• Home
  • JFrog Xray vs. Wiz

JFrog Xray vs Wiz comparison

Cancel
You must select at least 2 products to compare!
SentinelOne Logo
SentinelOne Singularity Cloud Security
Read 67 SentinelOne Singularity Cloud Security reviews
490 views|211 comparisons
98% willing to recommend
JFrog Logo
JFrog Xray
Read 7 JFrog Xray reviews
278 views|202 comparisons
100% willing to recommend
Wiz Logo
Wiz
Read 11 Wiz reviews
8,490 views|6,372 comparisons
100% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
JFrog Xray vs. Wiz
May 2024
Executive Summary

We performed a comparison between JFrog Xray and Wiz based on real PeerSpot user reviews.

Find out in this report how the two Vulnerability Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed JFrog Xray vs. Wiz Report (Updated: May 2024).
Download the complete report
771,541 professionals have used our research since 2012.
Featured Review
Anonymous User
Researched Wiz but chose SentinelOne Singularity Cloud Security: Is easy to use, improves our security posture, and reduces false positives
PingSafe is easy to use. While some features, like advanced graphics and custom drag-and-drop filters, might have a learning curve, most... Read more →
Narendra-Singh
Useful dependencies hierarchy view and scales well
JFrog Xray has helped us improve our architecture.
Anonymous User
Great vulnerability management with security data at all levels and excellent technical support
The solution has made a difference in the organization via: Technical capability. It covers all our languages, frameworks, and assets on AWS with... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The mean time to detect has been reduced.""With PingSafe, it's easy to onboard new accounts.""Cloud Native Security is a tool that has good monitoring features.""Cloud Native Security offers a valuable tool called an offensive search engine.""PingSafe offers an intuitive user interface that lets us navigate quickly and easily.""Our previous product took a lot of man hours to manage. Once we got Singularity Cloud Workload Security, it freed up our time to work on other tasks.""We liked the search bar in PingSafe. It is a global search. We were able to get some insights from there.""PingSafe can integrate all your cloud accounts and resources you create in the AWS account, We have set it up to scan the AWS transfer services, EC2, security groups, and GitHub."

More SentinelOne Singularity Cloud Security Pros →

"The solution is stable and reliable.""Good reporting functionalities.""The most valuable feature of JFrog Xray is the display of the entire internal dependencies hierarchy.""JFrog Xray shows us a list of vulnerabilities that can impact our code.""JFrog Xray's reporting feature has a lot of options in it, including scanning.""If multiple dependencies and vulnerabilities are found in a project, JFrog Xray is intelligent enough to tell you which vulnerability to target first.""I would say that this solution has helped our organization by allowing us to automate a lot of the processes."

More JFrog Xray Pros →

"With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment.""I like Wiz's reporting, and it's easy to do queries. For example, it's pretty simple to find out how many servers we have and the applications installed on each. I like Wiz's security graph because you can use it to see the whole organization even if you have multiple accounts.""The automation roles are essential because we ultimately want to do less work and automate more. The dashboards are easy to read and visually pleasing. You can understand things quickly, which makes it easy for our other teams. The network and infrastructure teams don't know as much about security as we do, so it helps to have a tool that's accessible and nice to look at.""The security baseline and vulnerability assessments is the valuable feature.""The first thing that stood out was the ease of installation and the quick value we got out of the solution.""Our most important features are those around entitlement, external exposure, vulnerabilities, and container security.""The product supports out-of-the-box reporting with context about the asset and allows us to perform complex custom queries on UI.""The CSPM module has been the most effective. It was easy to deploy and covered all our accounts through APIs, requiring no agents. Wiz provides instant visibility into high-level risks that we need to address."

