Sold by: Orca Security CNAPP
Deployed on AWS
Free Trial
Vendor Insights
Quick Launch
Agentless Cloud Security in a Single, Complete Platform with 100% Coverage
4.6
Overview
Orca Security is the true Cloud Native Application Protection Platform (CNAPP) that identifies, prioritizes, and remediates risks and compliance issues across all of your workloads, configurations, and identities on AWS. Orca offers the industrys most comprehensive cloud security solution in a single platform, eliminating the need to deploy and maintain multiple point solutions.
FAST TIME TO VALUE: The Orca CNAPP Platform is agentless first, and connects to your environment in minutes using patented SideScanning™ technology that provides deep and wide visibility into your cloud environment, without requiring agents. In addition, Orca offers a lightweight agent for organizations that require real-time protection for critical workloads.
RISK PRIORITIZATION: Orca effectively prioritizes risks by applying a granular risk score to each alert, and recognizes when seemingly unrelated issues can be combined to create dangerous attack paths straight to your crown jewels.
FULL SDLC SECURITY: The Orca platform shifts security left by seamlessly integrating into the CI/CD process so that applications can be secured from code to cloud and back.
AI-POWERED: Orca is at the forefront of leveraging Generative AI for simplified investigations and accelerated remediation, reducing required skill levels and saving cloud security, DevOps, and development teams time and effort, while significantly improving security outcomes.
PURPOSE-BUILT CNAPP: Orca unifies many different point solutions in one platform, including CSPM, CWPP, CIEM, DSPM, Container security, API security, AI-SPM, and much more.
Sign up for a demo to uplevel your cloud security and get the fastest time to value available in the industry: https://orca.security/demo/
Additional platform licensing options are not shown in this listing but are available via Private Offer. Please email [email protected] .
Highlights
- Visibility to all your IAAS and PAAS assets including EC2, Containers, S3 buckets using account level read only permissions
- Detect compromises, vulnerabilities and risky configuration within minutes
- No impact on your assets, grows automatically with your cloud account
Details
Sold by
Categories
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(3)
ISO27001
SOC2
AWS Security Specialization
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Quick Launch
Leverage AWS CloudFormation templates to reduce the time and resources required to configure, deploy, and launch your software.
Pricing
Free trial
Try this product free according to the free trial terms set by the vendor.
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/month |
|---|---|---|
Small | Small starter pack of concurrent workloads (EC2) per month | $7,000.00 |
Small-Medium | Small-Medium starter pack of concurrent workloads (EC2) per month | $12,000.00 |
Medium | Medium starter pack of concurrent workloads (EC2) per month | $17,000.00 |
Large | large starter pack of concurrent workloads (EC2) per month | $30,000.00 |
Vendor refund policy
Contact us
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Support
Vendor support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Orca Security CNAPP
By Aqua Security Software Inc.
Top
10
In Monitoring, Application Development
Top
25
In Observability, Software Development
Top
10
In Container Workloads
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Agentless Cloud Security Architecture
Agentless-first approach using patented SideScanning technology that provides deep visibility into cloud environments without requiring agent deployment
Risk Prioritization and Attack Path Analysis
Granular risk scoring applied to each alert with capability to identify and correlate seemingly unrelated issues into dangerous attack paths
Unified Cloud Security Platform
Single platform consolidating multiple security functions including CSPM, CWPP, CIEM, DSPM, Container security, and API security
CI/CD Integration for Application Security
Seamless integration into CI/CD process to secure applications from code to cloud deployment
AI-Powered Investigation and Remediation
Generative AI capabilities for simplified security investigations and accelerated remediation workflows
Offensive Security Engine
Simulates external exploits to produce Verified Exploit Paths for prioritizing exposures that are reachable by outside attackers and reducing cloud attack surface.
Cloud Security Posture Management
Continuously monitors and manages security of AWS configurations to prevent public exposure and ensure compliance.
Secrets Scanning
Identifies more than 750 types of secrets across public and private repositories.
Cloud Infrastructure Entitlements Management
Detects and manages excessive or unused permissions to mitigate the risk of privilege escalation.
Real-Time Malware Detection
Detects malware including zero-days in milliseconds with scanning performed directly in cloud environment for object storage services like Amazon S3 and file storage services.
