Vanta vs Wiz comparison

Read 21 Wiz reviews

4,798 Views
3,571 Comparison Views

100% willing to recommend

Vanta

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jan 2, 2025

Wiz and Vanta compete in the cybersecurity platform market, with Vanta having an advantage in compliance features and Wiz strong in cloud security.

Features: Wiz offers advanced cloud workload protection, real-time visibility for threat detection, and Security Graph for risk prioritization. Vanta provides automated compliance management, prebuilt control frameworks, and real-time API integration for compliance integrity.

Room for Improvement: Wiz could improve on-demand scanning clarity and better explain scanner functions. Enhanced agentless operations would aid Wiz's multi-agent approach. Vanta would benefit from smoothing occasional API integration difficulties and expanding compliance support across more platforms.

Ease of Deployment and Customer Service: Vanta features efficient deployment and dedicated service for seamless compliance onboarding. Wiz offers flexible deployment with strong support for cloud configurations. Vanta's focus is compliance onboarding, differing from Wiz's cloud-centric approach.

Pricing and ROI: Wiz's competitive pricing suits complex cloud environments with positive ROI for cloud-focused companies. Vanta's higher costs align with its automation capabilities, yielding substantial ROI through resource efficiency and compliance upkeep.

To learn more, read our detailed Vanta vs. Wiz Report (Updated: April 2025).

Vanta vs. Wiz

Download the complete report

Helped 849,686 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Vanta

Ranking in Compliance Management

4th

Average Rating

8.4

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

Compliance Consulting (1st), Data Governance (13th)

Wiz

Ranking in Compliance Management

1st

Average Rating

9.0

Reviews Sentiment

7.6

Number of Reviews

Ranking in other categories

Vulnerability Management (1st), Container Security (2nd), Cloud Workload Protection Platforms (CWPP) (1st), Cloud Security Posture Management (CSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (2nd), Data Security Posture Management (DSPM) (2nd), Cloud Detection and Response (CDR) (1st)

Mindshare comparison

As of May 2025, in the Compliance Management category, the mindshare of Vanta is 11.9%, down from 22.1% compared to the previous year. The mindshare of Wiz is 30.0%, up from 19.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Compliance Management

Featured Reviews

Anupam Dutta

Team Lead- Sr. Linux administrator-Kubernetes-DevOps at ExpressRCM

Helps us maintain compliance with standards like SOC 2 and various data policies, but the customer support needs improvement

It helps us track the compliance of the components listed in our partner's directory. We can also check if the password manager, XML, and three log policies have been properly implemented on the desktop. We use JEM Cloud, which is a SaaS solution, and sometimes it experiences access issues. With Vanta, we can work on resolving these issues and ensuring policy compliance. Vanta also helps us maintain compliance with standards like SOC 2 and various data policies, which are essential for our documentation and communication requirements, ultimately ensuring enterprise software policy compliance. In my role, which primarily involves IT responsibilities, I often deal with various policies. There are instances where specific policies, especially those related to quality, may not be implemented correctly. This primarily occurs with mainframes and devices owned by particular users. In such cases, Vanta helps us enable these policies on the devices and assign them to the relevant users. It also highlights when certain policies, such as version 86.x, are not assigned through SAP. Vanta provides guidance on configuring and mitigating these issues. Additionally, it helps us with GitHub account provisioning and deprovisioning, as well as managing GitHub and Google Workspace Flex. We also use the 1Password password manager, which Vanta assists in overseeing.

Read full review

Pietro Villivà

Business Line Manager at S2E

Useful for security assessment and maintaining correct security posture

The tool keeps improving on a weekly basis. Wiz enters into a lot of partnerships with other technologies. I don't have any idea about the improvements needed in the tool at the moment. For me, Wiz is a very complete product, but it is not the perfect one. Other technologies are better for our customers' specific use cases. A possible way to grow the tool is by introducing new functionality or features. In the future, the tool can introduce an on-prem infrastructure or platform. Not having an on-prem version can be an obstacle for customers who have a large workload in an on-prem environment. The onboarding can be done in five minutes or five to ten minutes. Then, there is the configuration, and it depends on the type of the use case of the customer. There is a customer that has simple use cases for whom the onboarding can be done in four to eight hours a day. If there are some customers with a lot of use cases and a lot of different cloud providers, more time is needed. In general, we don't need more than five days to deploy the tool, even in the case of a very complex architecture and hybrid cloud environment. To deploy the tool, we need to have access to the account of the customer, and Wiz is a stuff that we need to make with the customer. We do the onboarding together. The customer creates the correct authorization in the cloud platform and gives us the key to connect to the platform, and then the platform connector starts and begins to collect information.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable feature of Vanta would be the time savings from the automation and the continuous compliance monitoring once set up."