More Wiz Pros →

Cons
"They need more experienced support personnel.""The could improve their mean time to detect.""After closing an alert in Cloud Native Security, it still shows as unresolved.""I used to work on AWS. At times, I would generate a normal bug in my system, and then I would check PingSafe. The alert used to come after about three and a half hours. It used to take that long to generate the alert about the vulnerability in my system. If a hacker attacks a system and PingSafe takes three to four hours to generate an alert, it will not be beneficial for the company. It would be helpful if we get the alert in five to ten minutes.""I would like PingSafe's detections to be openly available online instead of only accessible through their portal. Other tools have detections that are openly available without going through the tool.""The categorization of the results from the vulnerability assessment could be improved.""If I had to pick a complaint, it would be the way the hosts are listed in the tool. You have different columns separated by endpoint name, Cloud Account, and Cloud Instances ID. I wish there was something where we could change the endpoint name and not use just the IP address. We would like to have custom names or our own names for the instances. If I had a complaint, that would be it, but so far, it meets all the needs that we have.""There should be more documentation about the product."

More SentinelOne Singularity Cloud Security Cons →

"The speed of JFrog Xray should improve. Other solutions have better performance.""Reporting is crucial, but it is lacking in the current tool. Every organization seeks specific data points rather than general information. Therefore, we require customized reports from the Xray tool.""JFrog Xray's documentation and error logging could be improved.""JFrog Xray does not have a dashboard.""Since we have been using the solution via APIs, there are some limitations in the APIs.""I think that the user interface should be expanded to provide customers with a better dashboard for reviewing their feedback regarding their images and the vulnerabilities that are associated with the images.""Lacks deeper reporting, the ability to compare things."

More JFrog Xray Cons →

"We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade... We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately.""The solution's container security could be improved.""We would like to see improvements to executive-level reporting and data reporting in general, which we understand is being rolled out to the platform.""Given the level of visibility into all the cloud environments Wiz provides, it would be nice if they could integrate some kind of mechanism to better manage tenants on multiple platforms. For example, let's say that some servers don't have an application they need, such as an antivirus. Wiz could include an API or something to push those applications out to the servers. It would be great if you could remedy these issues directly from the Wiz platform.""The only thing that needs to be improved is the number of scans per day.""The only small pain point has been around some of the logging integrations. Some of the complexities of the script integrations aren't supported with some of the more automated infrastructure components. So, it's not as universal. For example, they have great support for cloud formation and other services, but if you're using another type of management utility or governance language for your infrastructure-as-code automation components, it becomes a little bit trickier to navigate that.""One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging.""We're looking at some of the data compliance stuff that they've got Jon offer. I know they're looking at container security, which we gonna be looking at next."

More Wiz Cons →

Pricing and Cost Advice
  • "As a partner, we receive a discount on the licenses."
  • "It's a fair price for what you get. We are happy with the price as it stands."
  • "I wasn't sure what to expect from the pricing, but I was pleasantly surprised to find that it was a little less than I thought."
  • "Singularity Cloud Workload Security's pricing is good."
  • "Singularity Cloud Workload Security's licensing and price were cheaper than the other solutions we looked at."
  • "I understand that SentinelOne is a market leader, but the bill we received was astronomical."
  • "It's not expensive. The product is in its initial growth stages and appears more competitive compared to others. It comes in different variants, and I believe the enterprise version costs around $55 per user per year. I would rate it a five, somewhere fairly moderate."
  • "The pricing is fair. It is not inexpensive, and it is also not expensive. When managing a large organization, it is going to be costly, but it meets the business needs. In terms of what is out there on the market, it is fair and comparable to what I have seen, so I do not have any complaints about the cost"

    • More SentinelOne Singularity Cloud Security Pricing and Cost Advice →

    Information Not Available
  • "The pricing seems pretty simple. We don't have to do a lot of calculations to figure out what the components are. They do it by enabling specific features, either basics or advanced, which makes it easy to select."
  • "The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing."
  • "The pricing is fair and comparable to their competitors. The cost seems to be going up, which is a concern. There are potential savings from consolidating tools, but we're uncertain how Wiz's pricing will change over time."
  • "I wish the pricing was more transparent."
  • "The cost of the other solutions is comparable to Wiz."
  • "Wiz is a moderately priced solution, where it is neither cheap nor costly."