Multi-Workload Security Coverage
Unified platform securing containers, serverless, Kubernetes, and AI workloads across AWS, on-premises, and multi-cloud environments
Runtime Threat Detection and Enforcement
Runtime protection to detect threats, block malicious activity, and enforce compliance in production across all cloud native workloads
AI and LLM Security Governance
Purpose-built AI workload security to govern large language models and generative AI applications with model abuse detection and policy enforcement
Full Lifecycle Security
Security coverage across the entire software development lifecycle from code development through production deployment
Compliance and Authorization Standards
FedRAMP High authorization enabling compliance with rigorous security and regulatory standards
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
-
-
-
-
No security profile
-
-
-
Standard contract
No
No
No
Customer reviews
Tony M.
Agentless Setup and Unified Cloud Risk Visibility in One Place
Reviewed on Mar 27, 2026
Review provided by G2
What do you like best about the product?
The biggest advantage for us is the agentless setup. We didn’t have to install anything on our workloads, which saved a lot of time and helped us avoid disruption. The side-scanning provides full visibility into vulnerabilities, misconfigurations, and exposed secrets across all of our cloud accounts. I also like that everything is presented in one place, which makes it easier to understand our overall risk posture and see where we need to focus.
What do you dislike about the product?
The platform is very feature-rich, so it takes a bit of time to get fully comfortable with all the different views and capabilities. A few dashboards could be simplified to make navigation quicker and more intuitive, especially for new users who are still learning their way around.
What problems is the product solving and how is that benefiting you?
It addresses the challenge of managing cloud security across multiple environments without adding operational overhead. We now have continuous monitoring across our cloud infrastructure, and we can do it without touching production systems. It also helps us quickly identify and prioritize real risks, so we’re not stuck chasing every alert.
Rodrigo Americo
Centralized visibility has improved cloud risk prioritization and ongoing compliance reporting
Reviewed on Mar 20, 2026
Review from a verified AWS customer
What is our primary use case?
I use Orca Security to analyze misconfiguration and to alert our SOC team when a misconfiguration occurs in our environment so that we can open an incident and solve it.
For example, we have one alert that triggers when a security group is created and a resource is created and exposed to the internet without an ACL attached on the resource and with the security group allowing any IP from the internet to access the resource.
We have created some custom alerts, and we are trying to create some automatic remediation using Orca Security . However, we need to open a ticket to support Orca Security to inform them that we need it, and it will go to the development team, which is not ideal for us as a customer.
I use the risk score related to our vulnerability management program in Orca Security to analyze and prioritize how to fix issues and what we need to fix first. Any resources that have a risk score more than seven are critical for us, and we prioritize the fix accordingly.
I use Orca Security in our public cloud environment.
Using Orca Security, I have visibility in our environment without depending on another team. I can connect our AWS accounts and our cloud accounts directly on the platform, allowing me to see and analyze our environment automatically.
I find that using the AI search feature is particularly valuable, as you do not need extensive knowledge of the platform to identify resources and define what you need to find.
What is most valuable?
The vision related to security frameworks is very valuable for us, and we use that to be compliant with standards such as PCI DSS. The way to create dashboards is very useful for us as well.
It is easy for us to have one place to check things, and when we need to create some report for our teams or for another team, we use these compliance visuals to see what is compliant and what is not compliant.
What needs improvement?
Orca Security can improve the way that a customer can create auto-remediation without depending on support to do that. Perhaps creating one space to implement a script or to create the auto-remediation inside the platform without support would be beneficial.
For how long have I used the solution?
I have been using the solution for the last two years.
What do I think about the stability of the solution?
Orca Security is stable.
Which solution did I use previously and why did I switch?
We used the Prisma solution from Palo Alto in the past, and I believe we changed to Orca Security because of the price that Orca Security offered. However, that is not something that relates directly to me, so I am not certain about that.
reviewer2799597
Agentless cloud security has improved attack path visibility but still needs stronger real-time blocking
Reviewed on Mar 17, 2026
Review from a verified AWS customer
What is our primary use case?
I use Orca Security to deploy in cloud infrastructures as a top-notch agentless SIEM and agentless cloud security platform. My use cases include cloud security, posture management, and detecting configuration misconfigurations across cloud environments. In AWS , which I use mostly for my work, it scans open S3 buckets, open ports, open IPs, and any open ports that are likely to be attacked or used as vulnerabilities. It also performs vulnerability management scans by running on VMs for CVEs, scanning containers, and providing serverless agents. It checks for outdated packages and OS level vulnerabilities without installing any agents. Having worked with other security platforms that have agents, I can confirm that one of Orca Security 's main features is its agentless architecture.
