Orca Security

Cloud security platform for AWS, Azure, and GCP environments

About Orca Security

Got more than 100 cloud assets? Orca Security is a cloud security platform designed to help businesses detect and identify vulnerabilities, malware, misconfigurations, weak and leaked passwords, lateral movement risk, and high-risk data across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) environments.

Orca SideScanning™ technology is a radically better approach because Orca doesn’t go inside each workload to fetch data. Instead, it uses an out-of-band process to reach cloud workloads through the runtime storage layer and combines this with metadata gathered from cloud provider APIs. In this way, Orca is able to provide deep and contextualized visibility of cloud environments. It covers 100% of an organization’s assets with absolutely no agent or network scanner.

Orca Security prioritizes risk after assessing the relationships between assets, and can notify IT DevOps and security teams about threats through Slack, and initiate remediation workflows in Jira and ServiceNow. Orca enables businesses to identify unsecured high-risk data such as personally identifiable information (PII), and helps meet compliance mandates such as PCI, HIPAA, CIS, ISO 2700, SOC2, CCPA, and GDPR.

Administrators can use an Open API to connect the system with third-party cloud providers to retrieve data, synchronize processes, and configure Orca Security's dashboard according to business requirements.

Key benefits of Orca Security

Detects all important risks in cloud environments—both workload and control plane.

Security teams don’t have to update agents or signature packs to get a hold of the latest data, because Orca curates dozens of vulnerability, exploit, threat intelligence, malware, and leaked password databases to give customers the widest coverage from day one.

Integrates with any cloud environment in minutes without any side effects on performance and availability.

Since there’s no reliance on per-asset integration, customers don’t have to settle for partial deployment and visibility. Even paused or stopped machines are brought to light.

Prioritizes alerts based on all available data, presenting a manageable number of alerts.

Alerts can automatically push to Slack, or customers can click a button to kick-off workflows in Jira or ServiceNow along with each alert’s precise path to remediation.

Orca eases compliance efforts and tracks progress against industry standards. For example, Orca helps meet compliance mandates such as PCI, HIPAA, CIS, SOC2, ISO 2700, CCPA, and GDPR by showing regulators evidence of the customer’s ability to identify and protect PII—as well as their ability to systematically detect vulnerabilities, malware, and improperly secured secrets.

Devices

Business size

S M L

Images

Orca Security onboarding
Orca Security critical alerts
Orca Security dashboard
View 4 more
Orca Security video
Orca Security video
Orca Security screenshot: Orca Security onboarding Orca Security screenshot: Orca Security critical alerts Orca Security screenshot: Orca Security dashboard

Features

Total features of Orca Security: 36

  • API
  • Access Controls/Permissions
  • Activity Dashboard
  • Alerts / Escalation
  • Anti Virus
  • Application Security
  • Assessment Management
  • Asset Discovery
  • Asset Management
  • Asset Tagging
  • Behavioral Analytics
  • Encryption
  • Endpoint Management
  • IOC Verification
  • IT Asset Tracking
  • Incident Management
  • Intrusion Detection System
  • Monitoring
  • Network Scanning
  • Patch Management
  • Performance Management
  • Policy Management
  • Prioritization
  • Requirements Management
  • Risk Alerts
  • Risk Analytics
  • Risk Assessment
  • Risk Management
  • Security Auditing
  • Third Party Integrations
  • Threat Intelligence
  • Vulnerability Assessment
  • Vulnerability Protection
  • Vulnerability Scanning
  • Web Scanning
  • Whitelisting/Blacklisting

Alternatives

Falcon

4,8
#1 Alternative to Orca Security
Falcon is a cloud-based endpoint protection platform designed to help enterprises detect, manage, and remediate threats...

Alert Logic MDR

4,5
#2 Alternative to Orca Security
Alert Logic MDR is a managed detection and response platform that helps businesses identify, investigate, and eliminate...

Wallarm WAF

4,7
#3 Alternative to Orca Security
Wallarm is a cloud-based application security suite designed to help organizations automate protection and security...

TOPIA

4,9
#4 Alternative to Orca Security
Efficiently Reduce Organizational Security Risk with TOPIA's leading vulnerability management platform that provides an...

Reviews

Overall rating

4,8 /5
(18)
Value for Money
4,5/5
Features
4,7/5
Ease of Use
4,8/5
Customer Support
4,8/5

Already have Orca Security?

Software buyers need your help! Product reviews help the rest of us make great decisions.

Write a Review!
Showing 5 reviews of 18
Verified Reviewer
Overall rating
  • Industry: Information Technology & Services
  • Company size: 1 001-5 000 Employees
  • Used Daily for 6-12 months
  • Review Source

Overall rating

  • Value for Money
  • Ease of Use
  • Customer Support
  • Likelihood to recommend 10.0 /10

Orca - Scan from the side, 0 user impact

Reviewed on 2021/02/19

We switched to a custom Linux Kernel that agent based VMS could not support. Orca was the only...

We switched to a custom Linux Kernel that agent based VMS could not support. Orca was the only solution that we found that could solve our use case.

Pros

Orca is an agentless approach to VMS. This means there is 0 user impact or performance degradation. Your Operations team does not have to manage agent roll out, it also does not need to manage upgrades/downtime. This saves you operating costs and allows your Ops team to focus on other security items.

Orca is OS agnostic, it does not matter what your development/architecture team decides to pivot to. Orca supports Windows/Linux/Mac/Containerization. It also is Cloud agnostic, have subs in Azure or AWS? Orca can handle them all with a few clicks.

