Skybox Security Suite vs Wiz comparison

Tufin and Wiz are both solutions in the Vulnerability Management category. Tufin is ranked #30 with an average rating of 7.6, while Wiz is ranked #2 with an average rating of 8.7. Tufin holds a 0.6% mindshare in VM, compared to Wiz’s 11.9% mindshare. Additionally, 83% of Tufin users are willing to recommend the solution, compared to 95% of Wiz users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jun 1, 2025

Skybox Security Suite and Wiz compete in network and cloud security solutions. In the network management space, Skybox holds an advantage with its extensive scalability, while Wiz excels in cloud-specific environments with its cloud security posture management and agentless deployment.

Features: Skybox Security Suite offers robust firewall management, vulnerability control, and unique offline attack simulation, supporting complex network structures. Wiz provides comprehensive cloud security posture management, advanced threat prioritization, and innovative Security Graph for risk visualization.

Room for Improvement: Skybox could improve its web interface, reporting capabilities, and introduce more flexible licensing models. Wiz can enhance its reporting and dashboard customization, improve integration with automated infrastructure tools, and expand its container security features.

Ease of Deployment and Customer Service: Skybox primarily supports on-premises and hybrid cloud environments which might require more setup time, though its customer support is satisfactory with varying responsiveness. Wiz offers faster deployment with an agentless architecture and excellent customer service, although integration support could be improved.

Pricing and ROI: Skybox is often more favorable for large networks despite high initial costs, providing strong ROI through automated functions. Its complex licensing model is a concern. Wiz is seen as more expensive but delivers superior value in cloud environments, with room for more pricing transparency. Both demonstrate significant ROI in their respective strengths.

To learn more, read our detailed Skybox Security Suite vs. Wiz Report (Updated: June 2025).

Buyer's Guide

Skybox Security Suite vs. Wiz

June 2025

Download the complete report

Helped 860,592 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Zafran Security

Mindshare comparison

As of July 2025, in the Vulnerability Management category, the mindshare of Zafran Security is 0.8%, up from 0.0% compared to the previous year. The mindshare of Skybox Security Suite is 0.6%, up from 0.5% compared to the previous year. The mindshare of Wiz is 11.9%, up from 9.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Vulnerability Management

Featured Reviews

Israel Cavazos Landini

Associate Director IT Security Operations at a pharma/biotech company with 10,001+ employees

Weekly insights and risk analysis facilitate informed security decisions

I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.

Read full review

NenadMijatovic

Director of Sales at S4E Serbia

Efficient in vulnerability management, stable and easy to use

Vulnerability management is the most valuable feature because it lets you focus on the most critical vulnerabilities. That's the important thing. Here in Serbia, there are not so many companies that have too many firewalls inside one company. So, they usually don't buy this model for Firewall Assurance unless there is some compliance. So you can prove that your firewalls are compliant. So, that model is not so important here in Serbia. It's for bigger companies. So, they usually buy network assurance to build the model of the network and vulnerability management to focus on the most important vulnerabilities. Moreover, Skybox can collect data for many vendors. From the endpoint protection vendors to the network equipment vendors to other security vendors. So, it supports more than one hundred vendors to collect data from them.

Read full review

Pietro Villivà

Business Line Manager at S2E

Useful for security assessment and maintaining correct security posture

The tool keeps improving on a weekly basis. Wiz enters into a lot of partnerships with other technologies. I don't have any idea about the improvements needed in the tool at the moment. For me, Wiz is a very complete product, but it is not the perfect one. Other technologies are better for our customers' specific use cases. A possible way to grow the tool is by introducing new functionality or features. In the future, the tool can introduce an on-prem infrastructure or platform. Not having an on-prem version can be an obstacle for customers who have a large workload in an on-prem environment. The onboarding can be done in five minutes or five to ten minutes. Then, there is the configuration, and it depends on the type of the use case of the customer. There is a customer that has simple use cases for whom the onboarding can be done in four to eight hours a day. If there are some customers with a lot of use cases and a lot of different cloud providers, more time is needed. In general, we don't need more than five days to deploy the tool, even in the case of a very complex architecture and hybrid cloud environment. To deploy the tool, we need to have access to the account of the customer, and Wiz is a stuff that we need to make with the customer. We do the onboarding together. The customer creates the correct authorization in the cloud platform and gives us the key to connect to the platform, and then the platform connector starts and begins to collect information.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Zafran is an excellent tool."

