We performed a comparison between Runecast and VMware Aria Automation based on real PeerSpot user reviews.
Find out what your peers are saying about Palo Alto Networks, Wiz, Microsoft and others in Cloud Security Posture Management (CSPM)."The CSPM module has been the most effective. It was easy to deploy and covered all our accounts through APIs, requiring no agents. Wiz provides instant visibility into high-level risks that we need to address."
"I like Wiz's reporting, and it's easy to do queries. For example, it's pretty simple to find out how many servers we have and the applications installed on each. I like Wiz's security graph because you can use it to see the whole organization even if you have multiple accounts."
"Out of all the features, the one item that has been most valuable is the fact that Wiz puts into context all the pieces that create an issue, and applies a particular risk evaluation that helps us prioritize when we need to address a misconfiguration, vulnerability, or any issue that would put our environment into risk."
"The product supports out-of-the-box reporting with context about the asset and allows us to perform complex custom queries on UI."
"The first thing that stood out was the ease of installation and the quick value we got out of the solution."
"With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment."
"Our most important features are those around entitlement, external exposure, vulnerabilities, and container security."
"The solution is very user-friendly."
"Runecast is a good partner for VMware. Once we have installed it, we can see all the problems and issues. It also has VMware knowledge-based articles."
"The extensibility of it and the customization of a lot of the Blueprints, that you can customize, and the community as a whole. There's a ton of community-generated Blueprints that might be (helpful) to set up a design for your automation needs, that you can use as a base and go on from there and make changes to it."
"Our QA department is able to spin up a new instance of Windows virtual machine and test whatever use case they have, then turn it back down whenever they are done."
"The self-service capabilities are by far the best that we've seen in terms of features. If the user is being able to log in and make requests himself, from the onboarding process all the way to the end, that's very helpful."
"The product is stable."
"It is probably 90 percent quicker to get something out the door than it was before. For developers, depending on who is building VMs for them, sometimes they request anywhere from 20 to 100. Now, we can deploy them in a matter of an hour, where previously it might have taken me three days to deploy out 100 VMs."
"The repetitive tasks which took provisioning storage, network, and compute two to three weeks, now takes five minutes."
"Now the customer can manage their own server requirements directly. This is very important because, before that, the process included signing off on forms and sending them to the IT Director. It took at least 10 days to create a VM and send it to the person who needed it. Now, it's no more than a half hour to activate a new VM at the customer's site."
"We can connect between multiple VMs in a matter of seconds."
"We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade... We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately."
"The remediation workflow within the Wiz could be improved."
"The only small pain point has been around some of the logging integrations. Some of the complexities of the script integrations aren't supported with some of the more automated infrastructure components. So, it's not as universal. For example, they have great support for cloud formation and other services, but if you're using another type of management utility or governance language for your infrastructure-as-code automation components, it becomes a little bit trickier to navigate that."
"The only thing that needs to be improved is the number of scans per day."
"One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging."
"Given the level of visibility into all the cloud environments Wiz provides, it would be nice if they could integrate some kind of mechanism to better manage tenants on multiple platforms. For example, let's say that some servers don't have an application they need, such as an antivirus. Wiz could include an API or something to push those applications out to the servers. It would be great if you could remedy these issues directly from the Wiz platform."
"The reporting isn't that great. They have executive summaries, but it's only a compliance report that maps all current issues to specific controls. Whether you look at one subscription or project, regardless of the size, you will get a multipage report on how the issues in that account map to that control. Our CSO isn't going to read through that. He won't filter that out or show that to his leadership and say, "Here's what we're doing." It isn't a helpful report. They're working on it, but it's a poor executive summary."
"Wiz's reporting capabilities could be refined a bit. They are making headway on that, but more executive-style dashboards would be nice. They just implemented a community aspect where you can share documents and feedback. This was something users had been requesting for a while. They are listening to customer feedback and making changes."
"The product lacks network assessment capabilities. We cannot view our network assets or scan switches, routers, or IPs for vulnerabilities and issues."
"vCenter and vRA, I believe they share two different databases so sometimes you have to somehow sync them up. I wish there was only one database between the two or, somehow, one database would rule over the other one, so if you have both products, the vCenter might use the vRA database. Otherwise, when you do stuff in vCenter, you have to write a command on vRA to update the databases."
"I would like them to improve the product training."
"I don't find it to be entirely user-friendly. There are a lot of complicated menus within menus within menus. Things move around from version to version."
"The deployment mechanisms for the initial deployment of the product line lacks the appropriate documentation to give someone who's never used it before... There might be cases where someone wants to go to the website, go to the doc section, and do a step-by-step on how to deploy it. That's really not as brushed-up as other documents I've seen that they have. That would definitely be an improvement on their end."
"It would be nice in the next release if they added in tool tips. Whether you're putting it together, adding a blueprint, or you're making a change in the system, highlighting or selecting something and having it tell you what it does or what it will do would be nice. Because it's such a complex system, it's hard to work with unless you've been using it for years to know what everything is doing."
"I would like to see a simpler way of provisioning it. As is, we can automate the provisioning of a VM, however, when it comes to the external IPs, that is outside of VMware. But that has to be automated as well. If there was a way for us to have the virtual machines connect to switches that are external to VMware, that would be great. That way, it would handle the entire workflow from creation and provisioning of a VM to the connectivity to the external IP addresses which allow our customers to have access to the VM. Currently, that IP configuration has to be done manually."
"The product's features for hybrid cloud integration could be better."
"It would be nice if, at the director level, the manager level, there was a pretty graphic. They don't like to see numbers and line items, they want to see graphs and scales and real world pictures. That would support better reporting."
Runecast is ranked 24th in Cloud Security Posture Management (CSPM) with 1 review while VMware Aria Automation is ranked 15th in Cloud Security Posture Management (CSPM) with 133 reviews. Runecast is rated 9.0, while VMware Aria Automation is rated 8.0. The top reviewer of Runecast writes "Helps with risk assessments for containers, assessing security, and ensuring container compliance". On the other hand, the top reviewer of VMware Aria Automation writes "Allows for a lot of orchestration or customization within our environment to suit our customers". Runecast is most compared with VMware Aria Operations, whereas VMware Aria Automation is most compared with Red Hat Ansible Automation Platform, VMware Aria Operations, vCloud Director, Morpheus and vCenter Orchestrator.
See our list of best Cloud Security Posture Management (CSPM) vendors.
We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.