Wiz Reviews

My use case for Wiz is basically for overall security, focusing on vulnerability management, infrastructure security, and application security, all of that combined. I have my AWS accounts where I run multiple services, so that's where I'm utilizing Wiz to the core optimum, utilizing all of its capabilities. Even as an inventory management tool, I think it has been really helpful because it keeps a record of every change, making it very functional.

Wiz has helped me consolidate some tools, as it is not just doing the job of the security tool alone. It has good inventory management, good vulnerability management, and we do not need to invest in multiple tools. All aspects such as infrastructure, application, vulnerabilities, and the regular security scoring patterns are in-built into Wiz along with the inventory manager, which has helped us reduce one or two tools here and there.Wiz has reduced alert fatigue in my organization, as it is very accurate in terms of reporting the issues, which has definitely improved, and I don't see a concern.

The best features of Wiz that I appreciate the most include trends of security, such as how we have been getting issues reported and how frequently we are closing them, along with the capabilities to notify a user and a channel on Slack, which have all been really helpful beyond just doing its main job as a security framework.The extent to which the Wiz runtime sensor has helped identify active threats more effectively compared to other solutions I've used is significant, as it refreshes based on a schedule in terms of the latest findings. It has been pretty effective for our use case, as I keep checking for anything new reported there. We also have a ticketing mechanism attached to it, so as soon as a security issue is figured out, it creates a ticket on Jira, allowing us to keep track of issues, and it is pretty responsive in terms of catching the latest issues.Wiz has helped me achieve zero criticals in issue queues, as it detects a range of issues whether it is the end of life of a product or an actual security issue, such as an exposed port or a compromised service.

In Wiz, the areas that have room for improvement would include some autonomous capabilities, such as having an agent declare where, since we are in the era of AI, it can auto-solve some low or medium alerts. High and critical issues would still need manual handling, but some level of alerts being handled autonomously would be good. More or less, Wiz is doing well, but the false alerts at random times would be another area for improvement. I would also appreciate seeing it go deeper on the security aspect, expanding beyond just infrastructure and application to include potential issues stemming from APIs, as currently it focuses more on the infrastructure pieces. Having more visibility in API endpoints, microservices, and application code running on the infrastructure would be beneficial.

I have been using Wiz for the past 18 months.

The stability of Wiz has been good, with no downtime, bugs, or glitches. Just today I was not able to load it, but I wouldn't blame it that much as I have always been able to access the application when reaching out. I would rate the stability out of 10 as about nine or 10.

Wiz is scaling well for our use case, so I would rate scalability a 10 out of 10.

I would rate technical support as about nine, as we had a couple of cases where the responses were delayed quite a bit, but apart from that, they have been spot on.

Positive

I cannot name the vendor I used previously, but the reason for switching to Wiz was the added features that we were getting, which offered more control on cloud security.

The deployment process of Wiz was easy and not complex. It was fairly straightforward, honestly. The internal configurations took time due to the different applications we have, but I don't think there was any delay from the Wiz side.It took about three to four weeks to deploy Wiz, as the time taken was more about how we wanted to structure the projects and boxes inside Wiz from our perspective. We were operational from the first week and integrated with SSO projects by the third or fourth week.

The integration capabilities of Wiz were generally seamless, although we had some complications with Oracle accounts. Integration with AWS was pretty straightforward, but with Azure and Oracle, Oracle had some limitations regarding what it could report to Wiz. However, I think there was some more fine-tuning and adjustments done by the Wiz team to ensure Oracle could also be onboarded correctly, so that worked out.

The purchase of Wiz was a direct purchase rather than through the AWS marketplace or a partner purchase.

My thoughts on the pricing of Wiz is that for our use case, it has been moderate, as I was using a different tool earlier, so it's not been a very large jump. I would say it resides in that moderate zone, and it's not something that raises eyebrows, so I think we're good.

I would say Wiz is in the top tier, and it might just be the leading product as well. While there are a couple more products out there, I think Wiz is definitely leading the course at this point.

I have created some custom dashboards, charts, and counters, and I have created some custom reports that are sent out, including a lot of widgets for my reporting of all the accounts that I have. I have almost seven to eight accounts where very large workloads are running, and in total, there are almost 20 accounts, so it gives a very good view to summarize all of the accounts in one place.My business is a medium enterprise with about 5,000 employees.The maintenance of Wiz is fairly easy, with a few people looking into it, but it's not as though their whole time is dedicated to Wiz, which is a good part.I absolutely recommend Wiz to other users because of its ease, features, and user-friendliness, allowing anyone to come in, configure all the things they want out of Wiz, and start using it. There is no doubt about that. I would rate this review an 8 out of 10 overall.

Public Cloud

Amazon Web Services (AWS)

We use Wiz to monitor cloud security across Azure, Oracle OCI, and Google GCP cloud environments. With Wiz implementation we aim to eliminate the security team from security findings communication and triage and allow development, cloud and infrastructure teams direct access to security configuration findings - saving time for everyone involved.

The client has around over 2000 workloads in Azure, and more than 200 in Oracle OCI, as well as small cloud presence in Google GCP.