"We saw benefits from Zafran Security almost immediately after deploying it."

"Zafran has become an indispensable tool in our cybersecurity arsenal."

"Overall, we have seen about eighty-seven percent reduction of the number of vulnerabilities that require urgency to remediate, specifically the number of criticals."

"We are able to see the real risk of a vulnerability on our environment with our security tools."

"The way that it's built with three-tier architecture, it makes it very horizontally scalable, so I can have multiple fallbacks. If one machine does fall offline, there are four other machines that are doing the exact same job to pick it up"

"Overall, the tool has helped us reduce risks. If any step is missing, it's easier for my team or engineers to identify it. The tool provides accurate recommendations based on the data. Its integration is easy, and I have integrated it with Fortinet firewalls."

"I am impressed with the tool's change management, firewall and network assurance."

"Skybox Security Suite is cost-effective."

"instead of asking for firewall rules which may or may not be relevant, or could already be there, or could be over-permissioned, Skybox can be used to map out the resources that that application is going to use and provide the exact rules that an application would require to function correctly. If the traffic isn't able to flow for the application, if it's erring out, Skybox can be used to troubleshoot that and say, "All right, where is the traffic being stopped and why, and how do I fix that.""

"Correlates logs and threats and prioritizes; provides network maps;p provides change result context and resulting vulnerability."

"The most impressive feature is optimization and clean-up."

"We are currently working on rule review and compliance. The logging features are good."

More Skybox Security Suite pros

"Wiz offers greater visibility and more in-depth findings in terms of configuration, misconfiguration, and vulnerabilities."

"The most valuable feature of Wiz is that it keeps information up to date without needing to perform scans or schedule maintenance windows. It provides a fresh snapshot of our vulnerability metrics."

"Wiz saves time by validating a network misconfiguration by not only looking at the cloud asset configuration but also by testing if a port that is stated to be open is actually open."

"The granularity of visibility that the platform provides is the most valuable aspect."

"Our most important features are those around entitlement, external exposure, vulnerabilities, and container security."

"The CSPM module has been the most effective. It was easy to deploy and covered all our accounts through APIs, requiring no agents. Wiz provides instant visibility into high-level risks that we need to address."

"The first thing that stood out was the ease of installation and the quick value we got out of the solution."

"I like Wiz's reporting, and it's easy to do queries. For example, it's pretty simple to find out how many servers we have and the applications installed on each. I like Wiz's security graph because you can use it to see the whole organization even if you have multiple accounts."

More Wiz pros

Cons

"I think the ability to have some enhanced reporting capabilities is something they can improve on, as they have good reports but we have asked for some specific reporting enhancements."

"The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvements."

"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."

"The solution was quite technical. It would be easier to manage if the solution was more specific about aspects of the solution and provided more advisory around how to use it effectively. It would help users a lot if they were more clear about everything."

"They are not satisfied with the complexity of the solution and the price."

"The solution does not support certain devices or vendors in some regions or countries due to regulations."

"The initial setup with Skybox Security is hard. You need one or two strong security engineers on your team."

"Modifications and the deletion of existing policies are currently unavailable."

"Reporting. A lot of the reports, out of the box, are limited to a certain number of either configuration violations or access rule violations. So when you first set up a new firewall to be monitored by Skybox, you don't get a real full report. You have to really tweak it to get everything."

"The stability is something that is questionable. I don't know whether it is because of the kind of infrastructure we have or because of the product in itself. We're running it on a virtual machine right now. Maybe once a month, or once in every 45 days, it requires a restart because the application fails to connect. So I have to restart the whole Skybox Manager itself, the Skybox server itself, and then connect to it from our Skybox Manager."

"There are multiple dashboards but no custom dashboard. It would be good to include a custom dashboard so that we can actually choose which field and what kinds of things we want to look at."

More Skybox Security Suite cons

"Wiz's reporting capabilities could be refined a bit. They are making headway on that, but more executive-style dashboards would be nice. They just implemented a community aspect where you can share documents and feedback. This was something users had been requesting for a while. They are listening to customer feedback and making changes."

