We performed a comparison between CrowdStrike Falcon Cloud Security and Orca Security based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: CrowdStrike Falcon Cloud Security was lauded for its strong adherence to security best practices. It particularly excels in endpoint protection and its ability to leverage machine learning and AI. Orca Security provides comprehensive cloud insights with its patented SideScanning feature. Users like how it prioritizes vulnerabilities and risks. CrowdStrike Falcon Cloud Security could improve its Kubernetes and GCP support. Orca Security could improve intrusion detection and data center compatibility. Reviewers also want to improve integration with non-standard ticketing systems.
Service and Support: CrowdStrike Falcon Cloud Security users are generally content with the support team's assistance and promptness. Orca Security's customer service has been commended for being prompt, skilled, and attentive to customers' needs.
Ease of Deployment: The setup for CrowdStrike Falcon Cloud Security was deemed easy, but some users struggled with the Kubernetes implementation. Orca Security offers a quick and uncomplicated initial setup, requiring just a few minutes and no ongoing maintenance.
Pricing: Users consider the pricing of CrowdStrike Falcon Cloud Security to be fair, but it may be pricier than on-premises alternatives. Some have suggested that Orca Security's price could be lower, but others say the cost is justified because of the visibility and security it offers.
ROI: Users have provided limited feedback about the return on investment for CrowdStrike Falcon Cloud Security. Orca Security is a holistic security solution that results in significant cost savings. It offers immediate results and does not require much training.
"It's positively affected the communication between cloud security, application developers, and AppSec teams."
"I like CSPM the most. It captures a lot of alerts within a short period of time. When an alert gets triggered on the cloud, it throws an alert within half an hour, which is very reasonable. It is a plus point for us."
"When creating cloud infrastructure, Cloud Native Security evaluates the cloud security parameters and how they will impact the organization's risk. It lets us know whether our security parameter conforms to international industry standards. It alerts us about anything that increases our risk, so we can address those vulnerabilities and prevent attacks."
"We've seen a reduction in resources devoted to vulnerability monitoring. Before PingSafe we spent a lot of time monitoring and fixing these issues. PingSafe enabled us to divert more resources to the production environment."
"Cloud Native Security offers attack path analysis."
"The most valuable feature of PingSafe is its integration with most of our technology stack, specifically all of our cloud platforms and ticketing software."
"PingSafe offers an intuitive user interface that lets us navigate quickly and easily."
"The agentless vulnerability scanning is great."
"There is a lot that it can do, but endpoint protection is the main thing about it. The fact that it uses machine learning and artificial intelligence to monitor and remediate the issues in real-time is probably the bread and butter of the product."
"The immediate mitigation of potential threats and instant alerts are valuable."
"The initial setup is easy ."
"It is fully cloud-based, so we don't need to invest in third-party agents repeatedly."
"The most valuable feature of CrowdStrike Falcon Cloud Security is its lightweight sensor, taking minimal space and not impacting server performance."
"Cloud security posture management (CSPM) is most valuable."
"The most significant benefit is how quickly malware and other malicious attacks are detected."
"The most valuable feature of Falcon Cloud Security is its comprehensive threat-hunting ability."
"Orca's dashboard is excellent. My team needs to be able to focus on specific areas for improvement in our cloud environment. And most recently, we've started to get good use out of sonar, the search capabilities, and the alert creation."
"The initial setup is very easy."
"Another valuable feature with Orca, something that's not talked about enough, is its ability to rank your gaps and your tasks... You can get visibility with agents and there are a lot of ways to do that. But the ranking and the context across the entire environment, that is what is unique about Orca."
"The most valuable feature of Orca Security is the automated scanning tool, user-friendliness, and ease of use."
"The visibility Orca provides into my environment is at the highest level... When I dropped them into the environment, from the very get-go I had more insight into the risks in my environment than I had had during the entire two and a half years I had been here."
"Orca's SideScanning is the biggest feature. It's the 'wow' factor... With Orca's SideScanning, they just need permissions for your account and that makes it so simple."
"The vulnerability management does not require network scanning or agent technology, so I don't need to modify any of my products in order to do vulnerability assessments."
"There are so many valuable features that I could list, but one that I appreciate is the PCI DSS compliance report."
"We can customize security policies but lack auditing capabilities."
"If I had to pick a complaint, it would be the way the hosts are listed in the tool. You have different columns separated by endpoint name, Cloud Account, and Cloud Instances ID. I wish there was something where we could change the endpoint name and not use just the IP address. We would like to have custom names or our own names for the instances. If I had a complaint, that would be it, but so far, it meets all the needs that we have."
