Orca Security Reviews & Product Details

The dashboards, the integration with Jira, the filters and triggers Review collected by and hosted on G2.com.

The integration setup in a little complicated Review collected by and hosted on G2.com.

1] The best thing which i liked about Orca Security is that it provides Meta Data scanning which helps to find all the Misconfigurations, vulnerabilities, code misconfiguration, etc.

2] Also very important thing is that, when onboarding/integrating the Cloud Accounts such as AWS, Azure, etc, into Orca security, There are NO Prerequisites such as enabling Azure Activity logs, AWS Cloudtrail, etc. This creates a sense of security as any organizations doesn't like to share their logs to third party vendors.

3] If compared with another competitors such as Lacework, In my personal opinion, The Orca Security is very easy to use and I can understand where to navigate, find any Dashboards, etc. Review collected by and hosted on G2.com.

1] The very first is the Cost. It is very costly with NO Discounts even for the Partners.

2] Overall, I don't find any Demerits though, just maybe cost perspective only. Review collected by and hosted on G2.com.

Their data posture has been a good update. Further attack path visibility is a great help. Review collected by and hosted on G2.com.

Not as much advancement in vulnerability validations as I would like to see but great product. Review collected by and hosted on G2.com.

It goes straight to the point, without beating around the bush, allowing you to quickly identify what is vulnerable and what should be added first. Additionally, it stands out for its ease of use. Review collected by and hosted on G2.com.

The available credits can easily run out when integrating new clouds. Review collected by and hosted on G2.com.

Plug and play, in minutes you connect to your cloud accounts and are ready to use. Very easy to implement.

Sonar allows you to search any cloud object to find out inventory details, alerts, etc.

It has several frameworks, including Brazil LGPD.

The ORCA support teams is great, they reply very soon to resolve any issue.

There're some integrations with 3rd party tools.

The side-scanning technology is great, you gain a entire visibility of your environment, without agent installation needed. Review collected by and hosted on G2.com.

The vulnerability feature should be better. Review collected by and hosted on G2.com.

They adopted GenAI really fast in 2023, and new features are constantly answering user enquiries like docker scanning support. Review collected by and hosted on G2.com.

Things are more well documented now, and they have an AI agent to assist you in case you need anything. Review collected by and hosted on G2.com.

The interface is very intuitive and there was not a learning curve at all. Being able to create reports on pretty much any dashboard has been very helpful. Vulnerabilities and misconfigurations found by Orca give us more than enough information to be handed to our development team for remediation without having to do any additional research. Overall, this is a very well thought out platform. Review collected by and hosted on G2.com.

I honestly have not found anything I dislike yet. Review collected by and hosted on G2.com.

Orca provides top-tier dashboards and easy dashboard customization which quickly surfaces critical risks.

Orca support replies rapidly and consistently works to resolve issues.

Orca installation in 2/3 of our main cloud environments was a smooth process, and the last environment took just an extra hour of work. Overall, a very smooth onboarding process, and great training resources were provided.

Orca provides incredibly rich, useful data about the risks it detects, with very low/none false positives. Review collected by and hosted on G2.com.

The compliance modules currently load extremely slowly, lack CIS critical controls v8.1, and waiting for the promised module rewrite next year sucks.

Orca knowledgebase documentation is tied to your Orca login. To faciliate non-technical staff (or folks who don't need console access) working with the tool, it would be great if they were decoupled.

Exporting risk data to CSV from Orca often requires selecting which of 119-250+ columns I want, at least once, unless you like getting a 1 GB CSV file (wow!)

Exporting to CSV frequently hangs (probably due to the default enormous CSV size), requiring the usage of scheduled reports, which is less convenient. Review collected by and hosted on G2.com.

Orca enabled us to have full visibility into our cloud environment. It is a powerful tool that provides the necessary details to properly secure your infrastructure. It gives you consistent up-to-date information. It is an incredibly easy to use platform. We were able to implement and start getting results within 24 hours. Orca is also extremely scalable. Review collected by and hosted on G2.com.

Orca provides a lot of information and can result in alert fatigue. There are some areas with vulnerability management that they can do better on. For instance, having the ability to not alert on vulnerabilities that are superseded. Review collected by and hosted on G2.com.

Agentless Approach and Deep Visibility. It doesn't require the installation of any agents or additional software, that’s why we need just minutes to onboard new accounts to Orca. After onboarding, Orca provides really comprehensive asset discovery, vulnerability scanning, and risk assessment. Also, I am impressed by Orca Security's continuous product development and its dedication to introducing new features. Review collected by and hosted on G2.com.

Usually, Orca performs scans every 24 hours, that's why alerts are not real-time. Also, it would be great if Orca expand its integration capabilities especially with Cloudflare Review collected by and hosted on G2.com.