Mike G.

Sr. Manager, IT Architecture

Enterprise (> 1000 emp.)

1/19/2023

"Powerful platform, lots of capabilities with a few rough edges"

4/5

What do you like best about Orca Security?

Orca is an excellent platform for assessing the security posture of all your cloud accounts in a single interface. The tool easily integrates with cloud accounts from AWS, GCP, Azure and more and makes it easy to scan those accounts for poor configurations, misconfigurations, security problems, etc.

In addition, the "side-scanning" feature for performing vulnerability scanning on your compute instances is compelling and has zero impact on your running workloads. Review collected by and hosted on G2.com.

What do you dislike about Orca Security?

There are a few areas where the development of the tool lags behind what I would like to see. For example, there is a great feature to group cloud accounts by business unit, but you can't leverage that business unit association in many of the reports yet. For example, want to see an inventory of VMs grouped by Business Unit? Can't do it....in fact, the business unit field isn't available in the inventory report at all. The Orca team has told me that this feature is coming very soon, and based on past experience, I believe they will eventually deliver this capability. Review collected by and hosted on G2.com.

What problems is Orca Security solving and how is that benefiting you?

Main problems the tool is allowing me to solve:

1) Assess configuration of cloud accounts against industry standard security baselines as well as against custom baselines that I've created based on my business needs

2) Scan Virtual Machines for vulnerabilities, malware, missing patches etc. without having to directly scan a running VM.

3) build alerts based on governance rules that I have in place for my business and generate notifications to my ticketing system when there are violations. Review collected by and hosted on G2.com.

Orca Security Reviews & Product Details

The Orca Cloud Security Platform identifies, prioritizes, and remediates risks and compliance issues in workloads, configurations, and identities across your cloud estate spanning AWS, Azure, Google Cloud, Kubernetes, Alibaba Cloud, and Oracle Cloud. Orca offers the industry’s most comprehensive cloud security solution in a single platform — eliminating the need to deploy and maintain multiple point solutions. Orca is agentless-first, and connects to your environment in minutes using Orca’s patented SideScanning™ technology that provides deep and wide visibility into your cloud environment, without requiring agents. In addition, Orca can integrate with third-party agents for runtime visibility and protection for critical workloads. Orca is at the forefront of leveraging Generative AI for simplified investigations and accelerated remediation – reducing required skill levels and saving cloud security, DevOps, and development teams time and effort, while significantly improving security outcomes. As a Cloud Native Application Protection Platform (CNAPP), Orca consolidates many point solutions in one platform, including: CSPM, CWPP, CIEM, Vulnerability Management, Container and Kubernetes Security, DSPM, API Security, CDR, Multi-cloud Compliance, Shift Left Security, and AI-SPM.

Product Website

Seller

Orca Security

Languages Supported

English

Product Description

Get workload-level visibility into AWS, Azure, and GCP without the operational costs of agents. You could buy three tools instead… but why? Orca replaces legacy vulnerability assessment tools, CSPM, and CWPP. Deploys in minutes, not months.

Overview by

Caleb Furrier

Value at a Glance

Averages based on real user reviews.

Time to Implement

1 month

View More Pricing Information

Orca Security Integrations

(7)

Verified by Orca Security

Orca Security Media

Orca Security Demo - The Agentless Cloud Security Pioneer

The Orca Cloud Security Platform is built on Orca’s patented SideScanning technology that scans your entire cloud estate to eliminate the gaps in coverage, organizational friction, performance hits, and high operational costs of agent-based solutions.

Orca Security Demo - Achieve 100% coverage

Orca provides full-stack visibility and coverage for all your cloud assets within minutes across VMs, containers, and serverless applications, as well as cloud infrastructure resources, so you can understand all of your cloud risks.

Orca Security Demo - Prioritize and understand your greatest risks

Orca's context-aware engine prioritizes the 1% of alerts that truly matter and surfaces the attack paths with the greatest impact to your business - providing you with a detailed understanding of your cloud risks and how to tackle them.

Orca Security Demo - A single platform with a Unified Data Model

As a purpose-built CNAPP Platform, Orca addresses all of your cloud security needs including CSPM, CWPP, CIEM, DSPM, Vulnerability Management, API Security, Compliance, and more - in a single, centralized platform, allowing you to easily query, investigate, and understand all your cloud risks and...

Orca Security Demo - Quickly trace and remediate risks from Cloud to Dev

Remediating cloud risks is a huge challenge for security teams, especially in a world where DevOps is the norm. Orca not only alerts on an issue, but if applicable, also shows the code origin, even down to the line of code that caused the risk, enabling developers to remediate issues at a lightni...

