• Home
  • AWS Security Hub vs. Orca Security

AWS Security Hub vs Orca Security comparison

Cancel
You must select at least 2 products to compare!
Amazon Web Services (AWS) Logo
AWS Security Hub
Read 17 AWS Security Hub reviews
2,475 views|2,065 comparisons
89% willing to recommend
Orca Security Logo
Orca Security
Read 15 Orca Security reviews
8,641 views|5,622 comparisons
100% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
AWS Security Hub vs. Orca Security
May 2024
Executive Summary
Updated on Jun 21, 2023

We performed a comparison between AWS Security Hub and Orca Security based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Features: Orca Security stands out in its ability to manage container posture and cloud security posture through its SideScanning and ranking gaps features, while AWS Security Hub is appreciated for its strong integration capabilities and real-time alert system. Orca Security needs to expand their coverage and work better with third-party vendors, while also offering security checks on a code level. AWS Security Hub, on the other hand, should improve their user interface, add more integration options, and become multi-cloud compatible.

  • Service and Support: Orca Security's customer service is exceptional, with a technical support team that is both responsive and competent. They have a strong focus on customer success and are willing to take feedback in order to improve their service. On the other hand, AWS Security Hub's support is good and prompt but lacks the same customer-centric approach as Orca Security.

  • Ease of Deployment: Orca Security's initial setup is hassle-free, while AWS Security Hub's setup is generally straightforward but may require some additional effort. AWS Security Hub comes pre-enabled on AWS, but users still need to set up policies. 

  • Pricing: Orca Security's setup cost is straightforward and includes standard licensing fees without additional charges for networking or computing. On the other hand, AWS Security Hub's pricing is reasonable, although it may be unclear for those outside of the central team. Orca's pricing model is aligned with market demand, and they offer discounts. However, smaller organizations may find it expensive.

  • ROI: It is able to replace several other solutions, leading to significant cost savings. Additionally, it offers a comprehensive view of the environment and does not require extensive IT knowledge. On the other hand, AWS Security Hub only offers a positive user experience.

Comparison Results: Orca Security offers a non-intrusive approach with a comprehensive suite of tools for vulnerability management and attack detection, providing excellent visibility into container posture and cloud security posture management. In addition, despite AWS Security Hub's integration capabilities, it lacks the same level of comprehensive tools and ease of use as Orca Security.

To learn more, read our detailed AWS Security Hub vs. Orca Security Report (Updated: May 2024).
Download the complete report
772,649 professionals have used our research since 2012.
Featured Review
Anonymous User
A centralized dashboard that enables efficient monitoring and management of possible security issues
ManojKumar37
User-friendly and efficiently identifies and addresses internal vulnerabilities
Previously, we had a hybrid model where we used both physical devices and VMs across the cloud to manage enterprise security solutions. With Orca... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable feature of the solution stems from the fact that it is easy to manage...It is a scalable solution.""The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources.""Easily integrates with third-party tools""Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup.""Cloudposse is a valuable feature as it guarantees my security.""I find all of the features to be highly valuable.""I really like the seamless integration with the AWS account structure. It can even be made mandatory as part of the landing zone. These are great features. And there's a single pane of glass for the entire account.""The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud."

More AWS Security Hub Pros →

"The most valuable feature of Orca Security is the automated scanning tool, user-friendliness, and ease of use.""Another valuable feature with Orca, something that's not talked about enough, is its ability to rank your gaps and your tasks... You can get visibility with agents and there are a lot of ways to do that. But the ranking and the context across the entire environment, that is what is unique about Orca.""With its Cloud Security Posture Management capability, we have the ability to read across all of our cloud-based environments, which includes AWS and Azure. We have visibility into those environments. Seeing all vulnerabilities and configurations is really powerful for us, but ultimately, the ability to use the API to query across the fleet to understand what is the current state, what is the patch level, which ones are potentially exposed for a new CVE that just came out is even more valuable. It allows us to gather really specific intelligence through simple queries.""It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just scan the entire assets in the cloud.""The vulnerability management does not require network scanning or agent technology, so I don't need to modify any of my products in order to do vulnerability assessments.""Orca's platform provides an agentless data collection facility that collects information directly from the cloud using APIs, with zero impact on performance.""Orca Security has updated its interface, making it more user-friendly. I find it particularly useful as it allows me to easily navigate the dashboard and prioritize actions based on severity and criticality.""The visibility Orca provides into my environment is at the highest level... When I dropped them into the environment, from the very get-go I had more insight into the risks in my environment than I had had during the entire two and a half years I had been here."

