Less complexity, more visibility
With Orca Security, a simple, 3-step configuration enables you to get up & running quickly. Our agentless approach ensures that all the workloads in the cloud account are discovered and assessed without having to deploy additional agents or configure additional scanners. Within hours, you have visibility that goes broad & deep while providing context that shows how an attacker might connect the disparate pieces from an exposed endpoint to critical data.
Lacework requires a complex array of configurations and agent deployments to get full functionality, making it more difficult and expensive to fully deploy.
Orca’s patent-pending SideScanning technology quickly and easily scans all of your Linux and Windows workloads, including cloud VMs, containers and Kubernetes applications, and serverless functions. TotalCloud provides an agentless approach to vulnerability scanning but requires several agents to be deployed to get full functionality, complicating deployment and maintenance. Orca provides you with instant-on security and complete coverage for all your workloads and applications that TotalCloud can’t match. Within the Orca UI, you can view detailed risk prioritization information about all of your assets with context to understand your greatest risks and the impact to your business.
Orca Security goes beyond basics with advanced capabilities such as Cloud Infrastructure Entitlement Management, enabling you to find identity misconfigurations, and API Security, adding visibility into all your deployed API endpoints. You get more context and better intelligence about your cloud environments without having to buy & deploy additional products.
Orca combines data in the Unified Data Model to deliver Attack Path Analysis, showing you where a combination of risks across resources, accounts, and cloud providers may lead to access to crown jewels like PII. This allows you to focus on the threats & alerts that matter most instead of trying to solve everything all the time. Lacework can only do this for a subset of resources in a single cloud provider without data classification.
Features
Simple 3-step activation model scans your cloud accounts, assets, workloads, data, and identities across multiple clouds without having to deploy agents
Requires configuration of a mix of cloud service configuration, agentless configuration (for AWS EC2 only), and multi-step agent configuration for different platforms, requiring far more planning & investment to deploy
100+ compliance frameworks covering CIS, NIST, and industry-specific standards with all data and policies shown in a single dashboard for seamless reporting
Far fewer compliance reports available means compliance teams will spend more time answering questions & completing audits.
Interactive dashboard, with automated impact score, surfaces toxic combinations of risks so teams can prioritize and fix the top 1% of issues. All risks mapped to the MITRE ATT&CK framework
Supports generating attack paths only for AWS EC2 instances, no centralized dashboard to investigate attack paths
Automatic detection of PII across all cloud resources
No classification of data, making it far more difficult to find critical risks
Signature and heuristic-based detection efficiently identifies malicious files present even when not executed
No scanning for known malware