We performed a comparison between Microsoft Defender for Cloud and Orca Security based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Microsoft Defender for Cloud focuses on regulatory compliance, ransomware protection, and incident alerts. On the other hand, Orca Security excels in container posture and cloud security posture management, ranking gaps and tasks, and non-intrusive vulnerability management and attack detection. Microsoft Defender for Cloud could improve in consistency, customization, integration, collaboration, and resource usage. On the other hand, Orca Security could improve in risk assessment, coverage, and dashboard descriptions.
Service and Support: The customer service for Microsoft Defender for Cloud has received mixed feedback, including reports of outsourced support, lengthy wait times, and difficulty in reaching the appropriate level of assistance. Conversely, Orca Security has garnered positive reviews for its customer service, which has been described as highly responsive and competent.
Ease of Deployment: Microsoft Defender for Cloud's setup is straightforward but may require some knowledge prerequisites, while Orca Security's setup is incredibly easy and agentless, taking only a few minutes to deploy. Both require minimal maintenance, but Orca Security's agentless nature reduces overhead and saves time.
Pricing: Microsoft's pricing varies depending on the license type and metrics used, while Orca's pricing includes standard licensing fees with no additional costs for networking or computing. Orca's pricing is aligned with market demand and discounts are available, but it may be expensive for smaller organizations. On the other hand, Microsoft Defender for Cloud is usually packaged with other Microsoft solutions, while Orca's licensing is per-VM and offers discounts for potential strategic partners.
ROI: Microsoft Defender for Cloud has basic security features and its ROI varies depending on the company's context. On the other hand, Orca Security provides significant ROI, replaces multiple solutions, and requires minimal IT knowledge to use.
Comparison Results: Users prefer Orca Security over Microsoft Defender for Cloud due to its agentless approach, simple setup, and thorough visibility into cloud environments, particularly container posture and cloud security posture management. Microsoft Defender for Cloud offers important features like regulatory compliance and ransomware protection but has mixed reviews for customer support and requires more technical expertise.
"The mean time to detect has been reduced."
"It is pretty easy to integrate with this platform. When properly integrated, it monitors end-to-end."
"The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best features."
"Cloud Native Security's best feature is its ability to identify hard-coded secrets during pull request reviews."
"The UI is very good."
"We noted immediate benefits from using the solution."
"I did a lot of research before signing up and doing the demo. They have a good reputation as far as catching threats early on."
"The ease of use of the platform is very nice."
"We saw improvement from a regulatory compliance perspective due to having a single dashboard."
"The security policy is the most valuable feature for us. We can go into the environment settings and attach any globally recognized framework like ISO or any benchmark."
"Defender lets you orchestrate the roll-out from a single pane. Using the Azure portal, you can roll it out over all the servers covered by the entire subscription."
"When we started out, our secure score was pretty low. We adopted some of the recommendations that Security Center set out and we were able to make good progress on improving it. It had been in the low thirties and is now in the upper eighties."
"The entire Defender Suite is tightly coupled, integrated, and collaborative."
"It works seamlessly on the Azure platform because it's a Microsoft app. Its setup is similar, so if you already have a Microsoft account, it just flows into it."
"Good compliance policies."
"The first valuable feature was the fact that it gave us a list of everything that users were surfing on the web. Having the list, we could make decisions about those sites."
"The vulnerability management does not require network scanning or agent technology, so I don't need to modify any of my products in order to do vulnerability assessments."
"Orca provides X-ray vision into everything within the cloud properties, whereas normally, this would require multiple tools."
"The reporting and automated remediation capabilities are valuable to me. They're real game-changers."
"The most valuable feature of Orca Security is the automated scanning tool, user-friendliness, and ease of use."
"With its Cloud Security Posture Management capability, we have the ability to read across all of our cloud-based environments, which includes AWS and Azure. We have visibility into those environments. Seeing all vulnerabilities and configurations is really powerful for us, but ultimately, the ability to use the API to query across the fleet to understand what is the current state, what is the patch level, which ones are potentially exposed for a new CVE that just came out is even more valuable. It allows us to gather really specific intelligence through simple queries."
"Orca's SideScanning is the biggest feature. It's the 'wow' factor... With Orca's SideScanning, they just need permissions for your account and that makes it so simple."
