevOps engineer who was onsite messaged me and said, "It's actually really easy. We just put the card in and it was installed two minutes later."

What was our ROI?

It wasn't very important to me that Orca’s solution includes everything “out-of-the-box." But it was certainly a positive thing to have. My view on security is that I'll deploy something that nobody else has emulated. I'll have a very big, cumbersome stack to manage because I want to support excellence in each space. I believe in the Unix philosophy: Do one thing and do it well. But Orca is doing a lot of things well. I can't deny that. And that means I haven't secured some of these other solutions because it does things well. It's among the best cloud configuration auditing software there is. It has replaced a couple of things that were in my environment and avoided the need for an additional couple of things that would be in my environment. One of them is a portion of host intrusion detection, and that has enabled me to move to a solution that is half the cost. That particular move has saved me about $450,000. That's not my total spend in Orca but it's close to it.

Also, it is updated daily and new features are available at no additional cost. It's a "it just works" thing. And it actually mitigates the need for human expenses of around $80,000 a year in payroll. When you factor in the 1.4 times overhead for human resources, that's going to be $112,000 a year and the perceived liability of the company is probably three times that. We're looking at a replacement of $336,000 a year.

In addition, the time to value is better than any other security product in the market. Even if I wanted somebody else to do all the work, I would have to give them more information than I need to give Orca. It would take a couple of hours to filter the data for a mid-sized company, whereas Orca literally installed in two minutes.

Which other solutions did I evaluate?

I called my security team and we were talking about all the various players in the security space, and all the technical aspects. They were saying, "Orca does this, Orca does that," going on about it. I don't really see Orca as being the next Palo Alto displacer, but that's probably because I'm super skeptical. But that's how amazing the governance is. My security said, "Yeah, Orca is the tool that we use, even though you made us PoC all these other solutions."

I spoke with someone who knows the space well and I said, "Okay, Steve, please help me here. You guys know this field. Is there anything else that competes with Orca in this space?" I believe this was before Wiz was on peoples' radars. Steve said, "No, I haven't heard of anything else." I was worried that I would spend all this money on a tool that did something that doesn't exist but it turned out it actually existed.

Every CSO says they don't want false positives, but what CSOs never say is, "I don't want to have false negatives." That bothers me. They're happy because a solution doesn't say, "You need to fix this thing" when it doesn't need to be fixed. But they're ignoring the fact that solutions are not identifying things that do need to be fixed. That's where Orca comes in perfectly. By running it in tandem with my HIDS or some other system, it's validating or invalidating the attestation of security risks from the other software. I had one solution that never gave me any false positives but it did give me a lot of false negatives. After Orca exposed that, I was no longer a customer of that product.

Because I had Orca first and it attested to the risk, it demonstrated the need to employ their competitor. If I had deployed their competitor first, it would not have attested to that risk and the need to deploy Orca. Orca justifies the spend, a multi-hundred-thousand-dollar spend by a mid-sized company on one of their known competitors. That's cool because that means it's not really a competitor.

Whenever people ask me what Orca does, and I say vulnerability assessment, I always say, "But that is really downplaying it." We use Nexus to do vulnerability scanning, which costs almost nothing. But I have almost never acted on a single alert from Nexus because there are so many false positives and the risk categorization is not very good.

What other advice do I have?

I was skeptical about whether it could do all the things they say it can do, and now that I have used it I would say to that skeptic: "Continue to be a skeptic." But the skepticism was blown away by Orca very quickly, at every single turn, on every single angle, and at every single opportunity. Orca destroyed my skepticism. But you have to be skeptical. Still, I would also say to that skeptic: "Just give it a shot. It takes two minutes to deploy." If I had just done that, I would have saved myself time.

Orca is much better than their competitor. They're the best in their space. They're the best in the security tool industry. And they're probably the best in terms of companies that I've worked with in general. Are they the best in mitigating actual risk versus the investment? I will always have to say that security awareness training, not as a service but as an abstract concept, is the best thing that we can do in security. Orca might help with awareness training by being so simple. I can use Orca to make technical leaders aware of security issues.

But technical leaders aren't the ones who need to be made aware of security issues. It's the general staff and public. That means customers and employees. Orca falls right in behind security awareness training. What CSOs out there need to do to make the greatest impact on their company is to get up on stage and tell people why security matters. But in all other areas, Orca is definitely the best. The first thing I'm going to spend my money on is Orca. I can do awareness training for free just by being vocal onstage. Orca requires no time. It doesn't compete with awareness training because I can do that while Orca is spending its time attesting to the pragmatic technical risks in my cloud environment.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
reviewer2593152 - PeerSpot reviewer
Senior Information Security Engineer at a computer software company with 10,001+ employees
Real User
Detect vulnerabilities and compliance issues quickly with flexible filtering and visualization
Pros and Cons
  • "One of the valuable features of Orca Security is its design and options that allow flexible filtering and user-friendly visualization."
  • "I would rate the quality of support as nine stars out of ten due to their quick and helpful responses."
  • "Orca needs improvement in snoozing or dismissing specific alarms."
  • "Orca needs improvement in snoozing or dismissing specific alarms. Currently, snoozing dismisses all future vulnerabilities related to a CVE."

What is our primary use case?

We are using it for cloud security posture management to detect vulnerabilities, misconfigurations, threats, and malware in our cloud environment.

How has it helped my organization?

Orca has helped us reduce the time it takes to address cloud security alerts because of its risk-based calculation and immediate notifications for critical assets and popular vulnerabilities.

What is most valuable?

One of the valuable features of Orca Security is its design and options that allow flexible filtering and user-friendly visualization. 

Additionally, it covers a large scope of vulnerabilities, CVEs, malware, and misconfiguration. It also helps identify compliance issues in our cloud environments like AWS or GCP.

What needs improvement?

Orca needs improvement in snoozing or dismissing specific alarms. Currently, snoozing dismisses all future vulnerabilities related to a CVE. Another improvement is in handling alerts for multiple files with the same CVE; it should provide an option to manage each file separately without affecting others.

For how long have I used the solution?

I have been using Orca Security for around one year.

What do I think about the stability of the solution?

We have experienced some problems with the frontend, which occurred around three times a year, usually when updates introduced new lines of code that disrupted functionality.

What do I think about the scalability of the solution?

Scalability is automatically managed. When you onboard an organization, Orca will find new projects, folders, and resources without any additional effort required.

How are customer service and support?

I contacted support quite often, and they felt like family due to the frequency. I would rate the quality of support as nine stars out of ten due to their quick and helpful responses.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I have used CrowdStrike before but was not happy with its features in the CSPM realm. Many of my friends in cybersecurity use Wyz and are pleased with it.

How was the initial setup?

Seventy percent of the deployment was completed successfully with documentation. However, we needed support from Orca for AWS onboarding. GCP was the easiest to onboard, followed by Azure, with AWS being the most challenging.

What's my experience with pricing, setup cost, and licensing?

Pricing is flexible, depending on the number of licenses, contract duration, and future plans. The initial price seemed high, however, after negotiation, the final price was ideal.

Which other solutions did I evaluate?

I evaluated CrowdStrike and have heard positive feedback about Wyz from peers.

What other advice do I have?

New users should have admin rights and follow Orca's clear documentation and web interface instructions for onboarding. 

It's rated eight out of ten for its overall performance.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Download our free Orca Security Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Buyer's Guide
Download our free Orca Security Report and get advice and tips from experienced pros sharing their opinions.