Nov 08, 2020
Our Cloud Security Punch-Out is a series of video-based comparisons between Orca Security and some of the world’s preeminent IT security solutions. Each match includes a quick scenario overview followed by a review and comparison. We’re excited to present Orca Security vs Rapid7 InsightVM, which ran on September 1, 2020.
Rapid7 InsightVM uses a combination of workload agents and network scanners. Both can assess vulnerabilities in workloads and containers, but only scanners can assess compliance. Rapid7 supports many compliance standards.
Our series lab represents a real-world cloud computing environment, but is smaller. It’s a single AWS VPC with EC2 instances, a container, and a load balancer. We leverage security groups, route tables, and an internet gateway to route traffic to our public subnets and workloads. In addition, we have private subnets with workloads having no internet access. Outside the VPC is a single S3 bucket.
Our customers continue to tell us that their cloud environments change rapidly and in unpredictable ways across many business units or organizations – all with their own level of cloud and security maturity. If both vulnerability management and compliance are your goals (as they often are) you’ll be leveraging agent-based approaches to workload security in addition to per-network scanners to assess policy compliance. Such per-asset and per-network deployment dependencies create gaps in visibility and hence coverage, which lead to breaches.
In this main event Orca rolled with the punches, providing near instant-on, one-time deployment and full coverage of virtual machines, containers, storage buckets, databases, and much more. Orca found risks pertaining lateral movement potential, poorly aging software, weak passwords, and much more.