For the initial deployment, we aim to enable good visibility across all cloud platforms (width), as well as across different levels of visibility (depth) by employing CSPM, CIEM, DSPM, EASM, CDR and other capabilities offered by Wiz. 

Going forward, we plan to implement cloud forensics feature, as well as integrate it into our CI/CD pipelines and code repositories for preventative capabilities.

The integration is still in its early stages, and I will continue to update this report as we move forward. That being said, everything has been excellent so far!

Wiz helped to detect multiple virtual machines in Azure and Oracle OCI cloud environments that had problems, including crypto-miners and malware. Furthermore, Google GCP usage in the company was discovered by Wiz, which the other two CNAPP tools we've tested have missed. 

We also discovered credentials stored on the disk of a virtual machine in the test/dev environment, which could potentially provide access to parts of other cloud environments if compromised (allow lateral movement).

We can confidently say that we now see the full picture of risk across our cloud environments, including internet-exposed, vulnerable (unpatched) and misconfigured cloud assets, as well as sensitive data stored in those cloud assets.

We're currently going through the process of user onboarding to enable time savings for security team and streamline the time to take action to remediate the findings.

The time savings and the many moments of "if I was building a CNAPP, this is how I would do it" were where Wiz had already implemented what I wished for. Wiz also saves time by validating a network misconfiguration by not only looking at the cloud asset configuration but also by testing if a port that is stated to be open is actually open.

The Wiz product team recognises that the world doesn't revolve around Cyber Security teams. This is evident in their emphasis on providing clear and simple remediation advice and offering explanations of the alerts, making it easy for non-security team members to understand what’s happening and why. This was one of the key criteria why Wiz has been selected over the competitors.

My favourite is the EASM/External Exposure view and overall package - full risk visibility. It allows us to prioritize, and I mean truly prioritize, what should be addressed first. We can now see cloud workloads exposed to the internet in case of critical vulnerabilities, and if these workloads hold or can access sensitive data, we can act fast and patch these workloads first, and therefore reduce our overall risk exposure time.

Another favourite feature is the ability to give feedback and quickly raise a support case, as well as the comment option for each finding in Wiz web portal. It enables simple, yet effective collaboration between security, cloud, infrastructure and development teams.

It's too early to tell what can really be improved. However, we noticed some capabilities that were lacking, specifically ignoring some false-positive Issue findings. The good news - with the latest update, this has been resolved.

The built-in reports have room for improvement, especially the executive summary reports. However, this is compensated by the excellent Dashboards available in Wiz web portal.

Overall, nothing is majorly lacking, and so far, all issues we encountered have been addressed with a few outstanding ones that are pending for a feature release.

I have been using this solution since June 2024. 

With two main cloud platforms fully onboarded, the integration project is still ongoing.

The solution is very stable. We observed a case where some of the newly introduced built-in policies caused minor discrepancies in the alert count, but the Wiz support team promptly resolved the issue.

So far, so good! No issues were observed in scalability.

Support is excellent. We had 10 to 15 TAC cases open; most are addressed, and few that remain open have updates and a clear path towards resolution.

Positive

Previously, I used Check Point's CloudGuard (while it was still called Dome9), Prisma Cloud by Palo Alto Networks, and Microsoft's Defender for Cloud (since 2020, when it was still called Azure Security Center). I have also tested Orca Security CNAPP solution in a PoC setting for about a month.

The setup is straightforward. There were no issues with either cloud connector that I used (Azure, OCI and Kubernetes).

I am a consultant working on this integration - HLD, LLD, integration itself, policy review/triage of findings, and user training/onboarding. The support team has been great! From sales to customer success - it has been a smooth ride. 

The main ROI will be the time savings from not needing to write a basic remediation advisory for the dev team and then send/track it using email.

The sizing script provided by Wiz is fairly accurate. The support team will help you accurately identify the licensing needs. We've done it, and it is spot-on.

We evaluated two other CNAPP solutions.

So far, I really like the solution and the team supporting our integration.

While it's quite early for a full review, we already have the key parts functionality deployed, and I will be updating this review once the integration is finalized next year (code security for CI/CD, cloud incident response and forensics, and automation of preventative capabilities remains on our to-do list).

Disclaimer: I received a typical customer "swag" package (jumper, backpack, thermal cup) from Wiz, but I can confidently say it had no influence on the content of my review of the CNAPP solution.

Public Cloud

Microsoft Azure

I lead and manage our vulnerability management and threat intelligence program so relying on having quick visibility, coverage, comprehensiveness, and depth is an absolute benefit; Wiz agentless deployment and scaling give us that quick use CVE-based vulnerability scanning, detection, continuous monitoring, threat intelligence, and risk prioritization with little to no downtime or impact to availability. Lastly, the CSPM, threat-intelligence, and dashboard capability within Wiz gives leadership quick and efficient reporting on our overall risk in the cloud.

I believe the genius of Wiz is that, as we move towards a more zero-trust approach to cybersecurity, we can avoid using agents, which can be intrusive and difficult to manage. Furthermore, granting an agent full read rights access to our endpoint is not always the most secure, least privileged approach. I appreciate how Wiz can take a snapshot, scan it, and deliver results without affecting our workloads. Working with Wiz is great because it eliminates the need for staging and production environments. When we can't pick a snapshot-like reproduction environment right away, it does not have any impact.

