We performed a comparison between CrowdStrike Falcon Cloud Security and Orca Security based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: CrowdStrike Falcon Cloud Security was lauded for its strong adherence to security best practices. It particularly excels in endpoint protection and its ability to leverage machine learning and AI. Orca Security provides comprehensive cloud insights with its patented SideScanning feature. Users like how it prioritizes vulnerabilities and risks. CrowdStrike Falcon Cloud Security could improve its Kubernetes and GCP support. Orca Security could improve intrusion detection and data center compatibility. Reviewers also want to improve integration with non-standard ticketing systems.
Service and Support: CrowdStrike Falcon Cloud Security users are generally content with the support team's assistance and promptness. Orca Security's customer service has been commended for being prompt, skilled, and attentive to customers' needs.
Ease of Deployment: The setup for CrowdStrike Falcon Cloud Security was deemed easy, but some users struggled with the Kubernetes implementation. Orca Security offers a quick and uncomplicated initial setup, requiring just a few minutes and no ongoing maintenance.
Pricing: Users consider the pricing of CrowdStrike Falcon Cloud Security to be fair, but it may be pricier than on-premises alternatives. Some have suggested that Orca Security's price could be lower, but others say the cost is justified because of the visibility and security it offers.
ROI: Users have provided limited feedback about the return on investment for CrowdStrike Falcon Cloud Security. Orca Security is a holistic security solution that results in significant cost savings. It offers immediate results and does not require much training.
"It used to guide me about an alert. There is something called an alert guide. I used to click on the alert guide, and I could read everything. I could read about the alert and how to resolve it. I used to love that feature."
"We've seen a reduction in resources devoted to vulnerability monitoring. Before PingSafe we spent a lot of time monitoring and fixing these issues. PingSafe enabled us to divert more resources to the production environment."
"Cloud Native Security is user-friendly. Everything in the Cloud Native Security tool is straightforward, including detections, integration, reporting, etc. They are constantly improving their UI by adding plugins and other features."
"It saves time, makes your environment more secure, and improves compliance. PingSafe helps with audits, ensuring that you are following best practices for cloud security. You don't need to be an expert to use it and improve your security."
"Cloud Native Security is a tool that has good monitoring features."
"Support has been very helpful and provides regular feedback and help whenever needed. They've been very useful."
"I like CSPM the most. It captures a lot of alerts within a short period of time. When an alert gets triggered on the cloud, it throws an alert within half an hour, which is very reasonable. It is a plus point for us."
"The user interface is well-designed and easy to navigate."
"The most valuable feature of CrowdStrike Falcon Cloud Security is its lightweight sensor, taking minimal space and not impacting server performance."
"The RTR feature stands out as particularly valuable to me due to its capability to log into machines."
"It is fully cloud-based, so we don't need to invest in third-party agents repeatedly."
"The initial setup is easy ."
"The immediate mitigation of potential threats and instant alerts are valuable."
"CrowdStrike utilizes signatureless technology, eliminating the need for regular signature updates on endpoint systems."
"Cloud security is one valuable feature. Spotlight is the other one. There is also vulnerability management and a couple of more features."
"It's easy to gather insights and conduct analysis about existing threats."
"Another valuable feature with Orca, something that's not talked about enough, is its ability to rank your gaps and your tasks... You can get visibility with agents and there are a lot of ways to do that. But the ranking and the context across the entire environment, that is what is unique about Orca."
"Orca's SideScanning is the biggest feature. It's the 'wow' factor... With Orca's SideScanning, they just need permissions for your account and that makes it so simple."
"The initial setup is very easy."
"The visibility Orca provides into my environment is at the highest level... When I dropped them into the environment, from the very get-go I had more insight into the risks in my environment than I had had during the entire two and a half years I had been here."
"The most valuable feature of Orca Security is the automated scanning tool, user-friendliness, and ease of use."
"There are so many valuable features that I could list, but one that I appreciate is the PCI DSS compliance report."
"It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just scan the entire assets in the cloud."
"Orca Security has updated its interface, making it more user-friendly. I find it particularly useful as it allows me to easily navigate the dashboard and prioritize actions based on severity and criticality."
"I would like additional integrations."
"We wanted it to provide us with something like Claroty Hub in AWS for lateral movement. For example, if an EC2 instance or a virtual machine is compromised in a public subnet based on a particular vulnerability, such as Log4j, we want it to not be able to reach some of our databases. This kind of feature is not supported in PingSafe."