More Orca Security Pros →

Cons
"The solution should be easier to learn and use""We need more granular-level customizations to enable or disable the rules in AWS Security Hub.""The support must be quicker.""It is not flexible for multi-cloud environments.""From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool.""The solution will only give you insight if you have configure rule enabled. It should work more like Prisma Cloud and Dome9 which have a better approach.""Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub.""It's not user-friendly. Too much going on, too many unnecessary findings, not very visual. You can't do much compared to other similar tools that are cheaper and better."

More AWS Security Hub Cons →

"The solution could improve by making the dashboards more elaborative and more descriptive.""The presentation of the data in the dashboard is a little bit chaotic.""I would be happy if they offered more automatic remediation options. They're working on that, but the more the better. For example, if they want you to harden a server, they would offer a hardening script that would be more aware of what's going on.""They can expand a little bit in anti-malware detection. While we have pretty good confidence that it's going to detect some of the static malware, some of the detections are heuristics. There could be a growth in the library from where they're pulling their information, but we don't get a lot of those alerts based on the design of our products. In general, that might be an area that needs to be filled since they offer it as a service within it.""As with all software, the user interface can always be made simpler to use. It would be helpful for people with very little knowledge, like somebody sitting behind the SOC, to allow them to be able to drill down into things a little bit easier than it is currently.""I would like to see an option to do security checks on a code level. This is possible because they have access to all of the code running in the cloud provider, and combining their site-scanning solution with that would be a nice add-on.""There were a couple of times when Orca was down when I was trying to access it. I work strange hours because all of my team is in the UK right now. It was 2 a.m. on a Saturday and I was trying to log in but it wasn't working. But relative to my other security tools, Orca is definitely the most stable that I've seen.""The interface can be a bit cranky and sometimes takes a lot of time to load."

More Orca Security Cons →

Pricing and Cost Advice
  • "The price of the solution is not very competitive but it is reasonable."
  • "The price of AWS Security Hub is average compared to other solutions."
  • "The pricing is fine. It is not an expensive tool."
  • "AWS Security Hub's pricing is pretty reasonable."
  • "There are multiple subscription models, like yearly, monthly, and packaged."
  • "AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
  • "Security Hub is not an expensive solution."

    • More AWS Security Hub Pricing and Cost Advice →

  • "The most expensive solution is Palo Alto. They claim to be very robust. The next most expensive is Wiz, followed by Orca and all the rest."
  • "It is the cost of the visibility that you get. When you really sit down and think about what do you need to do to secure an environment with a low impact on the business, and you take a look out into the world, I think this tool is well justified around cost."
  • "While it's competitive with Palo Alto Prisma, I think Orca's list price is very high. I would advise Orca to lower it because, at that price, I might consider alternatives like Wiz, which also offers agentless services."
  • "The pricing depends on how many assets you have running in your cloud and how many environments you have. If you have a dev environment, test environment, and a production environment then it's really important that you have coverage for all of them."
  • "Overall, the pricing is reasonable and the discounts have been acceptable."
  • "I think their pricing model is aligned with market demand. Of course, Orca could probably better align their pricing model with the needs of smaller businesses as well as some larger-scale enterprises with millions of assets. But in all fairness, I think the Orca sales team has been accommodating and ensured that we're happy with the pricing."
  • "Orca is very competitive when compared to the alternatives and is not the most expensive in the market, that's for sure."
  • "We have a total of 25 licenses for this solution. The solution is on a pay-and-you-use model."