We went from 1,000 to 10,000 employees after merging with a large company and purchasing another. Prior to this, it was like the Wild West. With Wiz, we were able to set up quickly and have visibility into our cloud workloads and environment. This has been incredibly helpful in reducing our attack surface and allowing us to prioritize risks. Wiz significantly lowered our risk and caused little to no disruption which is quite amazing.

It is extremely important for our organization to have visibility into our risk detection with a contextual view for prioritizing potential critical risks. When companies try to approach this single pane of glass from a risk perspective, it is essential to be able to share this information with stakeholders and non-technical people, such as the president, CFO, or other C-level personnel. I believe it is possible to share our cloud posture and risk overall within a five-minute presentation.

With the deep coverage and visibility that Wiz provides, we need more resources. It's clear that we have a lot of issues to address and we need to be careful and strategic in how we roll out solutions so that we don't overwhelm the business. Wiz has been helpful in determining our needs and getting us the resources and people we need.

Remediation is currently a manual process. Because the automation workflow within the tool is lacking, we have a remediation webinar to help. I still recommend and suggest that Wiz build it within the tool itself and not depend on manual processes. I have created an SOP to review and share findings, but it is a tedious process and can take up a lot of time. We are not yet in an optimized automated state and the tool and procedure are not there yet. However, Wiz does help and I have set up projects to help with organization and remediation workflow. The security personnel I work with have been pleased with the results, as I can provide a link to the issue and we can review it together. I usually have biweekly remediation calls and internal SLAs to track the ticket creation of the finding to when it is remediated. I find it useful to use that feature within the solution. Wiz allows us to go into the issue and assign a due date, which is very helpful. It would be great to have our own remediation board within Wiz, more like a dashboard.

There are many different features within Wiz that are valuable in their own right. I believe the best features are cloud security posture management, threat intelligence, and risk prioritization. This combination is my favorite aspect of Wiz. There are very few false positives. Wiz does an excellent job of leveraging their threat intelligence and distinguishing issues from findings to prioritize their risk. Having threat intelligence as part of our overall cloud posture management, cloud configurations, CVEs, and CWEs helps to prioritize our inherent and residual risk to the business. Wiz does not try to make actions overly complex, so even a non-technical person can take a webinar and understand the basics of how it works. The solution is very user-friendly.

I like the security graph feature, and being able to start with a dashboard. I am a fan of drilling into the dashboard, and I love how the solution handles different technologies. If we go to Wiz's inventory, they have their work, visibility, and coverage of technologies, as well as how they prioritize external exposures, cloud entitlements, containers, overall vulnerabilities, malware findings, and so on.
I really appreciate the visibility and the way the security graph lays out the risks. When we join the security graph, we can get very detailed and granular information. I like how I can drill into an issue, for example, if I want to look at a critical finding. I can look up fields in my query for all the hits and interact with the security graph and those expressions easily. It's a very digital footprint, root cause analysis type of interaction. I like that element of the security graph. We can get very specific, elaborate, and add to it. Whether we just want to look at the security graph level or drill into the issue specifically, it gives us a detailed footprint of the attack. It's pretty cool.

Wiz is trying to get into File Integrity Monitoring and it would be nice to set up what they call 'alert profiles' in their dashboard. For instance, if they had a threshold of a hundred images or files within a Docker container, image, or files within a particular workload that has been deleted within one minute, this could be an Indicator of a compromise of ransomware or something else. We typically don't think of this in the cloud, but the same rules apply as they would on-premise. It would be beneficial for Wiz to expand into this space and set up alert profiles for thresholds that indicate areas of compromise.

The remediation workflow within Wiz could be improved. For example, Rapid7 has done this well with InsightVM, which they call goals, SLAs, and projects in their remediation workflow. It would be beneficial to have a remediation tab that focuses on the visibility and coverage of findings, as well as an automated remediation workflow. This would save time, as it would not require creating tickets in Jira or going to another place. If these two can be done, it will be very helpful for the user, the person administering the tool, and the developers who need to fix the findings and issues.

I have been using Wiz for almost one year. Six months of that was proof of concept, and now in my current role, four to five months.

We have not encountered any issues with Wiz since I have been here, and it remained stable with no downtime or changes required. I give the stability a ten out of ten.

I am a great admirer of scalability. Wiz scales very well. The only potential obstacle to perfect scalability is probably in the remediation workflow space. The product's availability is excellent. The scalability is almost there. However, by focusing on the remediation automation workflow, goals, SLAs, and projects, we can get Wiz to scale quite well. I give the scalability a nine out of ten.

The technical support is good. The only improvement I would suggest is that Wiz should make their information more publicly accessible, rather than requiring users to have a console account in order to access the portal. This can be an extra step for SREs who do not need to use the tool but still need to access the documentation. It would be helpful to have public documentation that can be accessed by anyone associated with the domain.

Positive

At my previous company, I used Aquasec and Prisma. When I joined my current organization, they were using Wiz.

The initial setup could not be more straightforward. 

