We performed a comparison between Orca Security and Rapid7 InsightVM based on real PeerSpot user reviews.
Find out in this report how the two Cloud Security Posture Management (CSPM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Orca's platform provides an agentless data collection facility that collects information directly from the cloud using APIs, with zero impact on performance."
"Orca Security has patented technologies. It's an agentless solution, so you don't need to install an agent. Instead, it contacts your account provider and fetches metadata, eliminating the need for snapshots or reserved space to copy client infrastructure."
"Orca's dashboard is excellent. My team needs to be able to focus on specific areas for improvement in our cloud environment. And most recently, we've started to get good use out of sonar, the search capabilities, and the alert creation."
"It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just scan the entire assets in the cloud."
"The reporting and automated remediation capabilities are valuable to me. They're real game-changers."
"The vulnerability management does not require network scanning or agent technology, so I don't need to modify any of my products in order to do vulnerability assessments."
"Orca's SideScanning is the biggest feature. It's the 'wow' factor... With Orca's SideScanning, they just need permissions for your account and that makes it so simple."
"Orca gives you great visibility into your assets. It shows you the issues and the things that you need to attend to first, by prioritizing things. You can see a lot of information that is not always visible, even to DevOps, to help you know about the machines and their status. It's very easy to see everything in a single dashboard. That makes it a very useful tool."
"Using Rapid7, we can install a scan engine, we can do our VPN connections, and we can conduct internal scans of remote sites. We prefer the web application. It's smarter and more accurate from an application perspective."
"The cost is what is most valuable. Compared to the other products on the market, the cost is more palatable."
"This solution is very easy to use and easy to install."
"The solution is very user friendly and easy to manage."
"It is good and fits well with pretty much all of our use case needs."
"There are many integrations with things like the VMware NSX that are great, the reporting is really solid."
"When you connect any new device to the network, Rapid7 has the ability to detect the new device immediately. It can scan that device to detect if it has any vulnerability. It tells you what is vulnerable and what has been misconfigured. It also tells you what is the risk of that misconfiguration or lack of patches and how to resolve the problem."
"It is stable and scalable."
"I would like to see better customization options for security frameworks and better integration with reporting tools like Power BI or Grafana dashboards."
"In the future, I'd like to see Orca work better with third-party vendors. Specifically, being able to provide sanitized results from third parties."
"They can expand a little bit in anti-malware detection. While we have pretty good confidence that it's going to detect some of the static malware, some of the detections are heuristics. There could be a growth in the library from where they're pulling their information, but we don't get a lot of those alerts based on the design of our products. In general, that might be an area that needs to be filled since they offer it as a service within it."
"The interface can be a bit cranky and sometimes takes a lot of time to load."
"The solution could improve by making the dashboards more elaborative and more descriptive."
"We are PCI DSS compliant, so we need to scan our environment externally with tools vetted by the PCI DSS organization. Orca doesn't scan the environment externally. It only scans what's currently in the cloud."
"Another improvement would be that, in addition to focusing on endpoint compliance, they would focus on general compliance."
"I would like to see an option to do security checks on a code level. This is possible because they have access to all of the code running in the cloud provider, and combining their site-scanning solution with that would be a nice add-on."
"Rapid7 InsightVM, has impressive capabilities, especially when it comes to managing video equipment. However, we've noticed that Rapid7 also offers a cloud solution called CloudSec, and we don't have that. We think it would be better if InsightVM had all the features for both on-premise and cloud management."
"I would say that it improved our visibility, but it left things open."
"There was functionality present previously, however, currently, we can't integrate directly with Jira Service Desk - only the cloud version."
"I would like to see more integration."
"InsightVM is getting a little stale and is in danger of falling behind its competitors."
"Within InsightVM, there is no feature to assign a ticket. If we can have more API calls, we can do that from InsightVM."
"We are a registered reseller and a trusted partner. However, for us to get any support from them I can't log a call directly with Rapid7 InsightVM. I have to work with the distributor to log the call for me."
"Some of our customers want to be completely cloud based, and Rapid7 doesn't offer this as an option."
Orca Security is ranked 9th in Cloud Security Posture Management (CSPM) with 15 reviews while Rapid7 InsightVM is ranked 4th in Risk-Based Vulnerability Management with 55 reviews. Orca Security is rated 9.4, while Rapid7 InsightVM is rated 8.0. The top reviewer of Orca Security writes "Allows agentless data collection directly from the cloud". On the other hand, the top reviewer of Rapid7 InsightVM writes "You can scan a network, and receive recommendations to address vulnerabilities with the click of a button". Orca Security is most compared with Wiz, Prisma Cloud by Palo Alto Networks, Microsoft Defender for Cloud, CrowdStrike Falcon Cloud Security and Tenable Vulnerability Management, whereas Rapid7 InsightVM is most compared with Tenable Nessus, Qualys VMDR, Tenable Security Center, Microsoft Defender Vulnerability Management and Wiz. See our Orca Security vs. Rapid7 InsightVM report.
We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.