"They could generally give us better comprehensive rules."
"It would be really helpful if the solution improves its agent deployment process."
"The could improve their mean time to detect."
"The Automation tab is an add-on that doesn’t work properly. They provide a list of scripts that don’t work and I have asked support to assist but they won’t help. When running on various endpoints the script doesn’t work and if it does, it’s only a couple. There are a lot of useful scripts that would be beneficial to run forensics, event logs, and process lists running on the endpoint."
"The Kubernetes scanning on the Oracle Cloud needs to be improved. It's on the roadmap. AWS has this capability, but it's unavailable for Oracle Cloud."
"When we get a new finding from PingSafe, I wish we could get an alert in the console, so we can work on it before we see it in the report. It would be very useful for the team that is actively working on the PingSafe platform, so we can close the issue the same day before it appears in the daily report."
"It gets the work done, but the main problem with the solution is that if you remediate anything, it takes 45 days for you to get any of the features displayed on the dashboard. This is the real weakness of CrowdStrike. Their customer support is also not ready to help with it. If you remediate any cloud vulnerability that they are giving you, such as removing a host from your organization, it takes around 45 days for them to remove it from their console."
"The CrowdStrike dashboard currently lacks a username field."
"The only suggestion for improvement would be the pricing."
"The threat intelligence and user behavioral analysis could be more comprehensive."
"The UI part needs to be improved."
"The only challenge lies in token verification."
"One area for improvement in Falcon Cloud Security is the support portal."
"There should be cloud storage scanning. We would like to have cloud storage vulnerability and threat management on any cloud storage."
"They can expand a little bit in anti-malware detection. While we have pretty good confidence that it's going to detect some of the static malware, some of the detections are heuristics. There could be a growth in the library from where they're pulling their information, but we don't get a lot of those alerts based on the design of our products. In general, that might be an area that needs to be filled since they offer it as a service within it."
"We are PCI DSS compliant, so we need to scan our environment externally with tools vetted by the PCI DSS organization. Orca doesn't scan the environment externally. It only scans what's currently in the cloud."
"I think Orca could give me more alerts. It could give me a dashboard with all the specific types of alerts I want to see for the day. It should just be one click."
"I would like to see an option to do security checks on a code level. This is possible because they have access to all of the code running in the cloud provider, and combining their site-scanning solution with that would be a nice add-on."
"The main drawback in an agentless approach is that if the solution detects a virus or malware in the environment, we need to manually remove it. But from my experience with other production environments, it's not straightforward to install agents in the hope they will automatically remediate viruses, even from production environments... Ultimately, the ability to auto-remediate is something that I would like to see."
"As with all software, the user interface can always be made simpler to use. It would be helpful for people with very little knowledge, like somebody sitting behind the SOC, to allow them to be able to drill down into things a little bit easier than it is currently."
"I would like to see better customization options for security frameworks and better integration with reporting tools like Power BI or Grafana dashboards."
"There were a couple of times when Orca was down when I was trying to access it. I work strange hours because all of my team is in the UK right now. It was 2 a.m. on a Saturday and I was trying to log in but it wasn't working. But relative to my other security tools, Orca is definitely the most stable that I've seen."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
More CrowdStrike Falcon Cloud Security Pricing and Cost Advice →
CrowdStrike Falcon Cloud Security is ranked 8th in Cloud Security Posture Management (CSPM) with 13 reviews while Orca Security is ranked 9th in Cloud Security Posture Management (CSPM) with 15 reviews. CrowdStrike Falcon Cloud Security is rated 8.8, while Orca Security is rated 9.4. The top reviewer of CrowdStrike Falcon Cloud Security writes "Enhances the overall safety of our company's environment from cyber threats". On the other hand, the top reviewer of Orca Security writes "Allows agentless data collection directly from the cloud". CrowdStrike Falcon Cloud Security is most compared with Prisma Cloud by Palo Alto Networks, AWS GuardDuty, Wiz, Qualys VMDR and Azure Kubernetes Service (AKS), whereas Orca Security is most compared with Wiz, Prisma Cloud by Palo Alto Networks, Microsoft Defender for Cloud, Tenable Vulnerability Management and XM Cyber. See our CrowdStrike Falcon Cloud Security vs. Orca Security report.
See our list of best Cloud Security Posture Management (CSPM) vendors, best Container Security vendors, and best Cloud Workload Protection Platforms (CWPP) vendors.
We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.