We saw the value of Wiz right away. We had onboarded a company we had purchased within three weeks and set up Terraform, AWS, Kubernetes connectors, and BS connectors. We also created a staging environment and a production environment. I was working with SRE to manage posture and address CV-based vulnerabilities that we were seeing. Thankfully, Wiz had a great zero-trust approach and the solution was really good.

The deployment was completed by myself, an SRE engineer, and an SME from Wiz.

We have three different business units. Within those three business units, we have 341 containerized application endpoints. Our next step is to get these onboarded into Wiz, which will be a big project due to the number of applications and workloads. For Prism, the resources we have for both Azure and AWS for our core applications and Namely are all set and ready to go.

The implementation was completed in-house.

Now, with any organization, security is a cost center. However, with the model I suggested, we turn our global cybersecurity team into a service model. This is one of the service offerings we have for our cloud environments. The return on investment is not just a cost to the business, but rather, we provide visibility and coverage of the risk and its potential impact. If this particular issue became a security incident, it would have an operational and financial impact. Ultimately, who is the cost center? By providing a cybersecurity service internally to our customers, we can show them the return on investment. This is not just a cost, but a way to improve our overall security posture. We often say in security, "It's not if, it's when a breach happens." Therefore, it is important to be proactive rather than reactive, which will bring a return on the investment.

I wish the pricing was more transparent. We are in the discovery phase of onboarding other business units and looking at what our pricing looks like. Wiz is agentless and goes based on our projects and resources, so it is good in terms of pricing compared to others. There is room for improvement on our pricing models, so it would be nice if Wiz could share the price beforehand rather than onboarding and then having pricing based on utilization. Despite this, the pricing is fair given the capabilities and features that Wiz offers, as competitors are not doing this at the same level yet.

We evaluated Prisma Cloud by Palo Alto Networks and Aqua Cloud Security Posture Management. In an effort to achieve a single pane of glass, Wiz is the closest to doing that, which is a difficult task. Wiz does this through their security portfolio. Cisco also accomplished this with Cisco SecureX, a unified dashboard and single pane of glass.

Wiz has done a great job of being transparent about their roadmap and capabilities. They are not over-promising on delivery, which is important. In contrast, Aqua had a single pane of glass, but they moved on from one feature or module that wasn't perfected before moving on to something else, resulting in issues. Wiz does a good job of balancing the need to make money in the market and keep up with the times. Wiz is taking a slow and steady approach to winning the race. This is a major difference compared to other solutions. Additionally, Wiz's risk prioritization and user-friendly interface are impressive. From a design perspective, Wiz is trying to keep things as simple and organized as possible, which is very much appreciated by someone managing and running the tool for a vulnerability management program.

I give Wiz a nine out of ten. If Wiz can figure out the remediation workflow, I would put the solution close to a ten out of ten.

Although we are not able to consolidate tools with Wiz yet, the solution is getting there. It is on Wiz's roadmap. We will deprecate our SaaS and SCA offerings once Wiz rolls that ability out by the end of the year.

Very rarely do people truly conduct a thorough proof of concept. Analysts from Gartner or Forrester may not fully understand individual environments, as each one is unique. To get a better understanding, we need to compare side-by-side, setting up Prisma, Aqua, and Wiz. It will become clear how Wiz is a leader in the space, both from a technical standpoint and from a high-level view. Additionally, other solutions often lack up-to-date documentation, whereas Wiz takes documentation seriously and has excellent documents and revisions. Furthermore, Wiz's portal is user-friendly and prioritizes risk, making it stand out from its competitors.

With any solution, we want to conduct a health check. We schedule health checks with Wiz every six months to ensure the solution is well maintained.

Public Cloud

Microsoft Azure

We use the solution as our cloud security platform.

We use Wiz across all of our GCP environments. We have approximately nine projects, around five thousand instances, and five thousand containers. As for AWS, it is relatively small; it consists of a few VPCs with around five hundred assets.

Wiz is the only security solution we use for our cloud platform. It scans data activity, potential exposures, and any efforts with overly wide permissions, especially when they involve semi-exposed ports of sensitive data. Wiz also tracks vulnerabilities, including zero-day vulnerabilities, and logs. We are taking advantage of the security graph and all its features to make it easier to track security across the board.

Wiz's ability to scan every layer of our cloud environment without any agents is why we have the ease of deployment that we can provide on the order level and view all the products, giving us a lot of value and immediate return on investment. Agents are required for certain use cases, such as blocking features or taking action immediately if something is not right, but we did not have that requirement. We created workflows to identify where the action is needed and integrated them with our ticketing system to assign appropriate urgency tickets, so the right team can work on it immediately.

Automated attack path analysis has been beneficial to us by helping us to identify what needs to be done when a vulnerability is discovered. It allows us to trace the attack paths from a potential point of exposure to the vulnerability and how it can be exploited. We can also determine how to mitigate the vulnerability, which is of great value from a remediation perspective.

Within the first two weeks of the deployment, we were able to limit all of our security issues in our production environment. We had been using another platform, but it lacked ease of use and we were not able to get all the details we needed. We replaced this solution with Wiz, and it allowed us to take action when an alert came in. We were able to drill down to the root cause and with the knowledge base that comes with it, we were able to fix issues and get rid of all our security issues. This was a huge value.

