Cancel
You must select at least 2 products to compare!
Microsoft Logo
5,207 views|3,633 comparisons
Lacework Logo
4,729 views|3,698 comparisons
Wiz Logo
7,664 views|5,967 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Lacework and Wiz based on real PeerSpot user reviews.

Find out what your peers are saying about Tenable Network Security, Qualys, Orca Security and others in Vulnerability Management.
To learn more, read our detailed Vulnerability Management Report (Updated: January 2023).
670,523 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It has been great for us. Previously, we didn't have a solution to protect us, especially from malware, whereas now, we are getting protection up front, especially from the malware attacks coming through emails or endpoints.""Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features.""The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update.""I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there.""The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions.""Microsoft 365 Defender is simple to upgrade.""I have found the ability to delete unwanted threats beneficial.""It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."

More Microsoft 365 Defender Pros →

"The most valuable feature is Lacework's ability to distill all the security and audit logs. I recommend it to my customers. Normally, when I consult for other customers that are getting into the cloud, we use native security tools. It's more of a rule-based engine.""The compliance reports are definitely most valuable because they save time and are accurate. So, instead of relying on a human going through and checking or providing me with a report, I could just log into Lacework and see for myself.""For the most part, out-of-the-box, it tells you right away about the things you need to work on. I like the fact that it prioritizes alerts based on severity, so that you can focus your efforts on anything that would be critical/high first, moderate second, and work your way down, trying to continue to improve your security posture.""There are many valuable features that I use in my daily work. The first are alerts and the event dossier that it generates, based on the severity. That is very insightful and helps me to have a security cap in our infrastructure. The second thing I like is the agent-based vulnerability management, which is the most accurate information.""The best feature, in my opinion, is the ease of use."

More Lacework Pros →

"Out of all the features, the one item that has been most valuable is the fact that Wiz puts into context all the pieces that create an issue, and applies a particular risk evaluation that helps us prioritize when we need to address a misconfiguration, vulnerability, or any issue that would put our environment into risk.""The vulnerability management modules and the discovery and inventory are the most valuable features. Before using Wiz, it was a very manual process for both. After implementing it, we're able to get all of the analytics into a single platform that gives us visibility across all the systems in our cloud. We're able to correspond and understand what the vulnerability landscape looks like a lot faster."

More Wiz Pros →

Cons
"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete.""The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better.""Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR.""The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there.""What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution.""Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded.""This solution could be improved if it included features such as those offered by Malwarebytes.""I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."

More Microsoft 365 Defender Cons →

"The configuration and setup of alerts should be easier. They should make it easier to integrate with systems like Slack and Datadog. I didn't spend too much time on it, but to me, it wasn't as simple as the alerting that I've seen on other systems.""Visibility is lacking, and both compliance-related metrics and IAM security control could be improved.""I would like to see a remote access assistance feature. And the threat-hunting platform could be better.""Lacework lacks remediation features, but I believe they're working on that. They're focused on the reporting aspect, but other features need to improve. They're also adding some compliance features, so it's not worth saying they need to get better at it.""The biggest thing I would like to see improved is for them to pursue and obtain a FedRAMP moderate authorization... I don't believe they have any immediate plans to get FedRAMP moderate authorized, which is a bit of a challenge for us because we can only use Lacework in our commercial environment."

More Lacework Cons →

"We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade... We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately.""The only small pain point has been around some of the logging integrations. Some of the complexities of the script integrations aren't supported with some of the more automated infrastructure components. So, it's not as universal. For example, they have great support for cloud formation and other services, but if you're using another type of management utility or governance language for your infrastructure-as-code automation components, it becomes a little bit trickier to navigate that."