    • More Wiz Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
    See Recommendations
    771,541 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about PingSafe?
    Top Answer:The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best… more »
    Read all 44 answers   →
    What is your experience regarding pricing and costs for PingSafe?
    Top Answer:I'm not aware of the exact pricing.
    Read all 31 answers   →
    What needs improvement with PingSafe?
    Top Answer:When I joined my organization, I saw that PingSafe was already implemented. I started to use the tool's alerting… more »
    Read all 44 answers   →
    What do you like most about JFrog Xray?
    Top Answer:JFrog Xray shows us a list of vulnerabilities that can impact our code.
    Read all 5 answers   →
    What needs improvement with JFrog Xray?
    Top Answer:There is a tool called DefectDojo for reporting. Reporting is crucial, but it is lacking in the current tool. Every… more »
    Read all 5 answers   →
    What is your primary use case for JFrog Xray?
    Top Answer:We use this solution to identify vulnerabilities in the dependency file. We have the Artifactory package which… more »
    Read all 5 answers   →
    How would you compare Wiz vs Lacework?
    Top Answer:Wiz and Lacework sucks... Buy Orca. 
    AWS Cloud Security Posture tool - has anyone used either Wiz or Ermetic ...
    Top Answer:Whether or not the cost of third-party Cloud Security tools is justified would depend on your specific needs and budget… more »
    What do you like most about Wiz?
    Top Answer:With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment.
    Read all 7 answers   →
    Comparisons
    Also Known As
    PingSafe
    JFrog Security Essentials
    Learn More
    SentinelOne
    JFrog
    Wiz
    Overview

    Singularity Cloud Security is SentinelOne’s comprehensive, cloud-native application protection platform (CNAPP). It combines the best of agentless insights with AI-powered threat protection, to secure and protect your multi-cloud infrastructure, services, and containers from build time to runtime. SentinelOne’s CNAPP applies an attacker’s mindset to help security practitioners better prioritize their  remediation tasks with evidence-backed Verified Exploit Paths™. The efficient and scalable runtime protection, proven over 5 years and trusted by many of the world’s leading cloud enterprises, harnesses local, autonomous AI engines to detect and thwart runtime threats in real-time. CNAPP data and workload telemetry is recorded to SentinelOne’s unified security lake, for easy access and investigation.

    Singularity Cloud Security includes both agentless and AI-powered cloud security controls, which represent two halves of our strategy to keep public cloud and container environments safe. Radically reduce your cloud attack surface with Singularity Cloud Native Security, formerly PingSafe, with agentless insights and evidence-based prioritization; protect runtime compute and container with Singularity Cloud Workload Security, SentinelOne’s real-time CWPP, with AI-powered machine-speed blocking of threats.

    JFrog is on a mission to enable continuous updates through Liquid Software, empowering developers to code high-quality applications that securely flow to end-users with zero downtime. The world’s top brands such as Amazon, Facebook, Google, Netflix, Uber, VMware, and Spotify are among the 4500 companies that already depend on JFrog to manage binaries for their mission-critical applications. JFrog is a privately-held, global company, and is a proud sponsor of the Cloud Native Computing Foundation [CNCF].

    If you are a team player and you care and you play to WIN, we have just the job you're looking for.

    As we say at JFrog: "Once You Leap Forward You Won't Go Back!"​

    Wiz is a highly efficient solution for data security posture management (DSPM), with a 100% API-based approach that provides quick connectivity and comprehensive scans of platform configurations and workloads. The solution allows companies to automatically correlate sensitive data with relevant cloud context, such as public exposure, user identities, entitlements, and vulnerabilities.This integration enables them to understand data accessibility, configuration, usage, and movement within their internal environments.

    Wiz's Security Graph delivers automated alerts whenever risks emerge, allowing teams to prioritize and address the most critical issues before they escalate into breaches. Furthermore, Wiz ensures rapid and agentless visibility into critical data across various repositories, enabling organizations to easily determine the location of their data assets.

    Wiz Features

    Wiz provides various features in the following categories:

    • Agentless Scanning: The solution can scan every layer of a cloud environment without requiring agents, managing the entire process and providing comprehensive visibility.

    • Workflow Integration: Users can create customized workflows within Wiz to identify and assign actions based on urgency, integrating them with ticketing systems for quick and efficient remediation.

    • Vulnerability Management: Wiz's vulnerability management modules provide detailed analytics and visibility across cloud systems, streamlining the manual process of vulnerability discovery. The automated attack path analysis helps identify risks and trace potential points of exposure, allowing users to understand and mitigate them effectively and proactively.