Having visibility into our risk detection with a contextual view to prioritize potentially critical risks is very important, as we do not have a large security or development team. If we were to receive twenty alerts, we would not have the capacity to address them all at once. Knowing the context of how this would impact the organization is of great value, as it allows us to tackle the most critical issues based on external exposure, exploitable areas, and the type of data behind the vulnerability. This context helps us prioritize, as all risks are not equal.

Wiz has helped us reduce blind spots in our restriction capabilities by 100 percent. We were running a tool that scanned for vulnerabilities, but we did not have an external exposure component or any context for it. We had just deployed the DSPM and were not able to look at many past levels. The tool we were using previously was just one ready assessment tool. Wiz adds a lot of value.

Additionally, since we have both e-commerce and SaaS, it is important for us to be compliant and isolated. Wiz makes this very easy as we are a hundred percent cloud-based. We can review our compliance and see all the efforts running in our cloud environment. If there are any controls that are not compliant with ISO software, we have set up learning on that and integrated it with IT and some tooling. This allows whoever needs to take action for their control to do so immediately, ensuring that we stay compliant.

I have limited resources in my department, but if I wasn't utilizing Wiz and used our old solution, I would need to acquire two to three more resources. Therefore, with Wiz, I can do all of the above with the existing resources instead of bringing on more tools and personnel.

The first thing that stood out was the ease of installation and the quick value we got out of the solution. I compared Wiz to two other products that we were sending to other clients for cloud security. We were able to get Wiz installed within a couple of hours for all of our cloud assets and we could see insights into our security posture within a couple of hours of the installation. Our DevOps team was very excited to see what they needed to work on. We addressed all the critical issues within two weeks of installing the solution.

The only thing that needs to be improved is the number of scans per day. We need to educate our auditors and ensure that scans are done more than once a day. If there is a vulnerability that is exposed, we can update it after the scan. We are currently scanning once a day, which is acceptable for UCSB. We are trying to figure out how to increase the frequency of the scans, as some universities do not wait a day before they know if something is exposed. Knowing earlier is always better.

I have been using the solution for six months.

We have not seen any outages with Wiz. The solution is stable.

Wiz is our e-commerce platform. That means we have approximately five hundred million impressions on our website per month, with around four million users.

This solution is very scalable; if I add resources to new accounts, they are automatically monitored. When adding a new account, no additional action is required; we don't even need to consider capacity, as it is already maximized.

Previously, we had an agent-based solution called Rapid7 which would alert us of any issues it identified. However, due to the outdated hardware, there was no context to the alerts, and we were overwhelmed. When I joined nine months ago, I noticed that the tool was being ignored and was a waste of money. Therefore, I began searching for a more effective solution that would provide context-based results without needing additional resources. We wanted something that would address real issues and provide five actionable alerts a day, with maximum outbound action taken if necessary. This is why we decided to switch to Wiz and discontinue the vulnerability assessment and API moderator tools.

Implementing Wiz was really easy - it took us less than two hours and could have been done in half an hour if we hadn't needed to run three scripts. We were able to enable it on the cloud and view the scripts. From a user perspective, we set up SSO for our engineers and integrated it with Jira and ServiceNow. Everything else was automated, including compliance controls and processes. We had two sessions with our customer service management team to learn how to investigate critical issues, exposures, and secrets stored in files. All in all, it took about a week to process, integrate, and get the platform running.

The initial setup was straightforward; we used the CAD tooling to run the scripts and followed the steps. We examined the scripts and used the original commands to implement Wiz, which took us about two hours. We had three people from the CA team, two people from the DevOps team, and one Wiz details engineer. From the implementation perspective, we had a DevOps engineer, a studio engineer, and a Wiz details engineer.

The implementation was completed in-house by our presales engineer and my DevOps engineer.

We have definitely seen a return on investment with Wiz. There are multiple ways that we are seeing this. Firstly, Wiz simplifies the process as we are now using one tool instead of two or three. Secondly, compliance is much easier as we can now get in-depth monitoring of controls from an ISO or software perspective. This would have previously required a full-time resource. Additionally, we now have more coverage with external exposure, cloud entitlements, vulnerability management, and malware detection. All of this is being managed with only one-quarter of a resource, whereas if we were to do all the same things without Wiz, we would have needed to add at least two team members and several different tools. This has resulted in a large return on investment, as we now have to keep up with software and ISO certification.

The cost of the other solutions is comparable to Wiz. We have credits that we can use for whatever features we need. We bought more than we needed because I wanted a customer success manager dedicated to our account. We have meetings with them every week and they help us with our roadmap and site plan. We bought more credits to make up for the minimum buy-in, but it still didn't exceed our budget. We got results with Wiz immediately; we installed it and met our goal during the four-week trial.

When we began searching for a replacement for Rapid7, we looked at Wiz, Lacework, and Datadog Security. After trying all three, we decided to settle with Wiz.

I give the solution a ten out of ten.

My self-management team is very cooperative. We have a set plan with them, and they help us to determine what the next steps should be. We have implemented certain items, and then they come back and suggest new features for us to consider. They educate us on how to take advantage of these features.