In this 3-minute demo, see how the Orca Platform is a unified, purpose-built, Cloud-Native Application Protection Platform (CNAPP) for AWS, Azure, and GCP that:

In this video, Orca Security's CEO and co-founder Gil Geron presents the key features and benefits of the Orca Cloud Security Platform.

Learn about our agentless cloud native application protection platform designed for organizations in public clouds. We show how we provide complete centralized visibility of your entire cloud estate.

Official Downloads

(5)

edit

Orca Security Reviews (222)

View 1 Video Reviews

G2 reviews are authentic and verified.

Here's how.

Jose R.

Director, Agile Transformation and Delivery

Enterprise (> 1000 emp.)

12/16/2025

"Powerful Dashboards and Seamless Jira Integration"

5/5

What do you like best about Orca Security?

The dashboards, the integration with Jira, the filters and triggers Review collected by and hosted on G2.com.

What do you dislike about Orca Security?

The integration setup in a little complicated Review collected by and hosted on G2.com.

Veeresh P.

Cloud Security Consultant

Enterprise (> 1000 emp.)

6/6/2025

"Good Features and NO Prerequisites required such as enabling AWS Cloudtrail, Azure Activity log, etc"

4/5

What do you like best about Orca Security?

1] The best thing which i liked about Orca Security is that it provides Meta Data scanning which helps to find all the Misconfigurations, vulnerabilities, code misconfiguration, etc.

2] Also very important thing is that, when onboarding/integrating the Cloud Accounts such as AWS, Azure, etc, into Orca security, There are NO Prerequisites such as enabling Azure Activity logs, AWS Cloudtrail, etc. This creates a sense of security as any organizations doesn't like to share their logs to third party vendors.

3] If compared with another competitors such as Lacework, In my personal opinion, The Orca Security is very easy to use and I can understand where to navigate, find any Dashboards, etc. Review collected by and hosted on G2.com.

What do you dislike about Orca Security?

1] The very first is the Cost. It is very costly with NO Discounts even for the Partners.

2] Overall, I don't find any Demerits though, just maybe cost perspective only. Review collected by and hosted on G2.com.

What problems is Orca Security solving and how is that benefiting you?

1] We are the consultant and service provider where we do the Cloud Security Assessment. For the Customer with high budget and if they want full cloud assessment, we Propose the Orca Security Tool or other Tools which works the best.

2] But some customers don't want their Cloud Logs such as AWS CloudTrail, Azure Activity Logs to be shared to Third Party, so here Orca Security works the best because Orca Security doesn't need any Cloud Logs and hence Orca Security Tool is Proposed to Customer. Review collected by and hosted on G2.com.

Weryke R.

Enterprise (> 1000 emp.)

5/20/2022

"Very quick implementation and great visibility."

4.5/5

What do you like best about Orca Security?

Their data posture has been a good update. Further attack path visibility is a great help. Review collected by and hosted on G2.com.

What do you dislike about Orca Security?

Not as much advancement in vulnerability validations as I would like to see but great product. Review collected by and hosted on G2.com.

Verified User in Health, Wellness and Fitness

Enterprise (> 1000 emp.)

10/27/2025

"Direct and Easy to Use, Gets Straight to the Point with Vulnerabilities"

5/5

What do you like best about Orca Security?

It goes straight to the point, without beating around the bush, allowing you to quickly identify what is vulnerable and what should be added first. Additionally, it stands out for its ease of use. Review collected by and hosted on G2.com.

What do you dislike about Orca Security?

The available credits can easily run out when integrating new clouds. Review collected by and hosted on G2.com.

Carlos C.

IT Security Manager

Enterprise (> 1000 emp.)

2/26/2025

"An incredible visibility and compliance tool for the cloud"

5/5

What do you like best about Orca Security?

Plug and play, in minutes you connect to your cloud accounts and are ready to use. Very easy to implement.

Sonar allows you to search any cloud object to find out inventory details, alerts, etc.

It has several frameworks, including Brazil LGPD.

The ORCA support teams is great, they reply very soon to resolve any issue.

There're some integrations with 3rd party tools.

The side-scanning technology is great, you gain a entire visibility of your environment, without agent installation needed. Review collected by and hosted on G2.com.

What do you dislike about Orca Security?

The vulnerability feature should be better. Review collected by and hosted on G2.com.

Verified User in Insurance

Mid-Market (51-1000 emp.)

5/9/2023

"Easy to setup, Quick and Useful Insights"

4.5/5

What do you like best about Orca Security?

They adopted GenAI really fast in 2023, and new features are constantly answering user enquiries like docker scanning support. Review collected by and hosted on G2.com.

