Illumio vs Wiz comparison

Comparison Buyer's Guide

Executive SummaryUpdated on Jul 1, 2023

We performed a comparison between Illumio Zero Trust Segmentation and Wiz based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

Features: Illumio Zero Trust Segmentation provides useful features like monitoring, automated policy writing, and visibility into application communication and network protocols. Wiz offers risk prioritization, user-friendly dashboards, and agentless scanning of cloud environments. Illumio needs to expand OS support and effectiveness in on-prem environments. Wiz could improve its reporting capabilities, remediation speed, and visibility into Kubernetes containers.
Service and Support: Some reviewers praised the Illumio team's quick response and availability, but reported receiving unhelpful replies and delayed responses. Reviewers had generally positive experiences with Wiz's customer service. They appreciated the excellent support, accessibility, and strong post-sales assistance.
Ease of Deployment: Illumio Zero Trust Segmentation had a lengthy and complex setup process that lasted about six months. On the other hand, setting up Wiz was quick and simple, taking only one to two hours. Illumio required testing and deployment, and Wiz involves additional work when users have multiple cloud environments.
Pricing: Users have found Illumio Zero Trust Segmentation to be expensive overall, although the specific setup cost is not mentioned. In contrast, Wiz is praised for its simple pricing model, but there are concerns regarding potential changes and its long-term viability.
ROI: Reviewers provided no information about Illumio Zero Trust Segmentation's ROI. Wiz users said that the solution demonstrates immediate benefits and a substantial ROI.

Comparison Results: Illumio is preferred over Wiz. It offers comprehensive monitoring capabilities, enabling users to track web traffic and block bad actors. Illumio also provides better visibility into application communication and network protocols. Reviewers praised Illumio's 24/7 assistance, and the solution's visibility into Kubernetes containers gives it a leg up on Wiz.

To learn more, read our detailed Illumio vs. Wiz Report (Updated: May 2024).

Buyer's Guide

Illumio vs. Wiz

May 2024

Download the complete report

Helped 787,817 peers since 2012

Categories and Ranking

SentinelOne Singularity Clo...

Mindshare comparison

As of June 2024, in the Cloud Workload Protection Platforms (CWPP) category, the mindshare of SentinelOne Singularity Cloud Security is 1.6%, up from 0.9% compared to the previous year. The mindshare of Illumio is 5.5%, up from 4.6% compared to the previous year. The mindshare of Wiz is 15.2%, up from 12.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Cloud Workload Protection Platforms (CWPP)

Unique Categories:

Vulnerability Management

1.6%

Cloud and Data Center Security

31.4%

Microsegmentation Software

29.5%

Container Security

22.9%

Featured Reviews

reviewer2377728

CISO at a computer software company with 201-500 employees

Mar 12, 2024

It is easy to use, requires no configuration, and is agentless

We requested additional capabilities as we began deploying and scanning beyond the initial setup. Specifically, we wanted the ability to: * Continuously monitor configurations 24/7. * Gain immediate visibility of all assets as they are deployed and ensure they are included in the system. * Identify underlying configuration issues. Another valuable enhancement is compliance management for various standards like ISO, PCI, HIPAA, GDPR, etc. As organizations move to the cloud, a cloud posture management tool that offers complete cloud visibility becomes crucial for maintaining compliance. One area for improvement could be the internal analysis process, specifically the guidance provided for remediation. While the classification system itself might be industry standard, the remediation steps could be more specific. A vulnerability might be critical according to the scoring system, but its urgency depends on the context. For instance, a critical vulnerability signed by Cloud Native Security or any other product might be less urgent if it affects a non-production development environment undergoing UAT compared to a production environment.

Read full review

Shashi

Technical Consultant at a financial services firm with 10,001+ employees

Jun 28, 2022

Great auto policy writing and good mapping with an easy setup process

Right now, we are using a non-production, 21.2.3 version. In production, we are in 19.3.6, which we are going for an upgrade on the weekend, which will be 21.2.30. Right now, the deployment is on-premises. The roadmap is to go to a SaaS product with Illumio, however, right now, it's on-premises. It is being used for on-premises, however, we are thinking to make use of the cloud as well, using the CloudSecure product. We like the solution. It's light. It doesn't take too many resources. For anyone to implement the product, it's pretty straightforward and simple. It's also very effective. It's very quick and very flexible to implement. That's the thing I can advise - just to implement this product and try it out. I'd rate the solution eight out of ten.

