Try our new research platform with insights from 80,000+ expert users

Orca Security vs Prisma Cloud by Palo Alto Networks comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Container Security
3rd
Ranking in Cloud Workload Protection Platforms (CWPP)
4th
Ranking in Cloud Security Posture Management (CSPM)
4th
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
3rd
Average Rating
8.6
Reviews Sentiment
8.0
Number of Reviews
99
Ranking in other categories
Vulnerability Management (6th), Cloud and Data Center Security (5th), Compliance Management (3rd)
Orca Security
Ranking in Container Security
10th
Ranking in Cloud Workload Protection Platforms (CWPP)
9th
Ranking in Cloud Security Posture Management (CSPM)
7th
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
6th
Average Rating
9.0
Reviews Sentiment
7.9
Number of Reviews
19
Ranking in other categories
Vulnerability Management (9th), Data Security Posture Management (DSPM) (5th), Cloud Detection and Response (CDR) (1st)
Prisma Cloud by Palo Alto N...
Ranking in Container Security
1st
Ranking in Cloud Workload Protection Platforms (CWPP)
1st
Ranking in Cloud Security Posture Management (CSPM)
1st
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
1st
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
108
Ranking in other categories
Web Application Firewall (WAF) (5th), Data Security Posture Management (DSPM) (1st)
 

Featured Reviews

Andrew W - PeerSpot reviewer
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.
Cédric Thian-Meng - PeerSpot reviewer
It contacts your account provider and fetches metadata, eliminating the need for snapshots or reserved space to copy client infrastructure
Orca Security has patented technologies. It's an agentless solution, so you don't need to install an agent. Instead, it contacts your account provider and fetches metadata, eliminating the need for snapshots or reserved space to copy client infrastructure. The multi-cloud capability displays essential information and potential vulnerabilities with granular detail. For instance, it identifies paths that attackers might exploit to gain root or admin access to machines. It is comprehensive, covering a wide range of software needs. They also integrate with CI/CD pipelines, enabling developers to ensure security from the early stages of code deployment. This integration provides a 100% guarantee on security, safeguarding images, configurations, and other crucial information throughout the development process.
Mohammad Qaw - PeerSpot reviewer
It gives you one console to see all of your assets, review their configurations, and build your processes
Most customers use Prisma Cloud for visibility and compliance. Prisma has so many features, but many organizations do not use them. They primarily use the visibility part to connect all their cloud accounts and hosts for visibility to see if they are missing any security controls or if they have any misconfigurations. You can connect it to cloud environments such as Azure, AWS, Oracle Cloud, Alibaba, etc., or to an on-prem data center. Prisma Cloud gives you so many options to automate processes related to your daily operations. When it comes to cybersecurity, you can automate things with their existing APIs. They also have out-of-the-box integrations with many solutions. I have not seen any limitations. Everything is customizable. You can do whatever you want, defining the reporting and custom use cases. They recently updated the UI, so it's much better than before.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The user-friendly dashboard offers both convenience and security by providing quick access to solutions and keeping us informed of potential threats."
"We like the platform and its response time. We also like that its console is user-friendly as well as modern and sleek."
"All the features we use are equal and get the job done."
"SentinelOne Singularity Cloud Security offers valuable features like runtime notifications. These alerts come to my account, ensuring that if any port or component within my infrastructure is opened or compromised, I am informed immediately. It highlights issues within minutes or even seconds."
"Cloud Native Security's most valuable features include cloud misconfiguration detection and remediation, compliance monitoring, a robust authentication security engine, and cloud threat detection and response capabilities."
"We've seen a reduction in resources devoted to vulnerability monitoring. Before PingSafe we spent a lot of time monitoring and fixing these issues. PingSafe enabled us to divert more resources to the production environment."
"The management console is highly intuitive to comprehend and operate."
"The most valuable feature is the notification system, providing real-time alerts and comparisons crucial for maintaining security."
"Orca gives you great visibility into your assets. It shows you the issues and the things that you need to attend to first, by prioritizing things. You can see a lot of information that is not always visible, even to DevOps, to help you know about the machines and their status. It's very easy to see everything in a single dashboard. That makes it a very useful tool."
"Orca Security has patented technologies. It's an agentless solution, so you don't need to install an agent. Instead, it contacts your account provider and fetches metadata, eliminating the need for snapshots or reserved space to copy client infrastructure."
"The initial setup is very easy."
"Orca's platform provides an agentless data collection facility that collects information directly from the cloud using APIs, with zero impact on performance."
"I would rate the quality of support as nine stars out of ten due to their quick and helpful responses."
"The visibility Orca provides into my environment is at the highest level... When I dropped them into the environment, from the very get-go I had more insight into the risks in my environment than I had had during the entire two and a half years I had been here."
"I find Orca Security's CIEM feature invaluable, as it focuses on entitlement and posture management, identifying assets with older OS versions, and asset misconfiguration."
"Orca's SideScanning is the biggest feature. It's the 'wow' factor... With Orca's SideScanning, they just need permissions for your account and that makes it so simple."
"Prisma Cloud is quite simple to use. The web GUI is powerful. Prisma Cloud scans the overall architecture of the AWS network to identify open ports and other vulnerabilities, then highlights them."
"The most valuable feature is its cloud security posture management."
"The most valuable features of Prisma Cloud are its cloud security posture management and cloud workload protection capabilities."
"Prisma Cloud's most valuable asset is its ability to provide detailed visibility into container activity."
"One of the most valuable features is the compliance of RedLock, which we are using for any issues with security. It flags them and that's the primary objective of that feature."
"The client wasn't using all of the features, but the one that stood out was infrastructure-as-code (IaC). I built IaC use cases and was trying to get them to use it. I also liked cloud workload protection. I worked with the vulnerability management team to develop a process. It's a manual process, so it can be challenging to remediate many image or container issues. It was nice that we could build out a reporting process and download the reports. The reports are solid."
"It also provides us with a single tool to manage our entire cloud architecture. In fact, we are using a multi-account strategy with our AWS organization. We use Prisma as a single source of truth to identify high- or medium-severity threats inside our organization."
"What I found most valuable in Prisma Cloud by Palo Alto Networks is the VAS, such as the web application and API security. I feel that VAS adds a lot of value, mainly because it gives visibility through the application layer and threat detection features."
 

