Picus Security Reviews

Name: Picus Security
Brand: Picus Security
Rating: 4.5 (6 reviews)

4.5 out of 5

6 reviews
100% willing to recommend

What is Picus Security?

Independent from any vendor or technology, the unparalleled Picus Platform is designed to continuously measure the effectiveness of security defenses by using emerging threat samples in production environments. Created by a team that’s been working together more than 10 years already and has proven their expertise in enterprise cybersecurity, Picus is trusted by many large multinational corporations and government agencies.

Get the Picus Security Buyer's Guide and find out what your peers are saying about Picus Security, Pentera, Cymulate and more!

Picus Security is the #3 ranked solution in Breach and Attack Simulation vendors. PeerSpot users give Picus Security an average rating of 9.0 out of 10. Picus Security is most commonly compared to Pentera: Picus Security vs Pentera. Picus Security is popular among the large enterprise segment, accounting for 64% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 21% of all views.

Helped 861,170 peers since 2012

Featured Picus Security reviews

AkashDeshpandey

Cyber Security Consultant at GBS IT Services

I can simulate an attack into a live environment and test whether my controls are working properly. It checks if the controls can stop and mitigate the attacks One valuable feature of Picus Security is security control validation. It provides good reports and offers signature-based solutions. I…

Read full review

Mauro Restante

Cybersecurity Customer Service Manager and Technical Account Manager at Cybersel

The reporting and data analysis could be improved. Specifically, the analysis of the results. Along with the data analytics, Picus Security should improve its attack path validation feature. In future releases, I would like to see an adaptive analysis of the company's perimeter. The attack surface analysis feature would be a good point to introduce in the platform. Moreover, there is room for improvement in terms of scalability. Automating some processes could make it even better.

Read full review

erdemerdag

Cybersecurity Operations Engineer at a tech services company with 201-500 employees

According to the attack vectors, you cannot specify which product is failing or which product is working well because there's no agent. The best case scenario is to add an agent solution where an agent would have the ability to actually detect which programs aren't working. For the attack software, you put a peer on the cloud site, and you have another peer internal network. There is IPS, firewall, WAF, and DBS amongst these peers. The cloud's peer is trying to send the attack file to the internal network. Maybe the firewall is blocking it, maybe the IP, maybe the WAF, but you cannot see the details. You can say, "Yes, my security product is blocking that attack scenario," or, "I cannot block this attack."

Read full review

Picus Security mindshare

As of July 2025, the mindshare of Picus Security in the Breach and Attack Simulation (BAS) category stands at 17.8%, down from 18.0% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Breach and Attack Simulation (BAS)

PeerResearch reports based on Picus Security reviews

Type	Title	Date
Category	Breach and Attack Simulation (BAS)	Jul 11, 2025	Download
Product	Reviews, tips, and advice from real users	Jul 11, 2025	Download
Comparison	Picus Security vs Cymulate	Jul 11, 2025	Download
Comparison	Picus Security vs Pentera	Jul 11, 2025	Download
Comparison	Picus Security vs Akamai Guardicore Segmentation	Jul 11, 2025	Download

Title	Rating	Mindshare	Recommending
Pentera	3.9	29.3%	100%	10 interviews Add to research
Cymulate	4.3	21.7%	100%	5 interviews Add to research

Valuable Features

Picus Security's most important features include vulnerability detection, threat intelligence, security control validation, and comprehensive integration. Users benefit from real attack simulations without affecting production systems, allowing them to manage and configure firewalls, IPS, and WAF. Customizable attack executions enable adaptation to specific environments. Detection capabilities extend to alarms and logs from SIEM tools. Threat intelligence assists in blocking and preventing attacks by identifying malicious files and providing threat IDs. Comprehensive network, endpoint, and email vector coverage offers a complete security approach.

"It provides good reports and offers signature-based solutions."
"The most valuable feature of Picus Security is its threat intelligence, providing suggestions to block and prevent attacks by identifying malicious files and providing threat IDs."
"The most valuable feature of the solution is its integration capabilities with the other security tools."

Room for Improvement

Picus Security users highlighted the need for precise identification of attack bypass locations and enhanced patching capabilities. They noted a lack of integration options and called for improved data analysis and attack path validation. Scalability and automated processes were also areas of concern. Some felt that the company needed a local data center in India and faster customer support response times to improve trust and market presence.

"There is room for improvement in the response rate provided by customer support."
"To improve, Picus Security could consider establishing a data center in India to address trust issues and increase interest from Indian customers."
"The amount of integrations that the product can handle is an area of concern, making it one of the aspects where improvements are required."

Pricing

Enterprise buyers find Picus Security's pricing fair and in line with market competitors. Pricing varies based on regions, use cases, applications, and yearly licenses correlated to the number of vectors deployed. Distributors may adjust prices, with possible discounts available due to regional customer acquisition efforts. Overall, the pricing is considered moderate, scoring around seven out of ten, and is viewed as offering good value for money.

"There is a yearly license according to the number of vectors. The pricing is moderate."
"They have certain price ranges for their products, depending upon the use cases, and the number of applications the customer wants to try."

Popular Use Cases

Picus Security is primarily utilized by clients in the Middle East for validating security controls and assessing infrastructure strength. It offers breach and attack simulation, enabling verification of network security through simulated attacks and prevention measures such as URL bypass blocking. Clients use it for continuous security validation, both on-premises and in cloud environments, to ensure controls effectively stop and mitigate attacks. Military clients and companies simulating network security scenarios benefit from its frequent dictionary updates.

Service and Support

Picus Security excels in customer service and support, consistently receiving high ratings. Their support team is described as responsive and highly available, with quick resource assignment. Although they offer effective technical assistance, reaching support can be challenging due to time differences, as assistance primarily comes from the US and UK. Users suggest enhancing local support presence and speeding up response times. Overall ratings average between 8 and 10 out of 10.

Deployment

The initial setup for Picus Security is described as straightforward and well-documented. Users find it easy with the assistance of detailed guidance and support. Configuration can sometimes be complex due to the need for customer-specific network design choices, involving different segments like cloud and internal networks. Deployment is generally quick, often taking just one day, and most users rate the process highly. The installation typically requires minimal personnel, enhancing simplicity and efficiency.

Scalability

Picus Security's scalability is highly rated, supporting installation on multiple servers to distribute attack traffic effectively. It is deemed suitable for both large and medium-scale infrastructures. Users highlight the platform's capability to support different use cases through various agents, though some still require manual configuration. The scalability receives strong praise with little noted limitations, serving both enterprise and SMB markets effectively.

Stability

Picus Security is highly stable, performing well on Linux systems, with management servers on CentOS. Users report minimal issues, including some capacity problems and minor bugs, but describe it as highly reliable, often rating stability nine out of ten. As a next-generation platform, it's trusted by those prioritizing security, requiring reliable internet, and some prefer on-premise deployment for privacy. Bugs are scarce, and stability is a strong point praised by many.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Picus Security Buyer's Guide for additional reliable information.