Read full review

Donatas-Bukelis

Project Manager at Hilti

May 17, 2024

An agentless cloud assets vulnerability scanner which akes snapshots and then scans

Wiz's scanning and detection capabilities can identify vulnerabilities potentially affecting the cloud or exposure. It's not solely focused on database issues. It performs various tasks effectively. The categorization is excellent, the dashboards are informative, and the reporting features are robust. Additionally, you can create highly customizable reports. Everything works using a CI/CD pipeline, which is very good because every DevOps engineer can manage it by simply creating some code around the message request. Wiz works fine and is fully compliant with CI/CD. The workflow and the tasks align with industry standards. We can configure any compliance framework for checking with Wiz. For example, you can select frameworks such as GDPR, AWS Fundamentals, and CI/CD. You can configure the tool based on the recommendations provided by these frameworks. If your company has specific requirements, like allowing an 8-character password while the state requires 12 characters, you can customize the settings accordingly. Wiz will then assess compliance based on these customized parameters, and if everything meets the set criteria, it will confirm that you are compliant. You have everything in one dashboard. The dashboard and reports are quite literally perfect. Since everything is in one dashboard, you can customize the reports to show only the columns you want to see. For example, you can exclude low-risk items so you don't get notifications about low-risk issues that do not impact your compliance status. Wiz has some AI features for consolidation, but it's not customizable. What VMware offers is similar, but there's not much to choose between. You either have a batch compliance agreement, or you don't. Wiz's framework complies with requirements, or it doesn't. It's a vulnerability management tool similar to Kangaroo but with better AI documentation features. You can ask questions about how to do something, and the AI will provide the relevant information. This feature is built into the system. Overall, I rate the solution a ten out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"PingSafe offers comprehensive security posture management."

"The visibility PingSafe provides into the Cloud environment is a valuable feature."

"It gives me the information I need."

"The most valuable aspect of Singularity Cloud Security is its unified dashboard."

"PingSafe provides email alerts and ranks issues based on severity, such as high, critical, etc., that help us prioritize issues."

"The solution is a good alerting tool."

"All the features we use are equal and get the job done."

"The ease of use of the platform is very nice."

More SentinelOne Singularity Cloud Security pros

"The most valuable feature of Illumio Adaptive Security Platform is monitoring. When I have no requirement from the other application, I can use the web block traffic to build."

"The Explorer allows you to know the traffic between source and destination."

"It has helped us to understand internal network visibility and firewall policy implementation. We use the product to simplify firewall policy implementation."

"The flexibility of the solution is its most valuable feature."

"The product provides visibility into how the applications communicate and how the network protocols are being used."

"The features that I have found most useful is the ability to centralize all the rules and then distribute them across various locations. However, I've encountered challenges related to tagging policies, which can be complex to devise. It's a matter that requires careful consideration and stakeholder involvement before implementing such policies."

"The solution is easy to use."

"The solution helps to maintain logs and monitor activities. It also helps us with access management. The tool helps us to secure organizational data that include files."

"With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment."

"The product supports out-of-the-box reporting with context about the asset and allows us to perform complex custom queries on UI."

"Our most important features are those around entitlement, external exposure, vulnerabilities, and container security."

"Out of all the features, the one item that has been most valuable is the fact that Wiz puts into context all the pieces that create an issue, and applies a particular risk evaluation that helps us prioritize when we need to address a misconfiguration, vulnerability, or any issue that would put our environment into risk."

"The vulnerability management modules and the discovery and inventory are the most valuable features. Before using Wiz, it was a very manual process for both. After implementing it, we're able to get all of the analytics into a single platform that gives us visibility across all the systems in our cloud. We're able to correspond and understand what the vulnerability landscape looks like a lot faster."