Another significant use case is attack path analysis, which shows how an attacker could chain misconfigurations and vulnerabilities to reach the crown jewel of the environment. This is one of Orca Security's standout features. It visualizes the blast radius, demonstrating what the impact of a vulnerability would be. If an attacker exploits a vulnerability, it shows what may happen and what an attacker could do with all the vulnerabilities and misconfigurations combined.
Another feature is identity and risk access risk, which is CIEM that flags excessive permissions, unused roles, and privilege escalation paths within an IAM . Coming to container and Kubernetes security scans, it scans container images and Kubernetes clusters configurations for risk both before and after the deployment of those clusters. It has many other features as well. When we integrate it with CI/CD integration, it integrates with pipelines to catch Infrastructure as Code misconfigurations from Terraform or CloudFormation before deployment.
What is most valuable?
One of Orca Security's main features is its agentless architecture, enabling it to conduct cloud security gap analysis and vulnerability scans without installing agents. The tool offers visibility into attack paths and predicts potential impacts if an exploit occurs. Furthermore, it includes identity and risk access analysis, CIEM , and Kubernetes cluster scanning. The product integrates well with CI/CD pipelines for identifying IaC misconfigurations. I appreciate its side scanning and workload visibility, which is valuable for analysts involved in security posture management and audit evidence collection.
What needs improvement?
The difference between agentless and agent solutions is that while agentless provides great visibility, it does not offer real-time blocking. Orca Security could improve in this area by combining agentless features with real-time blocking capabilities.
They could add automation to automatically fix detected vulnerabilities and improve real-time runtime protection. More specifically, Orca Security could enhance lateral movement detection.
Orca Sensor, while important for detailed scanning and detection, could benefit from better automation and support for Windows environments.
For how long have I used the solution?
I have been working with Orca Security for one to one and a half years.
What do I think about the stability of the solution?
Yes, as per my experience, it has been very helpful. In our organization, we did not find any major or priority one kind of alerts or risks because we had a very good infrastructure structure and cybersecurity architecture built in our organization. Orca Security helped us find what vulnerabilities or gaps existed which we could improve within our architecture. It helped us in such a way that we used to close the open ports and only allowed internal IPs for necessity. For staging environments and for prod we had DOS protection. If network traffic showed that anybody was trying to flood our systems, we would only accept all and our client-related IPs or an approved list of vendor lists we would have. We would get to know where the gaps are and where the improvements we could make. Being an analyst class engineer, I could use my brain in those areas and it was very helpful to have Orca Security in my arsenal.
What do I think about the scalability of the solution?
Scaling up with Orca Security can depend on the organization's expectations. While it provides substantial cloud mitigation insights, other solutions such as SentinelOne that offer blocking and automation may also be considered. Improving Orca Security's ease of deployment and incorporating AI improvements could bolster its scalability potential.
Which solution did I use previously and why did I switch?
We had Wazuh or Falco OSS or Aqua Security which was very excellent. It had blocking and cloud content but ops overhead was very high. Orca Security is very low on that. We also use SentinelOne which had blocking and its own automation, but cloud context is very less. We used to write a lot of manual rules for that which used to take our engineer's time. These are the three tools which I previously worked with and I know there are a lot of other tools in the market. In my experience, Orca Security was a top one or top three tool.
How was the initial setup?
Orca Security integration was one of the easiest we have done because it is cloud-native and agentless. I would give five out of five for the integration part. Deployment is that easy in Orca Security. That is one top-notch quality with Orca Security.
When we had this Orca Security deployment, it was very fast and took very minimal time compared to other agents. The primary strength is that it has attack path plus workload visibility which is very important. For teams wanting best time to value with minimal setup, Orca Security would be the choice.
The deployment method is very manual and we can use Ansible or Terraform to deploy Orca Security, which is one big advantage. Orca Sensor has very low deployment complexity and very high cloud context correlation.
What about the implementation team?
I was involved as part of the deployment of Orca Security in our organization as a technical team member responsible for integration. I had input on deployment architectures and project assignments to help reduce gaps and interpret reports and risks.
What other advice do I have?
I have not utilized the Cloud to Dev feature. I do not know what level of subscription our company has taken for that feature. I think that is most suitably used in the development team. As per my knowledge, Cloud to Dev would be used for scanning Terraform or CloudFormation deployment config misconfigurations, which is what the cloud dev feature would be, but I have not used it because it is more of a developer thing. The overall review rating for Orca Security is seven out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
reviewer2806824
Cloud security has provided complete visibility and reduces noise to focus on critical risks
Reviewed on Mar 03, 2026
Review from a verified AWS customer
What is our primary use case?