"The solution's container security could be improved."

"One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging."

"We would like to see improvements to executive-level reporting and data reporting in general, which we understand is being rolled out to the platform."

"We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade... We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately."

"The only thing that needs to be improved is the number of scans per day."

"In Brazil, the cost is a significant issue due to the currency exchange rate."

"As the tool is a good fit for small and medium-sized businesses, the solution should focus on making the product suitable for large-scale businesses."

More Wiz cons

Pricing and Cost Advice

Information not available

"The price of the Skybox Security Suite can be expensive."

"It's expensive."

"With licensing, the number of network nodes becomes very expensive to the point where you have to rationalize if the tools are warranted anymore."

"The pricing is high, and the licensing model needs more flexibility."

"I've seen the pricing of every solution on the market. When you compare apples to apples, where Skybox becomes exceedingly expensive is if you look at it compared to something like FireMon that only does a fraction of what Skybox does. But if you include everything that Skybox does, it becomes way more expensive than the competition, but you're also not comparing apples to apples. If you look at FireMon, and you look at like just the firewall assurance piece, they are fairly comparable and, actually, Skybox comes in a little bit cheaper in some cases, depending on which product you're looking at."

"The pricing has increased exorbitantly in the last few years, so now it is questionable. Now, it makes me want to review other products."

"The licensing fee is paid yearly and is approximately $100,000."

"The product's pricing is excellent value. In terms of licensing, make sure you understand your network components, all your hops through your network, thoroughly, before you decide on the total cost. If you want to do point-to-point flow analysis and such, you need to have the configuration of all the devices in between point A and point B. A lot of people don't realize all their network components until they start using this product."

More Skybox Security Suite pricing and cost advice

"Regarding pricing, it’s more than $100k because we have a very big infrastructure. Our environment supports around three thousand people, and we offer business-to-client financial services to around one million clients, so we rely heavily on Wiz."

"The pricing is fair and comparable to their competitors. The cost seems to be going up, which is a concern. There are potential savings from consolidating tools, but we're uncertain how Wiz's pricing will change over time."

"The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing."

"The cost of the other solutions is comparable to Wiz."

"The pricing seems pretty simple. We don't have to do a lot of calculations to figure out what the components are. They do it by enabling specific features, either basics or advanced, which makes it easy to select."

"Based on the features and capabilities, the product pricing seems reasonable."

"If one is cheap and ten is expensive, I rate the tool's price as a five out of ten."

"Wiz is a moderately priced solution, where it is neither cheap nor costly."

More Wiz pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.

See recommendations

860,592 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

11%

Financial Services Firm

11%

Manufacturing Company

Healthcare Company

Financial Services Firm

18%

Computer Software Company

17%

Manufacturing Company

10%

Energy/Utilities Company

Financial Services Firm

16%

Computer Software Company

15%

Manufacturing Company

10%

Healthcare Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?

The current pricing of Zafran Security is fair overall. They were good to work with to accommodate our organization w...

See all answers

What needs improvement with Zafran Security?

The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvement...

See all answers

What is your primary use case for Zafran Security?

Zafran Security is helping reduce the amount of critical vulnerabilities in our environments that require prompt reme...

See all answers

What do you like most about Skybox Security Suite?

Overall, the tool has helped us reduce risks. If any step is missing, it's easier for my team or engineers to identif...

See all answers

What is your experience regarding pricing and costs for Skybox Security Suite?

From a commercial perspective, AlgoSec is more expensive compared to Skybox Security Suite. Skybox Security Suite is ...

See all answers

What needs improvement with Skybox Security Suite?

The dashboard's UI is not interesting; it is quite normal. It would be better if something more attractive or similar...

See all answers

What do you like most about Wiz?

With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment.

See all answers

What is your experience regarding pricing and costs for Wiz?

This feedback is not based on much experience yet, as we have only conducted POV or POC.

See all answers

What needs improvement with Wiz?

In Wiz, if there is one vulnerability that occurs multiple times, it is listed only once. However, even if it is a si...