"The security baseline and vulnerability assessments is the valuable feature."

"The first thing that stood out was the ease of installation and the quick value we got out of the solution."

"The solution is very user-friendly."

More Wiz pros

Cons

"When we get a new finding from PingSafe, I wish we could get an alert in the console, so we can work on it before we see it in the report. It would be very useful for the team that is actively working on the PingSafe platform, so we can close the issue the same day before it appears in the daily report."

"The categorization of the results from the vulnerability assessment could be improved."

"Bugs need to be disclosed quickly."

"I would like to see the map feature improve. It's good, but it isn't fully developed. It lets us use custom resources and policies but does not allow us to perform some actions. I would also like more custom integration and runtime security for Kubernetes."

"There's room for improvement in the graphic explorer."

"The Infrastructure as Code service available in PingSafe and the services available in AWS cloud security can be merged so that we can get the security data directly from AWS cloud in PingSafe. This way, all the data related to security will be in one single place. Currently, we have to check a couple of things on PingSafe, and we have to validate that same data on the AWS Cloud to be sure. If they can collaborate like that, it will be great."

"We wanted it to provide us with something like Claroty Hub in AWS for lateral movement. For example, if an EC2 instance or a virtual machine is compromised in a public subnet based on a particular vulnerability, such as Log4j, we want it to not be able to reach some of our databases. This kind of feature is not supported in PingSafe."

"If I had to pick a complaint, it would be the way the hosts are listed in the tool. You have different columns separated by endpoint name, Cloud Account, and Cloud Instances ID. I wish there was something where we could change the endpoint name and not use just the IP address. We would like to have custom names or our own names for the instances. If I had a complaint, that would be it, but so far, it meets all the needs that we have."

More SentinelOne Singularity Cloud Security cons

"The product’s agents don't work very well in OT environments."

"Illumio Adaptive Security Platform could improve by supporting more operating systems. For example, Cisco and Apache appliances."

"The interaction we've had with the support team hasn't been ideal. Technical support should be improved."

"I would like to see better data security in the product."

"The customer service is lagging a bit. It could be better."

"It requires a low-level re-architecting of the product."

"Some of the features that can be improved is offer additional guidance on creating an effective and risk-free tagging policy would be highly beneficial."

"The solution is very basic and doesn't do anything other than the orchestration of layer four endpoint firewall rules."

"The only thing that needs to be improved is the number of scans per day."

"We're looking at some of the data compliance stuff that they've got Jon offer. I know they're looking at container security, which we gonna be looking at next."

"The reporting isn't that great. They have executive summaries, but it's only a compliance report that maps all current issues to specific controls. Whether you look at one subscription or project, regardless of the size, you will get a multipage report on how the issues in that account map to that control. Our CSO isn't going to read through that. He won't filter that out or show that to his leadership and say, "Here's what we're doing." It isn't a helpful report. They're working on it, but it's a poor executive summary."

"Given the level of visibility into all the cloud environments Wiz provides, it would be nice if they could integrate some kind of mechanism to better manage tenants on multiple platforms. For example, let's say that some servers don't have an application they need, such as an antivirus. Wiz could include an API or something to push those applications out to the servers. It would be great if you could remedy these issues directly from the Wiz platform."

"The solution's container security could be improved."

"The only small pain point has been around some of the logging integrations. Some of the complexities of the script integrations aren't supported with some of the more automated infrastructure components. So, it's not as universal. For example, they have great support for cloud formation and other services, but if you're using another type of management utility or governance language for your infrastructure-as-code automation components, it becomes a little bit trickier to navigate that."

"We would like to see improvements to executive-level reporting and data reporting in general, which we understand is being rolled out to the platform."

"Wiz's reporting capabilities could be refined a bit. They are making headway on that, but more executive-style dashboards would be nice. They just implemented a community aspect where you can share documents and feedback. This was something users had been requesting for a while. They are listening to customer feedback and making changes."

More Wiz cons

Pricing and Cost Advice

"PingSafe is not very expensive compared to Prisma Cloud, but it's also not that cheap. However, because of its features, it makes sense to us as a company. It's fairly priced."