Prioritization based on the context is a big help. It helps us know what some of the tools we are using are and which ones are our production instances versus non-production instances where we don't have production data. If I have ten critical issues and only half a team member works on those issues, it's important that we know which one can cause the most damage and fix that first. 

I suggest running a trial of Wiz. It won't take much to set up the trial. We don't need to dedicate a team to implement it. Run a trial on one account and people will see the value right away. The ease of implementation and immediate insights will be noticed. Compare Wiz with other solutions to see if you are getting the same type of intelligence, contacts, space, and the whole path from service to underlying vulnerability or exposed secrets. 

Wiz can do what it would normally take us three tools to accomplish. The best thing to do is run a trial and the number of resources needed will be minimal. It's a one-day engagement and we can evaluate Wiz within two weeks of implementing it.

We have a stress manager and an engineer assigned to our account by Wiz, who are both very responsive. So far, we have not had to open a ticket for support.

The main reason to use Wiz is that its cloud security posture management makes it very easy to identify issues such as vulnerabilities, exposure, and exempted permissions. This helps us maintain best practices for our cloud environment and quickly identify risks. Without Wiz, we would need to use multiple tools and correlate the data to pinpoint the issue, then require a few engineers to work out a solution. With Wiz, we can quickly identify the problem, the solution, and how severe the issue is. This adds a great deal of value.

Public Cloud

The Primary use cases are within cloud security posture management, in which we identify misconfigurations and any type of what they call "toxic combinations" of risk and vulnerabilities that are affecting our cloud deployments.

In the last year we have enabled DSPM and expanded on CIEM use cases. 

In addition to the agentless functionality, we have deployed the Wiz Sensor and enabled Admission Controller in our Kubernetes workloads. 

We don't consider Wiz just a cyber security tool. What we have done is opened up the visibility to our cloud users. Now, our cloud users are able to see for themselves what is affecting their assets. It helps enable a shared model of responsibility for security. With the visibility that Wiz enables, our users are no longer receiving a report in the form of a spreadsheet. They're able to quickly see and navigate, and drill into anything, if they need to, to see what is affecting their environments. 

Now that we have given them visibility into what's running in production, through some of the capabilities available in Wiz, we are investing in how we can shift things and identify some of those issues earlier in the pipeline so that they don't have to worry about things after going to production.

In addition, the fact that Wiz is agentless and that it's leveraging APIs to give us visibility at the organizational or the account level, are factors that have definitely reduced some of the overhead that come with other technologies that use agents to attain the same results.

Another benefit is that it consolidates tools. We now have one tool that is capable of giving us vulnerabilities, not just on modern services or cloud-ready services, but also on traditional instances in which we would have been using an agent to be able to pull the information we need. The fact that Wiz is agentless and is capable of looking at traditional compute as well as modern compute has reduced the need for additional tools that are agent-based.

Out of all the features, the one item that has been most valuable is the fact that Wiz puts into context all the pieces that create an issue, and applies a particular risk evaluation that helps us prioritize when we need to address a misconfiguration, vulnerability, or any issue that would put our environment into risk. The fact that it's able to reveal those toxic combinations has been really key for us in prioritizing what to fix first.

Having visibility with a contextual view for prioritizing potentially critical risks has been quite important. Especially in the cloud, it's no longer about applying a particular patch or applying particular updates to address a CVE. It's more about, for example, how a combination of a misconfiguration with the fact that it's externally facing allows us to prioritize that to be addressed first. There's a higher risk for an externally facing asset that has a vulnerability with, potentially, a service account that has high privileges. We're able to say, "Hey, we need to fix that first," and not worry so much about a compute engine that might be vulnerable, but is still protected by some other security controls that are in place. Knowing where we gain the most value, from a security perspective, and where we can reduce the most risk, has been a critical piece of our adoption of Wiz.

The solution's Security Graph has been key as well. One of the things that Wiz provides is out-of-the-box dashboards, but the Security Graph allows us to pinpoint things by creating custom reports to target specific vulnerabilities. We have multiple use cases in which we can target, for example 

• a subscription ID that we are after, and that we are trying to prioritize for remediation
• if a particular CVE is part of our environment. 

Through the Security Graph, we're able to quickly determine those types of things. It also enables us to start looking at our assets and our inventory. It's almost human-readable. I don't have to write any type of RQL code. Rather, it allows me to quickly select, through the UI, the pieces that I'm interested in and build a report or query for it.

In addition, the automated attack path analysis is one of the factors that we use when we're prioritizing where we should focus first in our remediation. Understanding any type of lateral movement within an attack path helps us determine the type of urgency involved, as we try to prioritize what to address first. It has been very important in detecting assets that we consider valuable and quickly identifying if they are well protected.

Something that we're starting to look into is identifying vulnerabilities for which we potentially need to delay the remediation. We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade. We don't have remediation prevention capabilities available through Wiz. We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately.

We've been using Wiz for almost 4 years.

It is pretty stable. We initially had some problems with timeouts, but they addressed them and the platform has been quite stable.

We have not had any problems with being able to scale to meet our demands.

We did not have a previous solution for the cloud.

It was straightforward. We did it in partnership with Wiz.