Cons

"When we get a new finding from PingSafe, I wish we could get an alert in the console, so we can work on it before we see it in the report. It would be very useful for the team that is actively working on the PingSafe platform, so we can close the issue the same day before it appears in the daily report."
"Their search feature could be better."
"SentinelOne Singularity Cloud Security has limited legacy system support and may not fully support older operating systems or legacy environments."
"Implementing single sign-on requires a pre-class account feature, which is currently not available."
"To enhance the notification system's efficiency, resolved issues should be promptly removed from the portal."
"We had a glitch in PingSafe where it fed us false positives in the past."
"The documentation that I use for the initial setup can be more detailed or written in a more user-friendly language to avoid troubles."
"The alerting system of the product is an area that I look at and sometimes get confused about. I feel the alerting feature needs improvement."
"The interface can be a bit cranky and sometimes takes a lot of time to load."
"I would like to see better customization options for security frameworks and better integration with reporting tools like Power BI or Grafana dashboards."
"I think Orca could give me more alerts. It could give me a dashboard with all the specific types of alerts I want to see for the day. It should just be one click."
"I would like to see an option to do security checks on a code level. This is possible because they have access to all of the code running in the cloud provider, and combining their site-scanning solution with that would be a nice add-on."
"It's not all clouds that they are currently onboarded with. For instance, they are not yet with public cloud and many other private clouds."
"Another improvement would be that, in addition to focusing on endpoint compliance, they would focus on general compliance."
"The main drawback in an agentless approach is that if the solution detects a virus or malware in the environment, we need to manually remove it. But from my experience with other production environments, it's not straightforward to install agents in the hope they will automatically remediate viruses, even from production environments... Ultimately, the ability to auto-remediate is something that I would like to see."
"The documentation for Orca Security could be improved."
"In terms of improvement, there are some small things like hardening and making sure the Linux resources are deployed well but that's more at an operational level."
"Sometimes we do get false alerts. That should be improved."
"It would be nice Prisma Cloud merged its modules for CSPM and infrastructure as code. It would simplify the pricing and make it easier for customers to evaluate the solution because there are different modules, and you need to add it to your subscription separately."
"It provides all the cloud details but is not entirely linked to the compute model."
"Getting new guys trained on using the solution requires some thought. If someone is already trained on Palo Alto then he's able to adapt quickly. But, if someone is coming from another platform such as Fortinet, or maybe he's from the system side, that is where we need some help. We need to find out if there is an online track or training that they can go to."
"Palo Alto needs to add more support staff to improve their response time."
"We face some GUI issues related to new permissions for AWS. So far, we don't have any automation to complete them through the GUI. We have to manually update the permissions. Our customers have faced some issues with that."
"I think Prisma Cloud could improve its preventive governance policy and CWP run time modules."
 