"The tool is cost-effective."

"PingSafe is priced reasonably for our workload."

"Singularity Cloud Workload Security's pricing is good."

"Singularity Cloud Security by SentinelOne is cost-efficient."

"As a partner, we receive a discount on the licenses."

"PingSafe falls within the typical price range for cloud security platforms."

"It's not expensive. The product is in its initial growth stages and appears more competitive compared to others. It comes in different variants, and I believe the enterprise version costs around $55 per user per year. I would rate it a five, somewhere fairly moderate."

More SentinelOne Singularity Cloud Security pricing and cost advice

"The product's pricing is around 10,000-15,000 USD. The pricing is on a yearly basis."

"There is a subscription needed to use Illumio Adaptive Security Platform and we pay every three years. Overall the solution is expensive."

"The pricing is fair and comparable to their competitors. The cost seems to be going up, which is a concern. There are potential savings from consolidating tools, but we're uncertain how Wiz's pricing will change over time."

"The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing."

"The pricing seems pretty simple. We don't have to do a lot of calculations to figure out what the components are. They do it by enabling specific features, either basics or advanced, which makes it easy to select."

"The cost of the other solutions is comparable to Wiz."

"Wiz is a moderately priced solution, where it is neither cheap nor costly."

"I wish the pricing was more transparent."

See which vendors are best for you

Use our free recommendation engine to learn which Cloud Workload Protection Platforms (CWPP) solutions are best for your needs.

See recommendations

787,817 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

21%

Financial Services Firm

15%

Manufacturing Company

10%

Insurance Company

Financial Services Firm

18%

Computer Software Company

16%

Manufacturing Company

Government

Computer Software Company

16%

Financial Services Firm

15%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about PingSafe?

The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...

See all answers

What is your experience regarding pricing and costs for PingSafe?

I'm not aware of the exact pricing.

See all answers

What needs improvement with PingSafe?

When I joined my organization, I saw that PingSafe was already implemented. I started to use the tool's alerting feat...

See all answers

What do you like most about Illumio Adaptive Security Platform?

The features that I have found most useful is the ability to centralize all the rules and then distribute them across...

See all answers

What is your experience regarding pricing and costs for Illumio Adaptive Security Platform?

The product's pricing is around 10,000-15,000 USD. The pricing is on a yearly basis.

See all answers

What needs improvement with Illumio Adaptive Security Platform?

Some of the features that can be improved is offer additional guidance on creating an effective and risk-free tagging...

See all answers

How would you compare Wiz vs Lacework?

Wiz and Lacework sucks... Buy Orca.

See all answers

AWS Cloud Security Posture tool - has anyone used either Wiz or Ermetic cloud security products and can compare them to AWS Security Hub?

Whether or not the cost of third-party Cloud Security tools is justified would depend on your specific needs and budg...

See all answers

What do you like most about Wiz?

With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment.

