Try our new research platform with insights from 80,000+ expert users
reviewer2201862 - PeerSpot reviewer
Information Security Engineer at a university with 1,001-5,000 employees
Real User
Top 5Leaderboard
User-friendly and efficiently identifies and addresses internal vulnerabilities
Pros and Cons
  • "Orca Security has updated its interface, making it more user-friendly. I find it particularly useful as it allows me to easily navigate the dashboard and prioritize actions based on severity and criticality."
  • "The interface can be a bit cranky and sometimes takes a lot of time to load."

What is our primary use case?

I've been working on this cloud security platform for the past one and a half years. Essentially, we focus on checking different components of AWS and Azure. 

We check over containers, instances, and various other elements running in the cloud. Our work is specifically designed for the cloud environment. We identify and address internal vulnerabilities across applications and operating systems which we are using in the cloud. 

If there are any patch management requirements, we ensure they are done across different applications and even API interfaces. 

In summary, our goal is to maintain security settings across the cloud infrastructure, such as AWS and Azure, used by our company. We connect with the DevSecOps team to actively work on securing the cloud environment and remediate vulnerabilities. We make sure incidents are properly handled, and necessary updates are implemented without causing disruptions. To facilitate communication, we use SMS for incident closure. This has been our focus for the past year.

How has it helped my organization?

Previously, we had a hybrid model where we used both physical devices and VMs across the cloud to manage enterprise security solutions. With Orca Security, we have a specific solution that allows us to monitor internal vulnerabilities and the most exploitable ones across the cloud. This platform is dependable and includes a powerful AI engine that we are currently using. 

It helps us identify and address vulnerabilities early on, including CPU weaknesses and other variations. Additionally, it provides remediation guidance and facilitates patching and updates. Furthermore, it gathers threat intelligence, which is beneficial during incidents.

What is most valuable?

Recently, Orca Security has updated its interface, making it more user-friendly. I find it particularly useful as it allows me to easily navigate the dashboard and prioritize actions based on severity and criticality. 

This feature makes it easy for me to look at prototypes and determine the necessary steps to take, focusing on critical issues first. I love the interface dashboard.

What needs improvement?

I would say that there are some loading issues. Since this is a cloud-native platform, there may be a problem with connecting to the dashboard as soon as it's open. The interface can be a bit cranky and sometimes takes a lot of time to load. So, the way APIs are deployed for our dashboards or monitoring systems needs to be corrected and optimized.

In future releases, Orca Secure needs to have new integrations with different security solutions apart from the cloud. We have EDRs, XDRs, and MDRs. Orca Security should automate the process of connecting and integrating with these solutions. It can be an essential way of protecting the infrastructure in an effective manner.

Buyer's Guide
Orca Security
March 2025
Learn what your peers think about Orca Security. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
848,989 professionals have used our research since 2012.

For how long have I used the solution?

I have been using Orca Security for the last two years. 

What do I think about the stability of the solution?

I would rate the stability of Orca Secure a nine out of ten. 

What do I think about the scalability of the solution?

I would rate the scalability of Orca Secure a nine out of ten. 

What about the implementation team?

We directly bought this product from Orca Security itself, so we did not use any third party to install or deploy it.

What was our ROI?


What's my experience with pricing, setup cost, and licensing?

The price is a bit expensive for smaller organizations. It can be expensive for smaller organizations, but if you are managing your infrastructure in the cloud, it's definitely worth trying.

We have certain subscriptions and licenses for around a thousand instances deployed across the cloud. We purchased the subscriptions for the necessary devices we are running. It has cost us a lot.

What other advice do I have?

I would definitely recommend using Orca Secure. It's a very good cloud security platform. Apart from what I've seen, it has a really extensive dashboard and analysis capabilities. It picturizes actual vulnerabilities and provides guidance for remediation. It's a valuable cloud security evaluation tool, and I would suggest it as the first thing to learn.

Overall, I would rate the solution a solid nine out of ten. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Rooshan Naeem - PeerSpot reviewer
Security Engineer at Eon Health
Real User
Top 5
Effective automated scanning capabilities, low maintenance, and scales well
Pros and Cons
  • "The most valuable feature of Orca Security is the automated scanning tool, user-friendliness, and ease of use."
  • "The solution could improve by making the dashboards more elaborative and more descriptive."

What is our primary use case?

We are using primarily Orca Security for our vulnerability assessment management. We are using it for our container it does free image scanning to find security loopholes that might be present in our overall infrastructure. Additionally, it provides the remediation steps and an overall overview of the security of our infrastructure.

How has it helped my organization?

This solution has helped out organizations by recognizing security threats and vulnerabilities in the early stages of software development. That is one of the benefits that we are receiving from the tool. We are dealing with security loopholes and deficiencies in the earlier stages of our development.

We have the time to review the whole process and Orca Security provides security solutions to our clients. The solution has been beneficial for us to detect security loopholes in our early stages.

What is most valuable?

The most valuable feature of Orca Security is the automated scanning tool, user-friendliness, and ease of use.

What needs improvement?

The solution could improve by making the dashboards more elaborative and more descriptive.

For how long have I used the solution?

I have been using Orca Security for approximately two years.

What do I think about the stability of the solution?

The stability of Orca Security is good.

What do I think about the scalability of the solution?

Orca Security is scalable. We have 25 users using the solution in my organization.

How are customer service and support?

I have used the support a couple of times when we escalated some queries regarding the report formatting and the false positive.

Most of the time whenever we open a support ticket to their technical department the response time is quite high because we are dealing with frequent deployments. We expect them to respond within one or two days but they take quite a long time to respond back.

