Orca Security
Cloud security platform for AWS, Azure, and GCP environments
4,8 /5 (12 reviews) Write a Review!Orca Security Overview
What is Orca Security?
Got more than 100 cloud assets? Orca Security is a cloud security platform designed to help businesses detect and identify vulnerabilities, malware, misconfigurations, weak and leaked passwords, lateral movement risk, and high-risk data across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) environments.
Orca SideScanning™ technology is a radically better approach because Orca doesn’t go inside each workload to fetch data. Instead, it uses an out-of-band process to reach cloud workloads through the runtime storage layer and combines this with metadata gathered from cloud provider APIs. In this way, Orca is able to provide deep and contextualized visibility of cloud environments. It covers 100% of an organization’s assets with absolutely no agent or network scanner.
Orca Security prioritizes risk after assessing the relationships between assets, and can notify IT DevOps and security teams about threats through Slack, and initiate remediation workflows in Jira and ServiceNow. Orca enables businesses to identify unsecured high-risk data such as personally identifiable information (PII), and helps meet compliance mandates such as PCI, HIPAA, CIS, ISO 2700, SOC2, CCPA, and GDPR.
Administrators can use an Open API to connect the system with third-party cloud providers to retrieve data, synchronize processes, and configure Orca Security's dashboard according to business requirements.
Orca Security Overview
Pricing
Pricing options
Orca Security is available on annual subscriptions. Please contact Orca Security directly for pricing information.
Orca Security Features
Media
Orca Security Reviews
Orca Security Reviews
Clean UI, Effective, Robust
Easy reporting of (mostly true positives) cloud-related alerts. I can just export the data, brush it up, and share. Alerting on unpatched resources and secrets is very good compared to competitors.
Know your entire cloud sprawl in minutes
Product Integration - It's as easy as they sell it. I had it up and running in multiple accounts in no time.
Support - Wonderful support and leadership team that cares about their customers.
Open API - Rich and open API that allows you to extend and build on top of the product.
client-less malware detection
Orca provides me with contextual security risk, it can identify a server with PII file which is exposed to the internet and rate it with a higher severity than a server which is not exposed to the internet.
Agent less solution is the future in security vulnerability and container security monitoring.
We were trying to solve container security challenges. Actively monitoring what is going on within container. Benefit of agent less solution is two fold, 1) Do not have to install agents on the host machine. 2) Effective in monitoring workloads running in managed containers.
Orca security, ability of side-scanning technology examines block storage out of band via a software-as-a-service (SaaS) platform.
Super Easy to Setup and Start Managing Your AWS Risks
Not having to deal with agents combined with direct integration with our ticking system has saved us countless hours of precious engineering time. Because of this, we have gained tremendous value from the product since we can effectively manage AWS risks while focusing on creating more features and values for our customers.
Compare overall rating with alternatives
Compare with alternatives
Clean UI, Effective, Robust
Pros
The Orca UI is clean and provides a good overview, the alerts are relevant, and the export functionality is very useful.
Cons
The compliance functionality is a work in progress.
Know your entire cloud sprawl in minutes
Product Integration - It's as easy as they sell it. I had it up and running in multiple accounts in no time.
Support - Wonderful support and leadership team that cares about their customers.
Open API - Rich and open API that allows you to extend and build on top of the product.
Pros
The extensibility of the product, and how rich the API is. I can find out almost anything about my environment. Using Orca gives me insight into my entire cloud sprawl. I can get information about malware, open-ingress to EC2 instances, and open source vuln management. The only limit to its use is imagination.
Cons
Creating new alerts can be clunky. However, the Orca team is always improving and is currently working on a V2. Navigating the UI can be a bit of a challenge at times when looking for specific info. This is why I often opt for using the API over the UI.
client-less malware detection
Orca provides me with contextual security risk, it can identify a server with PII file which is exposed to the internet and rate it with a higher severity than a server which is not exposed to the internet.
Pros
agentless malware detection and great server/ containers visibility to identify security-related threats
Cons
The one thing that I least liked about this software, is that it's not real-time protection
Agent less solution is the future in security vulnerability and container security monitoring.
We were trying to solve container security challenges. Actively monitoring what is going on within container. Benefit of agent less solution is two fold, 1) Do not have to install agents on the host machine. 2) Effective in monitoring workloads running in managed containers.
Orca security, ability of side-scanning technology examines block storage out of band via a software-as-a-service (SaaS) platform.
Pros
Agent less no installation required. Simple 3 step process to connect account and start monitoring. Extensive deep insight into installed packages within container. Clear categorization of alerts as Imminent compromises, Hazardous, Informational with color coding for clear visibility. Also builds digital asset inventory for tracking different types cloud based assets ex: S3 buckets, EC2 instances. Easy to connect multiple accounts across AWS, Azure, GCP.