See all answers

Comparisons

Prisma Cloud by Palo Alto Networks vs SentinelOne Singularity Cloud Security

Compared 30% of the time

Orca Security vs SentinelOne Singularity Cloud Security

Compared 10% of the time

AWS GuardDuty vs SentinelOne Singularity Cloud Security

Compared 10% of the time

Sysdig Secure vs SentinelOne Singularity Cloud Security

Compared 4% of the time

Lacework vs SentinelOne Singularity Cloud Security

Compared 3% of the time

More SentinelOne Singularity Cloud Security Competitors

Akamai Guardicore Segmentation vs Illumio

Compared 34% of the time

VMware NSX vs Illumio

Compared 15% of the time

Cisco Secure Workload vs Illumio

Compared 10% of the time

Zscaler Internet Access vs Illumio

Compared 5% of the time

Zero Networks Microsegmentation vs Illumio

Compared 4% of the time

More Illumio Competitors

Prisma Cloud by Palo Alto Networks vs Wiz

Compared 18% of the time

Orca Security vs Wiz

Compared 12% of the time

Microsoft Defender for Cloud vs Wiz

Compared 9% of the time

AWS Security Hub vs Wiz

Compared 5% of the time

Lacework vs Wiz

Compared 4% of the time

More Wiz Competitors

Product Reports

Buyer's Guide

SentinelOne Singularity Cloud Security

May 2024

SentinelOne Singularity Cloud Security report

Download SentinelOne Singularity Cloud Security product report

Buyer's Guide

Cloud and Data Center Security

June 2024

Download Illumio product report

Buyer's Guide

Wiz

May 2024

Download Wiz product report

Also Known As

PingSafe

Illumio Adaptive Security Platform, Illumio ASP

No data available

Learn More

SentinelOne

Illumio

Wiz

Overview

Singularity Cloud Security is SentinelOne’s comprehensive, cloud-native application protection platform (CNAPP). It combines the best of agentless insights with AI-powered threat protection, to secure and protect your multi-cloud infrastructure, services, and containers from build time to runtime. SentinelOne’s CNAPP applies an attacker’s mindset to help security practitioners better prioritize their remediation tasks with evidence-backed Verified Exploit Paths™. The efficient and scalable runtime protection, proven over 5 years and trusted by many of the world’s leading cloud enterprises, harnesses local, autonomous AI engines to detect and thwart runtime threats in real-time. CNAPP data and workload telemetry is recorded to SentinelOne’s unified security lake, for easy access and investigation.

Singularity Cloud Security includes both agentless and AI-powered cloud security controls, which represent two halves of our strategy to keep public cloud and container environments safe. Radically reduce your cloud attack surface with Singularity Cloud Native Security, formerly PingSafe, with agentless insights and evidence-based prioritization; protect runtime compute and container with Singularity Cloud Workload Security, SentinelOne’s real-time CWPP, with AI-powered machine-speed blocking of threats.

Illumio Zero Trust Segmentation is a cloud and data center security solution that helps stop breaches from spreading across hybrid and multi cloud IT environments. The solution is designed to stop ransomware, contain cyber attacks, and reduce risk. With Illumio Zero Trust Segmentation, users can understand relationships and communications to map exposure risk of systems and data, identify the right security posture and secure applications through least-privilege policies, and ensure a Zero Trust security posture.

Illumio Zero Trust Segmentation Features

Illumio Zero Trust Segmentation has many valuable key features. Some of the most useful ones include:

Scalability: Illumio Zero Trust Segmentation scales up to 200,000 managed workloads or over 700,000 unmanaged workloads. These workloads can be in the cloud, on-premises, and in hybrid environments.

Single pane of visibility: The solution’s single pane of visibility improves your security posture and ability to prevent and respond rapidly to cyberattacks.

Simplicity: With Illumio Zero Trust Segmentation, setting up groups and tags is simple. The solution is easy to integrate with next-generation firewalls and can also integrate with IT service management tools to import workload tags to provide more context to workloads.

Ransomware containment: The solution provides enforcement boundaries to contain attackers from moving laterally across your organization, enabling security architects to immediately isolate any workload or endpoint compromised in an attack. Enforcement boundaries can be activated instantly through scripts or by manual control, isolating workloads and endpoints already infected from spreading across the organization.

Illumio Zero Trust Segmentation Benefits

There are many benefits to implementing Illumio Zero Trust Segmentation. Some of the biggest advantages the solution offers include:

Visibility everywhere: The Illumio Zero Trust Segmentation solution helps ensure that every interaction on your network is accounted for.

Least-privilege access: By implementing Illumio Zero Trust Segmentation, your organization can prevent unexpected breaches from propagating.

Adaptability and consistency: The solution guarantees consistent network behavior everywhere.

Proactive posture: Using the solution enables your organization to always be on the lookout for an attack.

Improve breach containment: With the solution, you can prevent unauthorized lateral movement and reduce your blast radius. Creating micro-perimeters around specific assets breaks up your attack surface and gives you the granular control needed to contain breaches.

Streamline policy management: The solution enables organizations to decouple segmentation from the underlying network to define policies based on the language that IT uses. Illumio's human-readable labels make policy creation much simpler and faster than traditional network segmentation approaches like VLANs, IP addresses, and port numbers.