The entire roll out took around 10 minutes.

Cons

There are features missing in Orca from a nice to have stand point. The product is fairly new and a lot of these enhancements are being worked on. The Orca team has been very responsive to enhancements thus far.

Aaron B.
Overall rating
  • Industry: Computer Software
  • Company size: 501-1 000 Employees
  • Used Daily for 6-12 months
  • Review Source

Overall rating

  • Value for Money
  • Ease of Use
  • Customer Support
  • Likelihood to recommend 10.0 /10

Know your entire cloud sprawl in minutes

Reviewed on 2020/08/25

Product Integration - It's as easy as they sell it. I had it up and running in multiple accounts in...

Product Integration - It's as easy as they sell it. I had it up and running in multiple accounts in no time.

Support - Wonderful support and leadership team that cares about their customers.

Open API - Rich and open API that allows you to extend and build on top of the product.

Pros

The extensibility of the product, and how rich the API is. I can find out almost anything about my environment. Using Orca gives me insight into my entire cloud sprawl. I can get information about malware, open-ingress to EC2 instances, and open source vuln management. The only limit to its use is imagination.

Cons

Creating new alerts can be clunky. However, the Orca team is always improving and is currently working on a V2. Navigating the UI can be a bit of a challenge at times when looking for specific info. This is why I often opt for using the API over the UI.

Jon R.
Overall rating
  • Industry: Information Technology & Services
  • Company size: 501-1 000 Employees
  • Used Daily for 1-5 months
  • Review Source

Overall rating

  • Value for Money
  • Ease of Use
  • Customer Support
  • Likelihood to recommend 7.0 /10

Orca is a great product

Reviewed on 2021/02/19

It was a great experience.

It was a great experience.

Pros

I liked the side scanning technology availab.e

Cons

The price was super high for a new to market tool.

Paul I.
Overall rating
  • Industry: Computer Software
  • Company size: 1 001-5 000 Employees
  • Used Daily for 6-12 months
  • Review Source

Overall rating

  • Value for Money
  • Ease of Use
  • Customer Support
  • Likelihood to recommend 10.0 /10

Orca Security Review

Reviewed on 2021/02/22

The first step to increase the security posture of an environment is to understand it. Orca...

The first step to increase the security posture of an environment is to understand it. Orca Security instantly gave me that visibility without the hurdles of an agent.

Pros

The ability to get quick visibility into the cloud assets without going through the technical hurdles of deploying an agent.

Cons

I think the UI could use a bit more improvement. I've been using this software for 6 months and not everything is intuitive. I still forget where things are exactly.

Abhinay P.
Overall rating
  • Industry: Hospital & Health Care
  • Company size: 10 000+ Employees
  • Used Weekly for 1-5 months
  • Review Source

Overall rating

  • Value for Money
  • Ease of Use
  • Customer Support
  • Likelihood to recommend 9.0 /10

Agent less solution is the future in security vulnerability and container security monitoring.

Reviewed on 2020/08/11

We were trying to solve container security challenges. Actively monitoring what is going on within...

We were trying to solve container security challenges. Actively monitoring what is going on within container. Benefit of agent less solution is two fold, 1) Do not have to install agents on the host machine. 2) Effective in monitoring workloads running in managed containers.
Orca security, ability of side-scanning technology examines block storage out of band via a software-as-a-service (SaaS) platform.

Pros

Agent less no installation required. Simple 3 step process to connect account and start monitoring. Extensive deep insight into installed packages within container. Clear categorization of alerts as Imminent compromises, Hazardous, Informational with color coding for clear visibility. Also builds digital asset inventory for tracking different types cloud based assets ex: S3 buckets, EC2 instances. Easy to connect multiple accounts across AWS, Azure, GCP.
Under Vulnerability management some of the key features to highlight are Asset Discovery, Asset Tagging, Network Scanning, Patch Management,Vulnerability Assessment,Web Scanning, Risk Management and Policy Management.
Couple of the key cloud security features to highlight are Endpoint Management,Threat Intelligence,Vulnerability Management,
Intrusion Detection System, Behavioral Analytics, Encryption and Application Security. Ease of integration was one of the reason to consider Orca security solution.

Cons

Reporting and user interface are immature, but improving, not real time. This is near real time solution depends on frequency of scanning. VM specific details if consolidated as actionable insights will be very helpful to narrow our focus to relevant issues (ex: identified affected packages within a container is great, giving link to specific patches will be very helpful.

Showing 5 reviews of 18 Read all reviews

Orca Security FAQs

Below are some frequently asked questions for Orca Security.

Orca Security offers the following pricing plans:

  • Starting from:
  • Pricing model: Subscription
  • Free Trial: Available

Orca Security is available on annual subscriptions. Please contact Orca Security directly for pricing information.

We do not have any information about Orca Security features

Orca Security has the following typical customers:

51-200, 201-500, 501-1 000, 1 001+

We do not have any information about what languages Orca Security supports

Orca Security supports the following devices:

Orca Security integrates with the following applications:

Jira, Okta, ServiceNow, Slack, Sumo Logic, SumoMe, Sustainability Engagement, VIA

Orca Security offers the following support options:

Email/Help Desk, FAQs/Forum, Knowledge Base, Phone Support, 24/7 (Live rep), Chat

Related categories

See all software categories found for Orca Security.