What do you dislike about Orca Security?

Things are more well documented now, and they have an AI agent to assist you in case you need anything. Review collected by and hosted on G2.com.

Jay B.

SecOps Administrator

Mid-Market (51-1000 emp.)

12/19/2024

"Orca Security has led us to a greatly improved cloud security posture within days of use."

5/5

What do you like best about Orca Security?

The interface is very intuitive and there was not a learning curve at all. Being able to create reports on pretty much any dashboard has been very helpful. Vulnerabilities and misconfigurations found by Orca give us more than enough information to be handed to our development team for remediation without having to do any additional research. Overall, this is a very well thought out platform. Review collected by and hosted on G2.com.

What do you dislike about Orca Security?

I honestly have not found anything I dislike yet. Review collected by and hosted on G2.com.

What problems is Orca Security solving and how is that benefiting you?

It was a very painful process to search for misconfigurations with IAM and networking in our environment. Orca has given us a way to have all of the data we need without having to spend hours searching and it most cases gives the instructions needed to remediate. It has also helped us add more shift left into our development process. Review collected by and hosted on G2.com.

Steven B.

Security Architect

Enterprise (> 1000 emp.)

11/13/2024

"Fantastic, powerful tool for cloud security"

5/5

What do you like best about Orca Security?

Orca provides top-tier dashboards and easy dashboard customization which quickly surfaces critical risks.

Orca support replies rapidly and consistently works to resolve issues.

Orca installation in 2/3 of our main cloud environments was a smooth process, and the last environment took just an extra hour of work. Overall, a very smooth onboarding process, and great training resources were provided.

Orca provides incredibly rich, useful data about the risks it detects, with very low/none false positives. Review collected by and hosted on G2.com.

What do you dislike about Orca Security?

The compliance modules currently load extremely slowly, lack CIS critical controls v8.1, and waiting for the promised module rewrite next year sucks.

Orca knowledgebase documentation is tied to your Orca login. To faciliate non-technical staff (or folks who don't need console access) working with the tool, it would be great if they were decoupled.

Exporting risk data to CSV from Orca often requires selecting which of 119-250+ columns I want, at least once, unless you like getting a 1 GB CSV file (wow!)

Exporting to CSV frequently hangs (probably due to the default enormous CSV size), requiring the usage of scheduled reports, which is less convenient. Review collected by and hosted on G2.com.

What problems is Orca Security solving and how is that benefiting you?

Orca is an incredibly powerful tool. We're using it to detect vulnerabilities in virtual machines, misconfigured serverless functions, excessive IAM policies, unhardened virtual machines, VMs missing critical protective software, VMs under attack, and so much more, and that's just the tip of what Orca can do. Review collected by and hosted on G2.com.

michael m.

Lead Security Engineer

Mid-Market (51-1000 emp.)

2/26/2025

"A powerfule security tool for all cloud environments"

4.5/5

What do you like best about Orca Security?

Orca enabled us to have full visibility into our cloud environment. It is a powerful tool that provides the necessary details to properly secure your infrastructure. It gives you consistent up-to-date information. It is an incredibly easy to use platform. We were able to implement and start getting results within 24 hours. Orca is also extremely scalable. Review collected by and hosted on G2.com.

What do you dislike about Orca Security?

Orca provides a lot of information and can result in alert fatigue. There are some areas with vulnerability management that they can do better on. For instance, having the ability to not alert on vulnerabilities that are superseded. Review collected by and hosted on G2.com.

Maksym M.

Security engineer

Mid-Market (51-1000 emp.)

5/23/2023

"Had exceptional experience"

4.5/5

What do you like best about Orca Security?

Agentless Approach and Deep Visibility. It doesn't require the installation of any agents or additional software, that’s why we need just minutes to onboard new accounts to Orca. After onboarding, Orca provides really comprehensive asset discovery, vulnerability scanning, and risk assessment. Also, I am impressed by Orca Security's continuous product development and its dedication to introducing new features. Review collected by and hosted on G2.com.

What do you dislike about Orca Security?

Usually, Orca performs scans every 24 hours, that's why alerts are not real-time. Also, it would be great if Orca expand its integration capabilities especially with Cloudflare Review collected by and hosted on G2.com.

What problems is Orca Security solving and how is that benefiting you?

Orca Security provides contextualized alerts and actionable insights to security teams. By correlating security incidents with context, it helps prioritize and address security issues effectively. Additionally, its agentless approach reduces the complexity of deployment and ongoing management, making it easier for us to integrate Orca Security into our existing security operations. Review collected by and hosted on G2.com.