I rate the support from Orca Security a six out of seven.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

We used to use an open-source vulnerability management tool from OWASP regarding the guidelines that they had listed on their own site using management systems, such as REM, CS, and CVSs, which is a risk management framework. We were using those frameworks for our vulnerability assessment and management.

Orca Security is an enterprise solution, it scales well with your own infrastructure. We thought that the use cases covers and were aligned with our use cases, and this is why we switched.

How was the initial setup?

The initial setup of Orca Security is straightforward. I do not know how long the deployment took, but it is quite intensive, responsive, and has low latency.

I rate the initial setup of Orca Security an eight out of ten.

What about the implementation team?

The implementation of the solution was done in-house.

What's my experience with pricing, setup cost, and licensing?

We have a total of 25 licenses for this solution. The solution is on a pay-and-you-use model.

What other advice do I have?

The vendor handles the maintenance of the solution, such as patches, and different enhancements.

Every organization has its own needs and requirements, and configuring a tool with customization depends on the use case of the current organization. It is not a solution for all organizations. If you are dealing with small projects you don't need to switch to this enterprise solution. The usage of this solution depends on the organization's needs and requirements, another solution might be better.

I rate Orca Security an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Orca Security
March 2025
Learn what your peers think about Orca Security. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
848,989 professionals have used our research since 2012.
Mauro Restante - PeerSpot reviewer
Cybersecurity Customer Service Manager and Technical Account Manager at Cybersel
Reseller
Top 5Leaderboard
Highly scalable and stable solution with good support
Pros and Cons
  • "The initial setup is very easy."
  • "The presentation of the data in the dashboard is a little bit chaotic."

What is our primary use case?

Our use case is very simple. Orca Security is used to monitor and have control over your client's cloud environment, specifically the CP-CFPM.

What is most valuable?

One of the most valuable aspects is the agentless feature. Orca Security doesn't use agents at all.

What needs improvement?

Maybe the presentation of the data in the dashboard. It's a little bit chaotic. There is room for improvement.

For how long have I used the solution?

I have been using Orca Security for one and a half years. 

What do I think about the stability of the solution?

I would rate the stability a ten out of ten. I never faced any problem with stability. Our client base is more SMB.  

What do I think about the scalability of the solution?

I would rate the scalability a ten out of ten. It can easily scale and control a huge environment comprising thousands of VMs. 

How are customer service and support?

The support is very good.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is very easy. We have deployed the solution on the public cloud. However, there is a roadmap, a feature to deploy also in private environments and on-prem environments.

What about the implementation team?

The deployment process takes at least an hour. To onboard, the process is very smooth. You have to collect some information from your cloud environment, specifically as an admin user of your cloud subscription. Then, you have to follow a three-step process inside the Orca platform because Orca will automatically create all the policies and data needed to onboard your subscription.

What's my experience with pricing, setup cost, and licensing?

Orca Security is cheaper compared to other solutions in the same space. 

What other advice do I have?

I would recommend trying this solution once, at least for a month. It is a very good product. 

Overall, I would rate the solution a ten out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
reviewer2199855 - PeerSpot reviewer
Director at a tech services company with 201-500 employees
Reseller
Top 20
Helps increase cloud visibility on different platforms, very stable product and quick to deploy
Pros and Cons
  • "It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just scan the entire assets in the cloud."
  • "It's not all clouds that they are currently onboarded with. For instance, they are not yet with public cloud and many other private clouds."

What is our primary use case?

Some of the customers use it to actually look at their assets in the cloud.

It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just scan the entire assets in the cloud.

How has it helped my organization?

It helps increase cloud visibility on different platforms. And also in terms of the security vulnerability in the cloud space. They recommend specific steps as well. 

What needs improvement?

Actually, it's not all clouds that they are currently onboarded with. For instance, they are not yet with public cloud and many other private clouds.  

Therefore, there is room for improvement, and more private clouds should be added. For the private cloud, we need to install agents into the environment.

For how long have I used the solution?

I have been using it for two years. 

What do I think about the stability of the solution?

So far, we haven't faced any complaints at all after two years. 

So, it has been a stable solution.

What do I think about the scalability of the solution?

Many enterprises that have lesser workloads in the cloud, so there's no point in them monitoring themselves.  So those who have heavy workloads on the cloud need this tool too.

So it can handle large loads of information.

How are customer service and support?

 

Which solution did I use previously and why did I switch?

There is another company who copies them, like people from Wiz.

Theinterface is different, and we don't have a lot of updated stuff. They are copying Orca Security, and they are not the patent holder. The patent holder is Orca.

How was the initial setup?

This product is very fast to onboard; it takes just five minutes. 

You just need to input the admin credentials for the cloud provider, meaning AWS, Azure, and Google. You can just pull it on, and then Orca covers the entire report already.

There's no need for integration because everything is on the cloud. That's why it's agentless.

Just a few steps for onboarding. It is really quick to deploy.

What's my experience with pricing, setup cost, and licensing?

Orca Security charges are based on cloud workloads. So, it's based on workloads.  

If we look at one feature, it might be expensive. But if we're considering all the features they offer in monitoring and scanning, there aren't many tools out there that can do all they do in one tool. So if you compare that, then this is not really expensive. But if we compare just one feature, then it is more expensive than the others.

The user needs to utilize it as a package. 

What other advice do I have?

I would recommend it. Overall, I would rate the solution an eight out of ten because it needs to expand more to support all the markets. They are not there yet.

Not all private clouds are supported, for example, SAP Cloud.

Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
PeerSpot user
Buyer's Guide
Download our free Orca Security Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2025
Buyer's Guide
Download our free Orca Security Report and get advice and tips from experienced pros sharing their opinions.