We have it deployed across multiple public clouds and it's deployed at the organization level. All of our application teams and our 250-plus cloud users are able to see the data through Wiz.

We started with one FTE on Wiz and, since then, we have grown the team to three FTEs. 

In terms of maintenance, no solution is perfect. We have been able to identify issues on the platform and to engage support to either address the bugs and issues that we see, or to enable a feature enhancement for a particular use case.

We have seen ROI from Wiz and we continued to see value in Wiz. Although we have been using Wiz for close to two years, one of the key items that we are still driving is adoption. The more cloud users that adopt the tool, the more value we gain from it. We still continue to see value added. 

In terms of immediate benefits, the first major benefit was asset management. We got a better understanding of the type of workloads or services that were being run in our cloud. The second benefit was around vulnerabilities. Wiz quickly proved that a lot of our application teams were not following best practices related to patching. We were able to quickly tell a story: although you are using a modern service in the form of a container, you are not maintaining the container image in a way that prevents vulnerabilities.

One of the main values that we see is that as a SaaS platform, Wiz continues to deploy new features. As those new features are enabled, more value is being gained by us and by our community.

I believe they're moving to a different licensing model. We are still grandfathered to the initial pricing models. What I do like is that the pricing seems pretty simple. We don't have to do a lot of calculations to figure out what the components are. They do it by enabling specific features, either basics or advanced, which makes it easy to select. But I'll have to see how the new pricing model will work for us.

We evaluated Aqua Cloud Security Posture Management, Prisma Cloud, and Orca Security. Wiz seems to be more user-friendly. It enables a user to quickly identify risks with minimal intervention. That was definitely a positive factor and a welcome one because it's less hands-on than some of the other tools.

Also, the fact that Wiz is able to see and contextualize multiple components or issues, provides a richer way of looking at risk. It takes into account not just a particular vulnerability that is CVE-driven, but also items like misconfigurations, over-privileged service accounts, and other factors that help us better prioritize our risk.

Initially, there was unplanned work when our cloud owners saw the risks in their environments. But because we were prioritizing what needed to be fixed first, they were able to utilize existing staff resources to address those vulnerabilities. We were not just trying to patch or fix something that might be low risk. Rather, we were always trying to identify where our critical issues were and address those first.

If you're looking at Wiz but are concerned that your existing products already give you a lot of alerts, I would ask about your journey to the cloud and what you're focusing on. Are you mainly focusing on what I call CVEs and patching? Or are you looking into other areas like compliance and identity and access management pieces? If you are, then Wiz is definitely the right choice. It has to be driven based on that journey to the cloud. Visibility, once deployed, is one thing, and visibility prior to deployment is another thing. You should have a good understanding of what your requirements are and where you see the value of addressing any type of risk that is introduced into your environment.

Understand what is important to you. Are you more focused on the CSPM features that are available through Wiz? Are you more focused on cloud infrastructure entitlements that are available through Wiz? Are you looking to remove existing agents that could create overlap, and how does that fit into your roadmap? Understanding your requirements for the type of information that you want to see out of the tool is going to be critical to understanding your use cases, and how your community is engaged with those use cases, regardless of how easy the tool is to integrate. Those are factors that are going to be vital to your success.

Wiz is an agentless cloud assets vulnerability scanner. You don't need to install anything to use any of the machines. It takes snapshots and then scans it. It is interesting because all other scanners need to install some agent.

This solution is designed to be agentless. This approach saves bandwidth and other resources. Nobody needs to report anything or send packages to the backend. Everything operates as a SaaS solution. They perform snapshots and alerting, converting the data into metadata, which they then analyze and return. Thus, the SaaS solution handles the entire process without requiring additional effort from us.

Wiz is a very powerful and easy-to-use tool. It's highly customizable, allowing us to manage many custom features effectively.

You need to enter numbers manually. Now, everyone has to press to proceed. Wiz still requires managing all the numbers on the web page. Wiz could enhance API integration with ServiceNow and Jira. 

I have been using Wiz for six months.

The initial setup is straightforward and takes two to three weeks to complete.

Wiz is quite expensive. However, having a comprehensive view of your cloud environment is essential. On-premises systems are much easier to track, but managing numerous instances in the cloud requires enhanced visibility.

We are paying 250k per year.

For our business case, we needed Wiz to meet regulatory requirements and quickly identify public exposure vulnerabilities, such as publicly accessible instances or resources. This information immediately helps prevent vulnerabilities within your business environment, providing a cybersecurity advantage. While this doesn't translate to direct financial benefits, it helps prevent potential breaches and escalations, which is invaluable. Like other security tools, Wiz incurs a cost, but its value lies in enhanced security rather than financial gain.

Wiz's scanning and detection capabilities can identify vulnerabilities potentially affecting the cloud or exposure. It's not solely focused on database issues. It performs various tasks effectively. The categorization is excellent, the dashboards are informative, and the reporting features are robust. Additionally, you can create highly customizable reports.

Everything works using a CI/CD pipeline, which is very good because every DevOps engineer can manage it by simply creating some code around the message request. Wiz works fine and is fully compliant with CI/CD. The workflow and the tasks align with industry standards.