Under Vulnerability management some of the key features to highlight are Asset Discovery, Asset Tagging, Network Scanning, Patch Management,Vulnerability Assessment,Web Scanning, Risk Management and Policy Management.
Couple of the key cloud security features to highlight are Endpoint Management,Threat Intelligence,Vulnerability Management,
Intrusion Detection System, Behavioral Analytics, Encryption and Application Security. Ease of integration was one of the reason to consider Orca security solution.
Cons
Reporting and user interface are immature, but improving, not real time. This is near real time solution depends on frequency of scanning. VM specific details if consolidated as actionable insights will be very helpful to narrow our focus to relevant issues (ex: identified affected packages within a container is great, giving link to specific patches will be very helpful.
Super Easy to Setup and Start Managing Your AWS Risks
Not having to deal with agents combined with direct integration with our ticking system has saved us countless hours of precious engineering time. Because of this, we have gained tremendous value from the product since we can effectively manage AWS risks while focusing on creating more features and values for our customers.
Pros
Since Orca Security does not require any agents to install, setup took less than five minutes. We are also use multiple AWS accounts and since setup was simple, within less than thirty minutes, we had a single pane view of most of our AWS risks. In addition, since Orca Security integrates with Atlasssian Jira, with only one click, we could quick open remediation tickets for high risk vulnerabilities.
Cons
Although Orca Security offers a ton of AWS coverage, I'd like to see more work with AWS RDS and AWS networking services such as VPC and Security Groups.
Compare user recommendation rating with alternatives
Compare with alternatives
Orca Security Pricing
Orca Security Pricing
Orca Security is available on annual subscriptions. Please contact Orca Security directly for pricing information.
Orca Security is available on annual subscriptions. Please contact Orca Security directly for pricing information.
Compare value for money rating with alternatives
Compare with alternatives
Orca Security Features
Orca Security Features
Compare features rating with alternatives
Compare with alternatives
Categories
Categories
Additional information for Orca Security
Additional information for Orca Security
Key features of Orca Security
- Anti Virus
- Application Security
- Incident Management
- Patch Management
- Policy Management
- Vulnerability Scanning
Benefits
Detects all important risks in cloud environments—both workload and control plane.
Security teams don’t have to update agents or signature packs to get a hold of the latest data, because Orca curates dozens of vulnerability, exploit, threat intelligence, malware, and leaked password databases to give customers the widest coverage from day one.
Integrates with any cloud environment in minutes without any side effects on performance and availability.
Since there’s no reliance on per-asset integration, customers don’t have to settle for partial deployment and visibility. Even paused or stopped machines are brought to light.
Prioritizes alerts based on all available data, presenting a manageable number of alerts.
Alerts can automatically push to Slack, or customers can click a button to kick-off workflows in Jira or ServiceNow along with each alert’s precise path to remediation.
Orca eases compliance efforts and tracks progress against industry standards. For example, Orca helps meet compliance mandates such as PCI, HIPAA, CIS, SOC2, ISO 2700, CCPA, and GDPR by showing regulators evidence of the customer’s ability to identify and protect PII—as well as their ability to systematically detect vulnerabilities, malware, and improperly secured secrets.
Orca Security FAQs
Orca Security FAQs
Below are some frequently asked questions for Orca Security.
Q. What type of pricing plans does Orca Security offer?
Orca Security offers the following pricing plans:
Pricing model: Subscription
Free Trial: Available
Orca Security is available on annual subscriptions. Please contact Orca Security directly for pricing information.
Q. What are the main features of Orca Security?
Orca Security offers the following features:
- Anti Virus
- Application Security
- Incident Management
- Patch Management
- Policy Management
- Vulnerability Scanning
Q. Who are the typical users of Orca Security?
Orca Security has the following typical customers:
Large Enterprises, Mid Size Business
Q. What languages does Orca Security support?
Orca Security supports the following languages:
Dutch, English, German, Hebrew, Japanese, Norwegian, Spanish
Q. What type of pricing plans does Orca Security offer?
Orca Security has the following pricing plans:
Subscription
Q. Does Orca Security support mobile devices?
We do not have any information about what devices Orca Security supports
Q. What other apps does Orca Security integrate with?
Orca Security integrates with the following applications:
Jira, Okta, ServiceNow, Slack, SuMo, Sumo, Sumo Logic, VIA
Q. What level of support does Orca Security offer?
Orca Security offers the following support options:
Phone Support, Online Support, FAQs, Video Tutorials, Forum, Knowledge Base
Easy reporting of (mostly true positives) cloud-related alerts. I can just export the data, brush it up, and share. Alerting on unpatched resources and secrets is very good compared to competitors.