"The most valuable feature of Vanta is its prebuilt control frameworks."

"Task management and vendor assurance are the most valuable features. It is also an easy tool to use."

"They integrate into New Relic as a performance monitoring tool."

"It helps us track the compliance of the components listed in our partner's directory. We can also check if the password manager, XML, and three log policies have been properly implemented on the desktop."

"The product has provided automated security controls for our cloud provider. It helps to automate security checks. Vanta offers a list of things that can be done to achieve ISO 27001 compliance."

"The first thing that stood out was the ease of installation and the quick value we got out of the solution."

"A valuable feature is that Wiz helps in identifying vulnerabilities."

"Wiz offers greater visibility and more in-depth findings in terms of configuration, misconfiguration, and vulnerabilities."

"The security baseline and vulnerability assessments is the valuable feature."

"The automation roles are essential because we ultimately want to do less work and automate more. The dashboards are easy to read and visually pleasing. You can understand things quickly, which makes it easy for our other teams. The network and infrastructure teams don't know as much about security as we do, so it helps to have a tool that's accessible and nice to look at."

"The product's most valuable feature combines different contexts and attributes to produce highly confident alerts."

"The most valuable feature of Wiz is that it keeps information up to date without needing to perform scans or schedule maintenance windows. It provides a fresh snapshot of our vulnerability metrics."

"The tool is very powerful in nature."

More Wiz pros

Cons

"Scalability could be improved."

"The main area for improvement in Vanta is the user interface's refresh rate."

"Currently, Vanta's user access review module is still in development, and we've been giving them continuous feedback to help them improve that."

"There is a delay with customer support and they are unsure of the answers we need."

"They have an AI generator for the system description for SOC 2, however, the outline is a little sketchy."

"Some of the tool's automated tests do not work the way it should."

"Wiz's reporting capabilities could be refined a bit. They are making headway on that, but more executive-style dashboards would be nice. They just implemented a community aspect where you can share documents and feedback. This was something users had been requesting for a while. They are listening to customer feedback and making changes."

"The solution's container security could be improved."

"In Wiz, if there is one vulnerability that occurs multiple times, it is listed only once. However, even if it is a single vulnerability in the same category, it repeats multiple times. This feature can be time-consuming as it requires continuous scrolling."

"Not having an on-prem version can be an obstacle for customers who have a large workload in an on-prem environment."

"Given the level of visibility into all the cloud environments Wiz provides, it would be nice if they could integrate some kind of mechanism to better manage tenants on multiple platforms. For example, let's say that some servers don't have an application they need, such as an antivirus. Wiz could include an API or something to push those applications out to the servers. It would be great if you could remedy these issues directly from the Wiz platform."

"One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging."

"The only thing that needs to be improved is the number of scans per day."

"The reporting isn't that great. They have executive summaries, but it's only a compliance report that maps all current issues to specific controls. Whether you look at one subscription or project, regardless of the size, you will get a multipage report on how the issues in that account map to that control. Our CSO isn't going to read through that. He won't filter that out or show that to his leadership and say, "Here's what we're doing." It isn't a helpful report. They're working on it, but it's a poor executive summary."

More Wiz cons

Pricing and Cost Advice

"Vanta is expensive."

"Regarding pricing, it’s more than $100k because we have a very big infrastructure. Our environment supports around three thousand people, and we offer business-to-client financial services to around one million clients, so we rely heavily on Wiz."

"The pricing is fair and comparable to their competitors. The cost seems to be going up, which is a concern. There are potential savings from consolidating tools, but we're uncertain how Wiz's pricing will change over time."

"The cost of the other solutions is comparable to Wiz."

"The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing."

"Wiz is a moderately priced solution, where it is neither cheap nor costly."

"Based on the features and capabilities, the product pricing seems reasonable."

"If one is cheap and ten is expensive, I rate the tool's price as a five out of ten."

"The pricing seems pretty simple. We don't have to do a lot of calculations to figure out what the components are. They do it by enabling specific features, either basics or advanced, which makes it easy to select."

More Wiz pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Compliance Management solutions are best for your needs.

See recommendations

849,686 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

23%

Financial Services Firm

University

Comms Service Provider

Financial Services Firm

15%

Computer Software Company

15%

Manufacturing Company

10%

Healthcare Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about Vanta?

The most valuable feature of Vanta is its prebuilt control frameworks.

What needs improvement with Vanta?

Every product has a lot of areas to improve. They have an AI generator for the system description for SOC 2, for example, however, the outline is a little sketchy. The system description has to hav...