    • More Orca Security Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
    See Recommendations
    772,649 professionals have used our research since 2012.
    Questions from the Community
    Which is better - Azure Sentinel or AWS Security Hub?
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will… more »
    Read all 2 answers   →
    What do you like most about AWS Security Hub?
    Top Answer:The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.
    Read all 12 answers   →
    What needs improvement with AWS Security Hub?
    Top Answer:We are facing some cost-related issues with the solution. We integrated a couple of services into AWS Security Hub, and some rules are not required for our environment. However, the assessment happens… more »
    Read all 12 answers   →
    What do you like most about Orca Security?
    Top Answer:It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just scan the entire assets in the cloud.
    Read all 13 answers   →
    What needs improvement with Orca Security?
    Top Answer:The company is managed by industry veterans. It's a cloud-based product. They handle misconfigurations and analyse your runtime to detect malware. They're at the forefront regarding developer… more »
    Read all 14 answers   →
    What is your primary use case for Orca Security?
    Top Answer:We use the solution to show misconfiguration. Often, users lack knowledge about their assets' fingerprints and their cloud provider's configurations.
    Read all 13 answers   →
    Ranking
    13th
    out of 52 in Cloud Security Posture Management (CSPM)
    Views
    2,475
    Comparisons
    2,065
    Reviews
    13
    Average Words per Review
    435
    Rating
    7.5
    8th
    out of 52 in Cloud Security Posture Management (CSPM)
    Views
    8,641
    Comparisons
    5,622
    Reviews
    3
    Average Words per Review
    628
    Rating
    9.0
    Comparisons
    Learn More
    Amazon Web Services (AWS)
    Orca Security
    Overview

    AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts. 

    The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments. 

    With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

    Orca Security is the pioneer of agentless cloud security that is trusted by hundreds of enterprises globally. Orca makes cloud security possible for enterprises moving to and scaling in the cloud with its patented SideScanning™ technology and Unified Data Model. The Orca Cloud Security Platform delivers the world's most comprehensive coverage and visibility of risks across AWS, Azure, Google Cloud and Kubernetes.

    At Orca Security, we’re on a mission to make it fast, easy, and cost effective for organizations to address critical cloud security issues so they can operate in the cloud with confidence.

      Key Platform Features: 

      • Agentless: Complete, centralized coverage of the entire cloud estate, without the need for installing and configuring agents or layering together multiple siloed tools. Full visibility of cloud misconfigurations, vulnerabilities, workload protection, malware scanning, image scanning, file integrity monitoring and more.

      • Asset Inventory: Get a complete inventory of all your public cloud assets, including detailed information on installed OSes, software, and applications, as well as data and network assets such as storage buckets, Virtual Private Clouds (VPCs), and Security Groups.

      • Attack Path Analysis: Visualize attack vectors to critical assets or crown jewels. See which assets are susceptible to lateral movement, assume roles, privilege escalation, and more.

      • Risk Prioritization: Prioritize the 1% of risks that matter the most, based on impact scores. Secure the vulnerabilities and misconfigured targets (critical assets) and eliminate the potential risks residing on the attack paths to those targets.

      • Cloud Threat Detection: Monitor for malicious activity within your entire cloud estate. Be aware of detected threats, user behavior anomalies and more.

      • Breach Forensics: Log every change and all activity into a central repository for investigation procedures to confirm or deny entry and compromises within the cloud estate.

      • Cloud To Dev (Shift Left): Orca’s built-in shift left capabilities enables DevOps to focus more security attention earlier in the CI/CD pipelines. Security teams are able to trace a production risk (misconfiguration or vulnerability) directly to the original source code repository from which it came, even down to the exact line of code that is at the root of the identified risk. 

      • Compliance: Choose from over 60 preconfigured compliance frameworks, cloud security best practices, CIS Benchmarks, or design and build your own compliance framework for fast and continuous reporting.

      • Security Score: The Orca Security Score is found on Orca’s Risk Dashboard and is updated daily. The overall score is calculated based on performance in the following five categories - Suspicious Activity, IAM, Data at Risk, Vulnerable Assets, and Responsiveness. Since the scores are percentage based and not raw numbers, you can objectively make comparisons to other organizations within your industry or business units of different sizes. In addition to reporting to senior management, the Orca Security Score can help with internal self-monitoring, as a way of measuring risk mitigation efforts, to know where to focus efforts, and track progress.