Reviews from Real Users

Illumio Zero Trust Segmentation is a solution that stands out when compared to many of its competitors. Some of its major advantages are that it has a good auto policy writing feature, great mapping, and useful monitoring.

Shashi, Technical Consultant at a financial services firm, explains which features she really likes. “The auto policy writing is great. The feature will give you the option of inbound-outbound traffic. The Explorer allows you to know the traffic between source and destination. The illumination definitely stands out. Mapping is great. The application group mapping is useful.”

The solution has “helpful support, useful monitoring, and high availability,” according to Edwin L., Security Architect at MGM.

Wiz is a highly efficient solution for data security posture management (DSPM), with a 100% API-based approach that provides quick connectivity and comprehensive scans of platform configurations and workloads. The solution allows companies to automatically correlate sensitive data with relevant cloud context, such as public exposure, user identities, entitlements, and vulnerabilities.This integration enables them to understand data accessibility, configuration, usage, and movement within their internal environments.

Wiz's Security Graph delivers automated alerts whenever risks emerge, allowing teams to prioritize and address the most critical issues before they escalate into breaches. Furthermore, Wiz ensures rapid and agentless visibility into critical data across various repositories, enabling organizations to easily determine the location of their data assets.

Wiz Features

Wiz provides various features in the following categories:

Agentless Scanning: The solution can scan every layer of a cloud environment without requiring agents, managing the entire process and providing comprehensive visibility.
Workflow Integration: Users can create customized workflows within Wiz to identify and assign actions based on urgency, integrating them with ticketing systems for quick and efficient remediation.
Vulnerability Management: Wiz's vulnerability management modules provide detailed analytics and visibility across cloud systems, streamlining the manual process of vulnerability discovery. The automated attack path analysis helps identify risks and trace potential points of exposure, allowing users to understand and mitigate them effectively and proactively.
CSPM (Cloud Security Posture Management): Wiz's CSPM module offers instant visibility into high-level risks to an enterprise’s cloud environment, covering all accounts without the need for agents.
Out-of-the-Box Reporting and Custom Queries: The service supports comprehensive reporting with asset context, allowing users to perform complex custom queries on the solution’s user-friendly interface.
Automation Roles and Dashboards: The solution facilitates automation by providing essential roles and dedicated dashboards that enable teams to understand security information quickly, even those with limited expertise.
Contextual Risk Evaluation: The service contextualizes the various components contributing to an issue, providing a risk evaluation framework that helps prioritize remediation efforts.
Security Graph and Visibility: Wiz's security graph offers visibility across the entire organization, even with multiple accounts, enabling users to understand their environment and assets effectively.

The Benefits of Wiz

Wiz offers the following benefits:

Comprehensive agentless scanning
Effective identification and mitigation of vulnerabilities
Streamlined vulnerability management
Robust reporting capabilities and customizable queries
Enhanced automation and role-based access control
Prioritized risk evaluation for efficient remediation
Security posture across multiple accounts

Reviews from Real Users

Kamran Siddique, VP Information Security at boxed.com, remarks his company has seen a ROI while using Wiz, as it simplifies the process by integrating multiple useful tools into one solution.

According to a Senior Security Architect at Deliveroo, Wiz has given their company a fresh approach to vulnerability management, as Wiz's native integrations are extremely useful and paramount to the operational success of their platform.

Get a demo | Wiz

Sample Customers

Information Not Available

Plantronics, NTT Innovation Institute Inc.

Wiz is the fastest growing software company ever - $100M ARR in 18 months: Wiz becomes the fastest-growing software company ever | Wiz Blog Discover why companies, including Salesforce, Morgan Stanley, Fox, and Bridgewater choose Wiz as their cloud security partner. Read their success stories here: Customers | Wiz

Buyer's Guide

Illumio vs. Wiz

May 2024

Free Report: Illumio vs. Wiz

Find out what your peers are saying about Illumio vs. Wiz and other solutions. Updated: May 2024.

DOWNLOAD NOW

787,817 professionals have used our research since 2012.

See our Illumio vs. Wiz report.

See our list of best Cloud Workload Protection Platforms (CWPP) vendors.

We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.