Pricing and Cost Advice

"The tool is cost-effective."
"It was reasonable pricing for me."
"I am not involved in the pricing, but it is cost-effective."
"Singularity Cloud Security by SentinelOne is cost-efficient."
"We found it to be fine for us. Its price was competitive. It was something we were happy with. We are not a Fortune 500 company, so I do not know how pricing scales at the top end, but for our cloud environment, it works very well."
"We have an enterprise license. It is affordable. I'm not sure, but I think we pay 150,000 rupees per month."
"SentinelOne provided competitive pricing compared to other vendors, and we are satisfied with the deal."
"The licensing is easy to understand and implement, with some flexibility to accommodate dynamic environments."
"We have a total of 25 licenses for this solution. The solution is on a pay-and-you-use model."
"I think their pricing model is aligned with market demand. Of course, Orca could probably better align their pricing model with the needs of smaller businesses as well as some larger-scale enterprises with millions of assets. But in all fairness, I think the Orca sales team has been accommodating and ensured that we're happy with the pricing."
"The most expensive solution is Palo Alto. They claim to be very robust. The next most expensive is Wiz, followed by Orca and all the rest."
"It is the cost of the visibility that you get. When you really sit down and think about what do you need to do to secure an environment with a low impact on the business, and you take a look out into the world, I think this tool is well justified around cost."
"Orca Security charges are based on cloud workloads. So, it's based on workloads. If we look at one feature, it might be expensive."
"The price is a bit expensive for smaller organizations."
"While it's competitive with Palo Alto Prisma, I think Orca's list price is very high. I would advise Orca to lower it because, at that price, I might consider alternatives like Wiz, which also offers agentless services."
"Overall, the pricing is reasonable and the discounts have been acceptable."
"Prisma Cloud is more expensive than some other solutions, but when we consider all of its use cases, the cost averages out."
"It is an expensive tool. It is not cheap technology. It is a serious investment for any customer. Customers typically buy it together with services. In my experience, customers buying Prisma Cloud are prepared to pay for the implementation and the tool itself."
"I wouldn't mind if it were cheaper. We are spending a fair amount of money on Prisma Cloud."
"The licensing cost is a bit high on the compute side."
"The pricing is competitive. From what I have seen in the past, it is on par with the others."
"The pricing is reasonable."
"Almost all the CSPM tools are pretty expensive."
"The pricing structure is easy to understand. Depending on the use case the pricing of the solution can be different. There are not any additional costs to the standard living fees."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
824,067 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
19%
Financial Services Firm
15%
Manufacturing Company
9%
Government
5%
Computer Software Company
17%
Financial Services Firm
13%
Manufacturing Company
9%
University
6%
Educational Organization
17%
Financial Services Firm
13%
Computer Software Company
12%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
The pricing is somewhat high compared to other market tools. This cost can be particularly prohibitive for small busi...
What needs improvement with PingSafe?
To enhance the notification system's efficiency, resolved issues should be promptly removed from the portal. Currentl...
What do you like most about Orca Security?
It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just ...
What needs improvement with Orca Security?
The documentation for Orca Security could be improved. The compliance framework also needs enhancements, especially c...
What is your primary use case for Orca Security?
We used Orca Security for Cloud Security Posture Management (CSPM), vulnerability assessment, and several other secur...
What is your primary use case for Prisma Cloud by Palo Alto Networks ?
Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
What Cloud-Native Application Protection Platform do you recommend?
We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We...
What do you think of Aqua Security vs Prisma Cloud?
Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valu...
 

Also Known As

PingSafe
No data available
Palo Alto Networks Prisma Cloud, Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
 

Overview

 

Sample Customers

Information Not Available
BeyondTrust, Postman, Digital Turbine, Solarisbank, Lemonade, C6 Bank, Docebo, Vercel, and Vivino
Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
Find out what your peers are saying about Orca Security vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: November 2024.
824,067 professionals have used our research since 2012.