My use cases for Orca Security include working with the sales team and the pre-sales team to offer Orca Security in the Chilean market with an integrator or a partner of Orca Security. The real impact when the client or the potential client sees the POC is truly awesome because you can have 100% visibility since Orca Security provides full coverage across your entire cloud estate across AWS , Azure , and GCP within minutes, finding shadow assets that traditional tools like Cortex or Prisma from Palo Alto cannot detect.
Orca Security has other strategic features such as CNAPP or Cloud Network Application Protection Platform capabilities, including CSPM (Cloud Security Posture Management). You can detect misconfiguration and ensure compliance with frameworks like SOC 2, ISO 27001, or GDPR of the European Union. Another valuable feature is the Cloud Workload Protection Platform, where you can identify vulnerabilities such as CVEs, malware, and exposed secrets such as API keys or passwords inside your workloads during scanning. Another feature is Cloud Infrastructure Entitlement Management , where you can manage identities and permissions to enforce least privilege and find overprivileged accounts. Finally, there is Data Security Posture Management, where Orca Security can automatically discover and protect sensitive data such as PII and PHI to prevent data breaches.
What is most valuable?
Orca Security is a really strong product because it has a lot of different differentiators. Orca Security is based on agentless side scanning, so it has the ability to scan cloud workloads including virtual machines, containers, and serverless infrastructure all without installing any software or agents. This results in zero performance impact on production, which I think is the most important thing in the market share or in an eventual Gartner Quadrant.
Orca Security helps in preventing risks and attacks across the application lifecycles by scanning not only the apps in production, but also the apps or microservices in development. This provides complete visibility to your infrastructure.
What needs improvement?
The price is one thing I would like to see improved because the pricing is a little elevated, as the pricing is based on the quantity of workloads. However, I think that since Orca Security is a medium company, you can negotiate the pricing if you are a medium company.
For how long have I used the solution?
My experience with Orca Security is recent, approximately eight months ago.
What do I think about the stability of the solution?
We had a problem with the uptime with a really important client. I think the capability to respond to those kinds of issues was a little vague. I found it a little unprofessional.
What do I think about the scalability of the solution?
I find Orca Security scalable. On a scale of one to ten, I would rate it six or seven.
How are customer service and support?
The problem with the Orca Security technical support team and customer service team is that Orca Security is a medium company and I think they do not have a large team. If you have a lot of problems, you will receive an unprofessional service or unprofessional customer service because you do not have an entire team to respond to all of those kinds of problems.
I would rate the technical support team as a six.
How was the initial setup?
The deployment is frictionless, and I think that feature is one of the most important.
I remember that the read-only connection is the deployment model we were using for Orca Security. Deployment is completely out of band, so we simply connect Orca Security through a read-only IAM role or service account at the cloud root level. You need root access.
What was our ROI?
The ROI or return on investment with Orca Security might be favorable. The TCO or Total Cost of Ownership is an important term. While the initial sticker price might be higher than point solutions, the total cost of ownership is much lower. This is because you do not need a team of five persons to install and update the agents in thousands of servers. The operational overhead is equal to zero.
What's my experience with pricing, setup cost, and licensing?
I have not worked with the Orca Security Cloud Cost Optimization feature. The price is one thing I would like to see improved because the pricing is a little elevated, as the pricing is based on the quantity of workloads. However, since Orca Security is a medium company, you can negotiate the pricing if you are a medium company.
Which other solutions did I evaluate?
I did not evaluate other options.
What other advice do I have?
Overall, my impressions of the risk detection and identification capabilities of Orca Security are that it has the capability to scan and show you all your infrastructure. If you have any kind of vulnerabilities, you can see them. It is very important to see all your infrastructure and all the possible ways to have vulnerabilities. Another important thing is if you need to scan all your workloads.
Overall, I think Orca Security is the leader because of the strategic features I mentioned. It is easy to analyze and detect breaches, anomalies, and misconfiguration. It is a tool that is designed to be very user-friendly.
The real value of Orca Security is not just finding vulnerabilities but reducing the noise so the security team can focus on the critical attack path. Orca Security is a really complete tool for cloud security. I think Orca Security reduces alert volume by focusing only on the one percent of risk that actually matters, which I refer to as the one percent rule. Orca Security filters the noise and reduces alert fatigue.
My advice for other organizations considering Orca Security is to remember that Orca Security is a great product, but the team should work on customer service. I gave this review an overall rating of eight.