      Orca Security Benefits

      • Consolidate technologies to reduce costs and complexity:

      The more I can get out of this one solution, the better. I see Orca as the tool where we get all cloud-related security data.” - Joshua Scott, Head of Security and IT | Postman

      • Avoid costly breaches:

      "I look at proactive asset discovery, configuration management, and vulnerability management as being able to find a vulnerability before the bad guys do and being able to deal with it before something exploits it. This is what Orca does for us." - Doug Graham, CSO & CPO | Lionbridge

      • Increase team productivity and efficiency by focusing on high-value activities and solving the 1% of risks that matter most:

      "Orca is unique in that it locates vulnerabilities with precision and delivers tangible, actionable results – without having to sift through all the noise." - Aaron Brown, Senior Cloud Security Engineer | Sisense

      • Quick Time-to-Value with Immediate ROI:

      "Orca told us we could have some visibility within 5 or 10 minutes, and I thought, ‘There’s no way.’ Well, I was wrong. They really did it." - Thomas Hill, CISO | Live Oak Bank

      • Reduce MTTR and remove operational friction:

      We can’t ask developers things like ‘Did you think about security? When you start a new VM on AWS, can you please let me know so I’m able to scan it? Can you please deploy an agent on that machine for me?’ We need a better way to work. Orca provides that better way by eliminating organizational friction.” - Erwin Geirnaert, Cloud Security Architect | NG Data

        Sample Customers
        Edmunds, Frame.io, GoDaddy, Realtor.com
        BeyondTrust, Postman, Digital Turbine, Solarisbank, Lemonade, C6 Bank, Docebo, Vercel, and Vivino
        Top Industries
        REVIEWERS
        Computer Software Company23%
        Financial Services Firm15%
        Retailer8%
        Recruiting/Hr Firm8%
        VISITORS READING REVIEWS
        Computer Software Company17%
        Financial Services Firm12%
        Manufacturing Company8%
        Government7%
        REVIEWERS
        Financial Services Firm20%
        Computer Software Company20%
        Media Company20%
        Insurance Company10%
        VISITORS READING REVIEWS
        Computer Software Company17%
        Financial Services Firm13%
        Manufacturing Company8%
        University6%
        Company Size
        REVIEWERS
        Small Business41%
        Midsize Enterprise18%
        Large Enterprise41%
        VISITORS READING REVIEWS
        Small Business23%
        Midsize Enterprise13%
        Large Enterprise64%
        REVIEWERS
        Small Business53%
        Midsize Enterprise33%
        Large Enterprise13%
        VISITORS READING REVIEWS
        Small Business24%
        Midsize Enterprise14%
        Large Enterprise62%
        Buyer's Guide
        AWS Security Hub vs. Orca Security
        May 2024
        Free Report: AWS Security Hub vs. Orca Security
        Find out what your peers are saying about AWS Security Hub vs. Orca Security and other solutions. Updated: May 2024.
        DOWNLOAD NOW
        772,649 professionals have used our research since 2012.

        AWS Security Hub is ranked 13th in Cloud Security Posture Management (CSPM) with 17 reviews while Orca Security is ranked 8th in Cloud Security Posture Management (CSPM) with 15 reviews. AWS Security Hub is rated 7.6, while Orca Security is rated 9.4. The top reviewer of AWS Security Hub writes "A centralized dashboard that enables efficient monitoring and management of possible security issues". On the other hand, the top reviewer of Orca Security writes "Allows agentless data collection directly from the cloud". AWS Security Hub is most compared with Microsoft Sentinel, Prisma Cloud by Palo Alto Networks, Wiz, Microsoft Defender for Cloud and Splunk Enterprise Security, whereas Orca Security is most compared with Wiz, Prisma Cloud by Palo Alto Networks, Microsoft Defender for Cloud, CrowdStrike Falcon Cloud Security and Tenable Cloud Security. See our AWS Security Hub vs. Orca Security report.

        See our list of best Cloud Security Posture Management (CSPM) vendors.

        We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.