    • CSPM (Cloud Security Posture Management): Wiz's CSPM module offers instant visibility into high-level risks to an enterprise’s cloud environment, covering all accounts without the need for agents.

    • Out-of-the-Box Reporting and Custom Queries: The service supports comprehensive reporting with asset context, allowing users to perform complex custom queries on the solution’s user-friendly interface.

    • Automation Roles and Dashboards: The solution facilitates automation by providing essential roles and dedicated dashboards that enable teams to understand security information quickly, even those with limited expertise.

    • Contextual Risk Evaluation: The service contextualizes the various components contributing to an issue, providing a risk evaluation framework that helps prioritize remediation efforts.

    • Security Graph and Visibility: Wiz's security graph offers visibility across the entire organization, even with multiple accounts, enabling users to understand their environment and assets effectively.

    The Benefits of Wiz

    Wiz offers the following benefits:


    • Comprehensive agentless scanning

    • Effective identification and mitigation of vulnerabilities

    • Streamlined vulnerability management

    • Robust reporting capabilities and customizable queries

    • Enhanced automation and role-based access control

    • Prioritized risk evaluation for efficient remediation

    • Security posture across multiple accounts

    Reviews from Real Users

    Kamran Siddique, VP Information Security at boxed.com, remarks his company has seen a ROI while using Wiz, as it simplifies the process by integrating multiple useful tools into one solution.

    According to a Senior Security Architect at Deliveroo, Wiz has given their company a fresh approach to vulnerability management, as Wiz's native integrations are extremely useful and paramount to the operational success of their platform.



    Get a demo | Wiz

    Sample Customers
    Information Not Available
    google, amazon, cisco, netflix, oracle, vmware, facebook
    Wiz is the fastest growing software company ever - $100M ARR in 18 months: Wiz becomes the fastest-growing software company ever | Wiz Blog  Discover why companies, including Salesforce, Morgan Stanley, Fox, and Bridgewater choose Wiz as their cloud security partner. Read their success stories here: Customers | Wiz
    Top Industries
    REVIEWERS
    Computer Software Company25%
    Construction Company14%
    Financial Services Firm10%
    Media Company8%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Financial Services Firm15%
    Manufacturing Company10%
    Insurance Company4%
    VISITORS READING REVIEWS
    Financial Services Firm24%
    Manufacturing Company15%
    Computer Software Company12%
    Insurance Company5%
    REVIEWERS
    Computer Software Company33%
    Retailer11%
    Outsourcing Company11%
    Manufacturing Company11%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm15%
    Manufacturing Company9%
    Government6%
    Company Size
    REVIEWERS
    Small Business38%
    Midsize Enterprise21%
    Large Enterprise41%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise13%
    Large Enterprise62%
    REVIEWERS
    Midsize Enterprise29%
    Large Enterprise71%
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise10%
    Large Enterprise76%
    REVIEWERS
    Small Business15%
    Midsize Enterprise23%
    Large Enterprise62%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise15%
    Large Enterprise65%
    Buyer's Guide
    JFrog Xray vs. Wiz
    May 2024
    Free Report: JFrog Xray vs. Wiz
    Find out what your peers are saying about JFrog Xray vs. Wiz and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    771,541 professionals have used our research since 2012.

    JFrog Xray is ranked 17th in Vulnerability Management with 7 reviews while Wiz is ranked 4th in Vulnerability Management with 11 reviews. JFrog Xray is rated 8.2, while Wiz is rated 9.2. The top reviewer of JFrog Xray writes "An intelligent solution that prioritizes which vulnerability to target first in your project". On the other hand, the top reviewer of Wiz writes "Multiple features help us prioritize remediation, and agentless implementation reduces overhead". JFrog Xray is most compared with Black Duck, Snyk, Mend.io, Veracode and FOSSA, whereas Wiz is most compared with Prisma Cloud by Palo Alto Networks, Orca Security, Microsoft Defender for Cloud, AWS Security Hub and Lacework. See our JFrog Xray vs. Wiz report.

    See our list of best Vulnerability Management vendors and best Container Security vendors.

    We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.