We can configure any compliance framework for checking with Wiz. For example, you can select frameworks such as GDPR, AWS Fundamentals, and CI/CD. You can configure the tool based on the recommendations provided by these frameworks. If your company has specific requirements, like allowing an 8-character password while the state requires 12 characters, you can customize the settings accordingly. Wiz will then assess compliance based on these customized parameters, and if everything meets the set criteria, it will confirm that you are compliant.

You have everything in one dashboard. The dashboard and reports are quite literally perfect. Since everything is in one dashboard, you can customize the reports to show only the columns you want to see. For example, you can exclude low-risk items so you don't get notifications about low-risk issues that do not impact your compliance status.

Wiz has some AI features for consolidation, but it's not customizable. What VMware offers is similar, but there's not much to choose between. You either have a batch compliance agreement, or you don't. Wiz's framework complies with requirements, or it doesn't. It's a vulnerability management tool similar to Kangaroo but with better AI documentation features. You can ask questions about how to do something, and the AI will provide the relevant information. This feature is built into the system.

Overall, I rate the solution a ten out of ten.

On-premises

We use Wiz in our cloud security management by connecting it to our main cloud environment and other multi-cloud solutions. It helps us consolidate and manage information and risks, dividing them between VPCs and business units. Wiz keeps all information up-to-date and helps us identify any toxic connections within our cloud implementations.

The most valuable feature of Wiz is that it keeps information up to date without needing to perform scans or schedule maintenance windows. It provides a fresh snapshot of our vulnerability metrics. It also helps us make decisions on improvements, maintenance, or updates for our systems. Regarding compliance and governance, Wiz streamlines our vulnerability management to meet specific needs effectively.

The reporting should be improved because until a few months ago, the reports were only in CSV format, which made it difficult to clean up. Wiz tried to improve the reporting process, but it's not as valuable as Tenable.

I have experience of using Wiz for more than a year.

Wiz was quite scalable and easy to manage initially. However, as the solution became more costly with our growth, it posed some challenges. We had to work on managing costs and scaling according to our needs, which required some effort, but we were able to find a balance in terms of pricing and performance.

It is difficult to get in touch with them initially. We had to get in touch every for our queries related to AWS and GCP marketplaces. However, once you need to discuss numbers, they are very responsive. 

Positive

I have worked with Tenable and Qualys. Wiz stands out in deployment ease and resource consumption compared to Qualys or Tenable. Its simplified processes and snapshot features make it a preferred choice.

The initial setup was easy. We need to key details, therefore setting up Wiz very easily. It’s easier than Tenable, which requires deploying infrastructure and handling the associated costs. Deploying Wiz took about one month due to our multi-cloud services, but the main cloud service took less than a week.

Wiz requires no maintenance since it is a SaaS, but if we need to deploy a new service or have any issues, the technical support is really helpful without additional costs. Once integrated, it is very easy to maintain.

We took help from an external account manager and a technical account manager from Wiz. Our team consisted of three people: a DevOps engineer, a TechOps engineer, and the person responsible for the implementation.

Using Wiz has significantly reduced our costs compared to having three separate solutions. We estimate a cost reduction of around 35% to 50%, or even more, due to consolidating our security management into one platform. This operational impact has been one of the most significant benefits we've experienced with Wiz.

Regarding pricing, it’s more than $100k because we have a very big infrastructure. Our environment supports around three thousand people, and we offer business-to-client financial services to around one million clients, so we rely heavily on Wiz.

We are a partner and develop Wiz opportunities here in Brazil and Latin America. We already have some customers using Wiz as a DSPM platform. We use it in various industries, like retail, where it is used for security profiling and predictive analysis to identify risks. There is also a global industrial company using Wiz, but I cannot disclose its name.

The platform offers granularity in visibility, which is essential for understanding our risks and threats. We implement a maturity report to provide our customers with a cloud maturity idea using Wiz to identify and suggest actions to enhance their environment's resilience and availability.

The granularity of visibility that the platform provides is the most valuable aspect. It shows all details of our sources, which helps in understanding the risks and threats within the system. Additionally, the platform's integration capabilities allow us to see various operational systems through Wiz.

In Brazil, the cost is a significant issue due to the currency exchange rate. Wiz is not a cheap solution, and it is hard to prove cost efficiency to customers. While it improves security and maturity, reducing costs is challenging due to it being expensive.

WIZ does not have local support in Brazil. However, Century Data has an engineering team who support the initial calls with a local Knowledge base.

Positive

We previously used SentinelOne, which is XDR and protects servers or workstations but does not offer Wiz's DSPM capabilities.

Customers have told us that Wiz is easier to implement than Orca. Both technologies are agentless, but Wiz is simpler to deploy.

The local cost of Wiz in Brazil is high, making it difficult to achieve a significant return on investment. While it enhances security and maturity, the high cost in Brazil makes it challenging to demonstrate cost reduction.

The cost depends on workload, features, and modules, and it is not inexpensive. Other technologies, like Orca, a competitor, are also expensive.

I did evaluate Orca previously.

I recommend Wiz for customers who need more maturity in their operations. It provides extensive visibility and granularity, essential for managing security and operational risks.

I'd rate the solution ten out of ten.

Public Cloud

Other