Fabricio Galdino
Unified cloud insights have improved asset visibility and streamlined risk prioritization
Reviewed on Feb 08, 2026
Review from a verified AWS customer
What is our primary use case?
I normally use Orca Security for AppSec, and one of the features that I use commonly is the application security. I love it because it's already covered in the same license, and I can get a good overview of all of my assets. I have a lot of accounts in cloud, and so it's sometimes hard to identify all activities or assets that have been used or not. Normally, some developers create some virtual machines and leave the VM on or don't remove it. Orca Security usually helps me to see these kinds of problems because I can see every asset in one platform.
I don't use the Cloud to Dev feature they mentioned, since I'm working with Orca Security directly.
I believe the feature referred to as Orca Sensor is cloud security detection. I use it frequently because it's very important. I really enjoy it because it's agentless. I don't need to install or build an agent in my assets in the cloud. Orca Security accomplished this safely and fast. It's pretty easy to identify security risks or security issues using Orca Security because it's totally agentless and I just need to connect my cloud environment. It's really good and pretty easy. They have one feature that I really like in this same vein; it's the news about security. For example, if a new vulnerability is found and it's not already published in a CVSS bug, Orca Security has new papers that already inform me, stating that I have this new issue and this asset has been affected by this new vulnerability, and it provides guidance on how I can fix it. I love it.
What is most valuable?
What I love most about Orca Security is the easy integration with other tools. I really like it because it's very easy to integrate with other tools that are important for the company. It's already set up in the platform easily. I don't need to do unusual modifications or create a script. It's pretty easy to integrate these tools.
It is easy to prioritize risks using Orca Security because they have already been categorized. The severity of some risks is delivered from Orca Security, and I can set some kind of high-value asset designation. I can define what is a high-value asset or not. The attack paths also help me to understand the prioritization of the risks of these assets.
Orca Security has helped my company reduce the time it needs to address cloud security alerts and make it faster. When one critical risk or high risk is identified in my environment, I already receive notifications, even in email or in Teams, Slack, or any channel that is integrable to Orca Security. I receive a very fast notification to address the vulnerability and security issues to the teams.
What needs improvement?
I think the downside of Orca Security is the reports. I don't have any good reports ready to deliver to an executive. If I need to deliver some reports to my account manager or an executive, I don't have anything ready. I need to extract information and put it in another tool to construct some reports or dashboards or to report to my manager.
For how long have I used the solution?
I've been using Orca Security for exactly one year and one month.
What do I think about the stability of the solution?
Normally, I don't have any problem with maintenance in Orca Security platform. I don't have any downtime using it for this one year. When I need any support, it's very fast to get an answer from the support team.
I don't have any lagging using Orca Security. As I said, using it for one year, I don't have any downtimes.
What do I think about the scalability of the solution?
From what I’ve seen, I think it’s really easy to scale your usage. I did a POC (Proof of Concept) where I extended some workloads and it was very easy, but I don't use it frequently in production, just in that Proof of Concept.
How are customer service and support?
Not so many people are required for the deployment of Orca Security; just one person can do it.
I have been in contact with technical support regarding Orca Security twice to solve some issues, but it wasn't an issue, just a wrong configuration that I made. I contacted them and they shared some documentation. After that, I could resolve it pretty well.
Which solution did I use previously and why did I switch?
I tried similar solutions from Trend Micro. From Trend Micro, I also tried a new one that is called Wiz . Orca Security is the best one for me because it delivers all the things that I need and more.
How was the initial setup?
The initial deployment of Orca Security was pretty easy from my point of view.
What about the implementation team?
It took just one hour to create the roles and the credentials for Orca Security. Then I just need to wait for the time for Orca Security to enrich data and index data in the platform. On the first day, I can already use Orca Security fully and identify every resource.
What other advice do I have?
For my company, I don't use a huge workload. It's a small workload, around 90 workloads, but we have more. For this amount of workload, the price is high. When you have more workloads, the price is much better. I think it's not so expensive when you have the right amount of workloads. It's more directed toward big companies.
I have tried to use Cloud Cost Optimization with Orca Security. We used it to reduce some costs by removing some unused assets. It really helped us, but I don't think that is the main focus of Orca Security. I use other tools to do FinOps in a better way.
I use a reseller that is a partner that helps me with Orca Security. I am just a client, but we have a company that sold Orca Security to us, and they are the bridge between my company and Orca Security company.
I would rate this product a 10 out of 10.