See all answers

Comparisons

Wiz Code vs Zafran Security

Compared 42% of the time

Vulcan Cyber vs Zafran Security

Compared 16% of the time

ServiceNow Security Operations vs Zafran Security

Compared 9% of the time

Tenable Vulnerability Management vs Zafran Security

Compared 9% of the time

Nucleus vs Zafran Security

Compared 7% of the time

More Zafran Security Competitors

AlgoSec vs Skybox Security Suite

Compared 32% of the time

Tufin Orchestration Suite vs Skybox Security Suite

Compared 31% of the time

FireMon Security Manager vs Skybox Security Suite

Compared 13% of the time

RedSeal vs Skybox Security Suite

Compared 5% of the time

ManageEngine Firewall Analyzer vs Skybox Security Suite

Compared 3% of the time

More Skybox Security Suite Competitors

Prisma Cloud by Palo Alto Networks vs Wiz

Compared 11% of the time

Microsoft Defender for Cloud vs Wiz

Compared 8% of the time

Orca Security vs Wiz

Compared 7% of the time

Upwind vs Wiz

Compared 4% of the time

Snyk vs Wiz

Compared 4% of the time

More Wiz Competitors

Product Reports

Buyer's Guide

Continuous Threat Exposure Management (CTEM)

June 2025

Download Zafran Security product report

Buyer's Guide

Skybox Security Suite

June 2025

Download Skybox Security Suite product report

Buyer's Guide

Wiz

June 2025

Download Wiz product report

Overview

Zafran Security integrates with existing security tools to identify and mitigate vulnerabilities effectively, proving that most critical vulnerabilities are not exploitable, optimizing threat management.

Zafran Security introduces an innovative operating model for managing security threats and vulnerabilities. By leveraging the threat exposure management platform, it pinpoints and prioritizes exploitable vulnerabilities, reducing risk through immediate remediation. This platform enhances your hybrid cloud security by normalizing vulnerability signals and integrating specific IT context data, such as CVE runtime presence and internet asset reachability, into its analysis. No longer reliant on patch windows, Zafran Security allows you to manage risks actively.

What are the key features of Zafran Security?

Threat Exposure Management: Utilizes existing tools to prioritize vulnerabilities and manage threats.
Integrative Analysis: Combines security data with IT context for precise vulnerability management.
Real-time Risk Reduction: Enables immediate risk management without waiting for patches.
Hybrid Cloud Compatibility: Functions across diverse cloud environments for comprehensive security.

What benefits can users expect from Zafran Security?

Improved Security: Enhances protection by efficiently identifying and mitigating risks.
Cost Efficiency: Reduces unnecessary patching expenses by confirming non-exploitable vulnerabilities.
Time Savings: Frees developers to focus on root causes by handling immediate threats.
Comprehensive Insight: Offers a holistic view of security threats and vulnerabilities.

In industries where security is paramount, such as finance and healthcare, Zafran Security provides invaluable protection by ensuring that only exploitable vulnerabilities are addressed. It allows entities to maintain robust security measures while allocating resources efficiently, fitting seamlessly into existing security strategies.

Zafran Security

Skybox Security Suite provides comprehensive tools for network and firewall compliance, vulnerability management, and change management, with a focus on risk reduction and network optimization.

Skybox Security Suite supports over 130 vendors with massive scalability and seamless integration, notably with Nessus and Qualys. Its features include network path analysis and offline attack simulation, which enhance management effectiveness. Despite its robust offering, improvements are needed in its UI, web interface, reporting detail, and customization. Automation, orchestration, and device policy provisioning require better support, and integration with tools like Rapid7 could be improved. Enhancements in firewall configuration checks, cloud connectivity, pricing, and marketing awareness are also called for, alongside a transition from Java GUI to a consistent web-based system.

What Are Key Features of Skybox Security Suite?

Network Assurance: Enhances visibility and optimization of network paths.
Firewall Assurance: Facilitates firewall rule set audits for compliance.
Vulnerability Management: Offers path detection and risk prioritization.
Compliance Management: Ensures adherence to standards like PCI.
Change Management: Simplifies management across extensive infrastructures.

What Benefits and ROI Can Users Expect?