"Orca's dashboard is excellent. My team needs to be able to focus on specific areas for improvement in our cloud environment. And most recently, we've started to get good use out of sonar, the search capabilities, and the alert creation."
"The visibility Orca provides into my environment is at the highest level... When I dropped them into the environment, from the very get-go I had more insight into the risks in my environment than I had had during the entire two and a half years I had been here."
"I'd like to see better onboarding documentation."
"There should be more documentation about the product."
"PingSafe is an excellent CSPM tool, but the CWPP features need to improve, and there is a scope for more application security posture management features. There aren't many ASPM solutions on the market, and existing ones are costly. I would like to see PingSafe develop into a single pane of glass for ASPM, CSPM, and CWPP. Another feature I'd like to see is runtime protection."
"The integration with Oracle has room for improvement."
"We use PingSafe and also SentinelOne. If PingSafe integrated some of the endpoint security features of SentinelOne, it would be the perfect one-stop solution for everything. We wouldn't need to switch between the products. At my organization, I am responsible for endpoint security and vulnerability management. Integrating both functions into one application would be ideal because I could see all the alerts, heat maps, and reports in one console."
"We are getting reports only in a predefined form. I would like to have customized reports so that I can see how many issues are open or closed today or in two weeks."
"They can work on policies based on different compliance standards."
"I export CSV. I cannot export graphs. Restricting it to the CSV format has its own disadvantages. These are all machine IP addresses and information. I cannot change it to the JSON format. The export functionality can be improved."
"No possibility to write or edit any capability."
"The overview provides you with good information, but if you want more details, there is a lot more customization to do, which requires knowledge of the other supporting solutions."
"The documentation could be much clearer."
"From my own perspective, they just need a product that is tailored to micro-segmentation so I can configure rules for multiple systems at once and manage it."
"After getting a recommendation, it takes time for the solution to refresh properly to show that the problem has been eliminated."
"Most of the time, when we log into the support, we don't get a chance to interact with Microsoft employees directly, except having it go to outsource employees of Microsoft. The initial interaction has not been that great because outsourced companies cannot provide the kind of quality or technical expertise that we look for. We have a technical manager from Microsoft, but they are kind of average unless we make noise and ask them to escalate. We then can get the right people and the right solution, but it definitely takes time."
"The solution's portal is very easy to use, but there's one key component that is missing when it comes to managing policies. For example, if I've onboarded my server and I need to specify antivirus policies, there's no option to do that on the portal. I will have to go to Intune to deploy them. That is one main aspect that is missing and it's worrisome."
"I felt that there was disconnection in terms of understanding the UI. The communication for moving from the old UI to the new UI could be improved. It was a bit awkward."
"The interface can be a bit cranky and sometimes takes a lot of time to load."
"I would like to see better customization options for security frameworks and better integration with reporting tools like Power BI or Grafana dashboards."
"The presentation of the data in the dashboard is a little bit chaotic."
"It's not all clouds that they are currently onboarded with. For instance, they are not yet with public cloud and many other private clouds."
"I think Orca could give me more alerts. It could give me a dashboard with all the specific types of alerts I want to see for the day. It should just be one click."
"We are PCI DSS compliant, so we need to scan our environment externally with tools vetted by the PCI DSS organization. Orca doesn't scan the environment externally. It only scans what's currently in the cloud."
"Another improvement would be that, in addition to focusing on endpoint compliance, they would focus on general compliance."
"In the future, I'd like to see Orca work better with third-party vendors. Specifically, being able to provide sanitized results from third parties."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
Microsoft Defender for Cloud is ranked 3rd in Cloud Security Posture Management (CSPM) with 46 reviews while Orca Security is ranked 8th in Cloud Security Posture Management (CSPM) with 15 reviews. Microsoft Defender for Cloud is rated 8.0, while Orca Security is rated 9.4. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of Orca Security writes "Allows agentless data collection directly from the cloud". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Check Point Harmony Email & Collaboration, whereas Orca Security is most compared with Wiz, Prisma Cloud by Palo Alto Networks, CrowdStrike Falcon Cloud Security, Tenable Vulnerability Management and XM Cyber. See our Microsoft Defender for Cloud vs. Orca Security report.
See our list of best Cloud Security Posture Management (CSPM) vendors, best Vulnerability Management vendors, and best Container Security vendors.
We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.