More Wiz Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."
  • More Microsoft 365 Defender Pricing and Cost Advice →

  • "The licensing fee was approximately $80,000 USD, per year."
  • "The pricing has gotten better. That scenario was somewhat unstable. They have a rather interesting licensing structure. I believe you get 200 resources per "Lacework unit." It was difficult, in the beginning, to figure out exactly what a "resource" was... That was a problem until about a year or so ago. They have improved it and it has stabilized quite a bit."
  • More Lacework Pricing and Cost Advice →

  • "The pricing seems pretty simple. We don't have to do a lot of calculations to figure out what the components are. They do it by enabling specific features, either basics or advanced, which makes it easy to select."
  • "The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing."
  • More Wiz Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
    670,523 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:The solution is well integrated with applications. It is easy to maintain and administer.
    Top Answer:The data recovery and backup could be improved.
    Top Answer:Wiz and Lacework sucks... Buy Orca. 
    Top Answer:The most valuable feature is Lacework's ability to distill all the security and audit logs. I recommend it to my… more »
    Top Answer:Lacework's price isn't too bad. I would rate it seven out of 10 for affordability.
    Top Answer:The vulnerability management modules and the discovery and inventory are the most valuable features. Before using Wiz… more »
    Top Answer:The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat… more »
    Top Answer:The only small pain point has been around some of the logging integrations. Some of the complexities of the script… more »
    Comparisons
    Also Known As
    Microsoft Threat Protection, MS 365 Defender
    Polygraph
    Learn More
    Lacework
    Video Not Available
    Overview

    Microsoft 365 Defender, part of Microsoft’s XDR solution, leverages the Microsoft 365 security portfolio to automatically analyze threat data across domains, building a complete picture of each attack in a single dashboard. With this breadth and depth of clarity defenders can now focus on critical threats and hunt for sophisticated breaches, trusting that the powerful automation in Microsoft 365 Defender detects and stops attacks anywhere in the kill chain and returns the organization to a secure state.

    - Reduce signal noise by viewing prioritized incidents in a single dashboard. 

    - Use the automated investigation capabilities to spend less time on detection and response.

    - Take care of routine and complex remediation with Microsoft 365 Defender by auto-healing affected assets.

    - Hunt across all your data, leveraging your organizational knowledge with custom queries. 

    - Develop custom detection and response tools for long-term protection and improved security posture.

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Lacework is a cloud security platform whose Polygraph Data Platform automates cloud security at scale so customers can innovate with speed and safety. Lacework is the only security platform that can collect, analyze, and accurately correlate data across an organization’s AWS, Azure, GCP, and Kubernetes environments, and narrow it down to the handful of security events that matter. As a breach detection and investigation tool, Lacework provides information on when and how a breach happened, including the users, machines, and applications involved in the breach. By using machine learning and behavioral analytics, the solution can automatically learn what's normal for your environment and reveal any abnormal behavior. In addition, Lacework gives you continuous visibility to find vulnerabilities, misconfigurations, and malicious activity across your cloud environment.

    Lacework Features

    Lacework has many valuable key features. Some of the most useful ones include:

    • Dashboards
    • Reports
    • Workflow management
    • Administration console
    • Governance
    • Policy enforcement
    • Auditing
    • Access control
    • Workflow management
    • Compliance monitoring
    • Anomaly detection
    • Data loss prevention
    • Cloud gap analytics
    • Host compliance

    Lacework Benefits

    There are many benefits to implementing Lacework. Some of the biggest advantages the solution offers include:

    • Security visibility: Get deep observability into your cloud accounts, workloads, and microservices to give you tighter security control.
    • Threat detection: By using Lacework, your organization can identify common security events that target your cloud servers, containers, and infrastructure-as-a-service (IaaS) accounts so you can take action on them quickly.
    • Flexible deployment: With Lacework, you have the option to deploy the way you prefer - either agent or agentless - which provides the visibility needed to have maximum security for cloud accounts and systems. Because Lacework offers an easy-to-deploy layered approach, you gain quick time to value.
    • Configuration compliance: With the Lacework solution, you can easily spot IaaS account configurations that are non-compliant and identify opportunities to apply security best practices.
    • Synced teams: Lacework allows your teams to operate smarter and bridge the gap between security, Dev, and Ops regardless of your team's size or experience level.
    • Gain meaningful security insights: Lacework provides meaningful security insights, alerting you of issues before they reach production from your existing workflows. This way you can build apps quickly and confidently.
    • Increased revenue streams: Because the solution has built-in security from the first line of code early on, it helps users unlock higher revenue streams.
    • Helps avoid development delays: The Lacework solution helps you better prioritize security fixes by making security information accessible to DevOps and security teams for earlier risk mitigation that speeds innovation.
    • Increased productivity: Lacework provides alerts with all the context you need and eliminates data silos and costly investigations, enabling you to boost productivity.
    • Correlate and contextualize behaviors: Lacework can take attributes and data points from your unique environment and correlate them together into behaviors.
    • Simplified cloud security posture and compliance: With the Lacework platform, you can get comprehensive visibility and continuous tracking to reduce risks and meet compliance requirements so you can improve your bottom line.
    • Address vulnerabilities before it is too late: Lacework enables you to limit your attack surface so you can address the riskiest vulnerabilities early in the development cycle.

    Wiz is reinventing cloud security from the inside out.

    We’re on a mission to help organizations effectively reduce risks in their Cloud and Kubernetes environments. Purpose-built for the unique complexities of multi-environment, multi-workload, and multi-project cloud estates, Wiz automatically correlates the critical risk factors to deliver actionable insights that don't waste time.

    Wiz connects in minutes using a 100% API-based approach that scans both platform configurations and inside every workload. Our full security stack context surfaces the toxic combinations that show the attackers’ view to a breach. Security and development teams use Wiz workflows to proactively remove risks and prevent them from becoming breaches.

    Get a demo | Wiz

    Offer
    Learn more about Microsoft 365 Defender
    Learn more about Lacework
    Learn more about Wiz
    Sample Customers
    Information Not Available
    J.Crew, AdRoll, Snowflake, VMWare, Iterable, Pure Storage, TrueCar, NerdWallet, and more.
    Wiz is the fastest growing software company ever - $100M ARR in 18 months: Wiz becomes the fastest-growing software company ever | Wiz Blog  Discover why companies, including Salesforce, Morgan Stanley, Fox, and Bridgewater choose Wiz as their cloud security partner. Read their success stories here: Customers | Wiz
    Top Industries
    REVIEWERS
    Computer Software Company38%
    Manufacturing Company25%
    Comms Service Provider13%
    Aerospace/Defense Firm13%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Government10%
    Financial Services Firm7%
    Comms Service Provider7%
    VISITORS READING REVIEWS
    Computer Software Company24%
    Financial Services Firm7%
    Comms Service Provider6%
    Retailer5%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm14%
    Manufacturing Company7%
    Government6%
    Company Size
    REVIEWERS
    Small Business44%
    Midsize Enterprise12%
    Large Enterprise44%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise18%
    Large Enterprise60%
    VISITORS READING REVIEWS
    Small Business29%
    Midsize Enterprise17%
    Large Enterprise54%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise16%
    Large Enterprise63%
    Buyer's Guide
    Vulnerability Management
    January 2023
    Find out what your peers are saying about Tenable Network Security, Qualys, Orca Security and others in Vulnerability Management. Updated: January 2023.
    670,523 professionals have used our research since 2012.

    Lacework is ranked 10th in Vulnerability Management with 5 reviews while Wiz is ranked 12th in Vulnerability Management with 2 reviews. Lacework is rated 9.0, while Wiz is rated 8.6. The top reviewer of Lacework writes "Helps us with third-party risk assessment and demonstrate compliance with security standards". On the other hand, the top reviewer of Wiz writes "Multiple features help us prioritize remediation, and agentless implementation reduces overhead". Lacework is most compared with Prisma Cloud by Palo Alto Networks, Amazon GuardDuty, Orca Security, Aqua Security and Snyk, whereas Wiz is most compared with Orca Security, Prisma Cloud by Palo Alto Networks, Snyk, Microsoft Defender for Cloud and Zscaler Cloud Protection.

    See our list of best Vulnerability Management vendors, best Container Security vendors, and best CWPP (Cloud Workload Protection Platforms) vendors.

    We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.