Scalability: Supports numerous vendors and large-scale deployments.
Integration: Seamlessly connects with tools like Nessus and Qualys.
Risk Reduction: Improves security across network infrastructures.
Simplified Management: User-friendly interface and reporting tools enhance usability.
Network Optimization: Streamlines processes and improves performance.

Skybox Security Suite is commonly used in industries requiring strict compliance like finance and healthcare. Firms employ it for firewall audits, enhancing network visibility, and managing configurations against standards such as PCI, ensuring security and policy compliance across expansive networks.

Tufin

Wiz is a highly efficient solution for data security posture management (DSPM), with a 100% API-based approach that provides quick connectivity and comprehensive scans of platform configurations and workloads. The solution allows companies to automatically correlate sensitive data with relevant cloud context, such as public exposure, user identities, entitlements, and vulnerabilities.This integration enables them to understand data accessibility, configuration, usage, and movement within their internal environments.

Wiz's Security Graph delivers automated alerts whenever risks emerge, allowing teams to prioritize and address the most critical issues before they escalate into breaches. Furthermore, Wiz ensures rapid and agentless visibility into critical data across various repositories, enabling organizations to easily determine the location of their data assets.

Wiz Features

Wiz provides various features in the following categories:

Agentless Scanning: The solution can scan every layer of a cloud environment without requiring agents, managing the entire process and providing comprehensive visibility.
Workflow Integration: Users can create customized workflows within Wiz to identify and assign actions based on urgency, integrating them with ticketing systems for quick and efficient remediation.
Vulnerability Management: Wiz's vulnerability management modules provide detailed analytics and visibility across cloud systems, streamlining the manual process of vulnerability discovery. The automated attack path analysis helps identify risks and trace potential points of exposure, allowing users to understand and mitigate them effectively and proactively.
CSPM (Cloud Security Posture Management): Wiz's CSPM module offers instant visibility into high-level risks to an enterprise’s cloud environment, covering all accounts without the need for agents.
Out-of-the-Box Reporting and Custom Queries: The service supports comprehensive reporting with asset context, allowing users to perform complex custom queries on the solution’s user-friendly interface.
Automation Roles and Dashboards: The solution facilitates automation by providing essential roles and dedicated dashboards that enable teams to understand security information quickly, even those with limited expertise.
Contextual Risk Evaluation: The service contextualizes the various components contributing to an issue, providing a risk evaluation framework that helps prioritize remediation efforts.
Security Graph and Visibility: Wiz's security graph offers visibility across the entire organization, even with multiple accounts, enabling users to understand their environment and assets effectively.

The Benefits of Wiz

Wiz offers the following benefits:

Comprehensive agentless scanning
Effective identification and mitigation of vulnerabilities
Streamlined vulnerability management
Robust reporting capabilities and customizable queries
Enhanced automation and role-based access control
Prioritized risk evaluation for efficient remediation
Security posture across multiple accounts

Reviews from Real Users

Kamran Siddique, VP Information Security at boxed.com, remarks his company has seen a ROI while using Wiz, as it simplifies the process by integrating multiple useful tools into one solution.

According to a Senior Security Architect at Deliveroo, Wiz has given their company a fresh approach to vulnerability management, as Wiz's native integrations are extremely useful and paramount to the operational success of their platform.

Get a demo | Wiz

Wiz

Sample Customers

Information Not Available

ADP, Blue Cross Blue Shield, BT, USAID, Delta Dental, EDF Energy, EMC, HSBC, Johnson & Johnson

Wiz is the fastest growing software company ever - $100M ARR in 18 months: Wiz becomes the fastest-growing software company ever | Wiz Blog Discover why companies, including Salesforce, Morgan Stanley, Fox, and Bridgewater choose Wiz as their cloud security partner. Read their success stories here: Customers | Wiz

Buyer's Guide

Skybox Security Suite vs. Wiz

June 2025

Free Report: Skybox Security Suite vs. Wiz

Find out what your peers are saying about Skybox Security Suite vs. Wiz and other solutions. Updated: June 2025.

DOWNLOAD NOW

860,592 professionals have used our research since 2012.

See our Skybox Security Suite vs. Wiz report.

See our list of best Vulnerability Management vendors.

We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.