"The recommended actions aren't always specific, so it might suggest recommendations that don't apply to the particular infrastructure code I'm reviewing."
"For vulnerabilities, they are showing CVE ID. The naming convention should be better so that it indicates the container where a vulnerability is present. Currently, they are only showing CVE ID, but the same CVE ID might be present in multiple containers. We would like to have the container name so that we can easily fix the issue."
"It would be really helpful if the solution improves its agent deployment process."
"There's an array of upcoming versions with numerous features to be incorporated into the roadmap. Customers particularly appreciate the service's emphasis on intensive security, especially the secret scanning aspect. During the proof of concept (POC) phase, the system is required to gather logs from the customer's environment. This process entails obtaining specific permissions, especially in terms of gateway access. While most permissions for POC are manageable, the need for various permissions may need improvement, especially in the context of security."
"We are getting reports only in a predefined form. I would like to have customized reports so that I can see how many issues are open or closed today or in two weeks."
"The Kubernetes scanning on the Oracle Cloud needs to be improved. It's on the roadmap. AWS has this capability, but it's unavailable for Oracle Cloud."
"The only suggestion for improvement would be the pricing."
"The log scale or Humio side of it where it collects the data and expands into the XDR world still needs time to develop in terms of the way it combines the data and metadata that flows into the platform. I know they're working on it."
"Different file options should be available, and clients should be able to select from the options."
"Incorporating threat intelligence into the system would be a valuable addition."
"The only challenge lies in token verification."
"It gets the work done, but the main problem with the solution is that if you remediate anything, it takes 45 days for you to get any of the features displayed on the dashboard. This is the real weakness of CrowdStrike. Their customer support is also not ready to help with it. If you remediate any cloud vulnerability that they are giving you, such as removing a host from your organization, it takes around 45 days for them to remove it from their console."
"One area for improvement in Falcon Cloud Security is the support portal."
"The threat intelligence and user behavioral analysis could be more comprehensive."
"We are PCI DSS compliant, so we need to scan our environment externally with tools vetted by the PCI DSS organization. Orca doesn't scan the environment externally. It only scans what's currently in the cloud."
"In the future, I'd like to see Orca work better with third-party vendors. Specifically, being able to provide sanitized results from third parties."
"It's not all clouds that they are currently onboarded with. For instance, they are not yet with public cloud and many other private clouds."
"They can expand a little bit in anti-malware detection. While we have pretty good confidence that it's going to detect some of the static malware, some of the detections are heuristics. There could be a growth in the library from where they're pulling their information, but we don't get a lot of those alerts based on the design of our products. In general, that might be an area that needs to be filled since they offer it as a service within it."
"The presentation of the data in the dashboard is a little bit chaotic."
"The solution could improve by making the dashboards more elaborative and more descriptive."
"There were a couple of times when Orca was down when I was trying to access it. I work strange hours because all of my team is in the UK right now. It was 2 a.m. on a Saturday and I was trying to log in but it wasn't working. But relative to my other security tools, Orca is definitely the most stable that I've seen."
"The interface can be a bit cranky and sometimes takes a lot of time to load."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
More CrowdStrike Falcon Cloud Security Pricing and Cost Advice →
CrowdStrike Falcon Cloud Security is ranked 8th in Cloud Security Posture Management (CSPM) with 13 reviews while Orca Security is ranked 9th in Cloud Security Posture Management (CSPM) with 15 reviews. CrowdStrike Falcon Cloud Security is rated 8.8, while Orca Security is rated 9.4. The top reviewer of CrowdStrike Falcon Cloud Security writes "Enhances the overall safety of our company's environment from cyber threats". On the other hand, the top reviewer of Orca Security writes "Allows agentless data collection directly from the cloud". CrowdStrike Falcon Cloud Security is most compared with Prisma Cloud by Palo Alto Networks, AWS GuardDuty, Wiz, Qualys VMDR and Azure Kubernetes Service (AKS), whereas Orca Security is most compared with Wiz, Prisma Cloud by Palo Alto Networks, Microsoft Defender for Cloud, Tenable Vulnerability Management and XM Cyber. See our CrowdStrike Falcon Cloud Security vs. Orca Security report.
See our list of best Cloud Security Posture Management (CSPM) vendors, best Container Security vendors, and best Cloud Workload Protection Platforms (CWPP) vendors.
We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.