What is your primary use case for Vanta?

We're trying to get SOC 2 compliance, and we're trying to get HIPAA compliance.

What do you like most about Wiz?

With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment.

What is your experience regarding pricing and costs for Wiz?

This feedback is not based on much experience yet, as we have only conducted POV or POC.

What needs improvement with Wiz?

I have not measured certain abilities on a scale yet. The ultimate value depends on the requirements of your organization.

Microsoft Purview Data Governance vs Vanta

Comparisons

Drata vs Vanta

Compared 29% of the time

Sprinto vs Vanta

Compared 18% of the time

Thoropass vs Vanta

Compared 9% of the time

Compared 8% of the time

Microsoft Purview Compliance Manager vs Vanta

Compared 7% of the time

More Vanta Competitors

Prisma Cloud by Palo Alto Networks vs Wiz

Compared 13% of the time

Microsoft Defender for Cloud vs Wiz

Compared 8% of the time

Orca Security vs Wiz

Compared 7% of the time

Snyk vs Wiz

Compared 5% of the time

CrowdStrike Falcon Cloud Security vs Wiz

Compared 5% of the time

More Wiz Competitors

Product Reports

Compliance Management

Download Vanta product report

Download Wiz product report

Overview

Vanta helps companies scale security practices and automate compliance for the industry’s most sought after standards - SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR, and CCPA.

Vanta

Wiz is a highly efficient solution for data security posture management (DSPM), with a 100% API-based approach that provides quick connectivity and comprehensive scans of platform configurations and workloads. The solution allows companies to automatically correlate sensitive data with relevant cloud context, such as public exposure, user identities, entitlements, and vulnerabilities.This integration enables them to understand data accessibility, configuration, usage, and movement within their internal environments.

Wiz's Security Graph delivers automated alerts whenever risks emerge, allowing teams to prioritize and address the most critical issues before they escalate into breaches. Furthermore, Wiz ensures rapid and agentless visibility into critical data across various repositories, enabling organizations to easily determine the location of their data assets.

Wiz Features

Wiz provides various features in the following categories:

Agentless Scanning: The solution can scan every layer of a cloud environment without requiring agents, managing the entire process and providing comprehensive visibility.
Workflow Integration: Users can create customized workflows within Wiz to identify and assign actions based on urgency, integrating them with ticketing systems for quick and efficient remediation.
Vulnerability Management: Wiz's vulnerability management modules provide detailed analytics and visibility across cloud systems, streamlining the manual process of vulnerability discovery. The automated attack path analysis helps identify risks and trace potential points of exposure, allowing users to understand and mitigate them effectively and proactively.
CSPM (Cloud Security Posture Management): Wiz's CSPM module offers instant visibility into high-level risks to an enterprise’s cloud environment, covering all accounts without the need for agents.
Out-of-the-Box Reporting and Custom Queries: The service supports comprehensive reporting with asset context, allowing users to perform complex custom queries on the solution’s user-friendly interface.
Automation Roles and Dashboards: The solution facilitates automation by providing essential roles and dedicated dashboards that enable teams to understand security information quickly, even those with limited expertise.
Contextual Risk Evaluation: The service contextualizes the various components contributing to an issue, providing a risk evaluation framework that helps prioritize remediation efforts.
Security Graph and Visibility: Wiz's security graph offers visibility across the entire organization, even with multiple accounts, enabling users to understand their environment and assets effectively.

The Benefits of Wiz

Wiz offers the following benefits:

Comprehensive agentless scanning
Effective identification and mitigation of vulnerabilities
Streamlined vulnerability management
Robust reporting capabilities and customizable queries
Enhanced automation and role-based access control
Prioritized risk evaluation for efficient remediation
Security posture across multiple accounts

Reviews from Real Users

Kamran Siddique, VP Information Security at boxed.com, remarks his company has seen a ROI while using Wiz, as it simplifies the process by integrating multiple useful tools into one solution.

According to a Senior Security Architect at Deliveroo, Wiz has given their company a fresh approach to vulnerability management, as Wiz's native integrations are extremely useful and paramount to the operational success of their platform.

Get a demo | Wiz

Sample Customers

Care Directives, Shortcut , Nayya, Heizenrader, Treasury Prime

Wiz is the fastest growing software company ever - $100M ARR in 18 months: Wiz becomes the fastest-growing software company ever | Wiz Blog Discover why companies, including Salesforce, Morgan Stanley, Fox, and Bridgewater choose Wiz as their cloud security partner. Read their success stories here: Customers | Wiz

Vanta vs. Wiz