Wiz Reviews

We are a Wiz user and partner, so we have an environment using Wiz, and our use case is to provide risk analysis. We have dashboards to understand the main risks and categorize them, and we use these to get the baseline and reports. We personalize some reports.

The best features of Wiz are the AI, risk analysis, the framework, and the compliance frameworks, so we can check if our frameworks comply with CCPA or similar regulations, and the toxic combination. We can identify active threats more effectively with granularity in databases, operational systems, and access keys, so the granularity of the Wiz view is the key for this kind of risk analysis.

We can provide an inventory, which is crucial when managing large cloud databases or environments such as AWS, Azure, or Google environments, where it's difficult to have one view for all cloud components. Wiz can accomplish this and easily provide the total inventory in the cloud.

Wiz has helped us analyze critical issues, and it can provide guidance on how to mitigate these issues to resolve them, offering step-by-step instructions.

An area that Wiz can still continue to improve is FinOps.

I have been using Wiz for almost one and a half years.

My experience with Wiz's support has been satisfactory.

Positive

We analyzed other options before choosing Wiz. For example, we looked at Orca, which lacks functionality such as toxic combination or resolving issues easily. Wiz can provide a better way to resolve critical issues, while Orca can show the issues but not truly resolve them.

We use Wiz in the cloud with AWS and GCP. We use both AWS and GCP almost equally. The time frame to achieve zero criticals in our issue queues depends on the environment. While we don't achieve zero criticals, some problems can be solved in two or three weeks while others may occur. It's optimal to work toward zero critical issues, but it depends on the installation or the cloud dynamics.

Some customers achieve zero critical issues, and Wiz has a program that rewards this achievement with a puzzle. Wiz offers pricing for both huge and small environments, and customers can purchase it from the Google Marketplace. In my opinion, Wiz has a competitive price.

I rate Wiz between 9 and 10 out of 10.

I use Wiz for both my own company and other companies to detect and investigate vulnerabilities and any type of alerts that pop up. 

I am really enjoying the new Threat Detection that they have set up; it is pretty nice. I appreciate the way that it lays out the data.

For some of my customers, I create custom dashboards, charts, or counters, and they're actually really helpful. It's quite easy. They have extensive technical documentation that guides you through the process. Additionally, there are short videos available in each section that demonstrate how to do things.

Wiz has helped my organization achieve zero criticals in its issue queues after a month. 

It would be better if, when you get an alert type, you are able to view the regex or alert logic without having to dig through all the different options; it is difficult to find where the alert logic is because you have to go to the investigations and then actually find and search for the individual alert. If they just showed the alert logic, that would be really nice. 

Also, if there was an easier way for threats to convert those into issues rather than having to set up a custom rule to pull those in as issues, it would be great.

I have been using Wiz for just under a year.

I have not seen any sort of instability with Wiz; I was curious how their SRE team works because I have not seen a single downtime.

Wiz scales really efficiently; I have worked with some huge companies that have multiple clouds and thousands of workflows, and it all seems to work.

We have account executive people that we talk to for help with Wiz. We talk to them sometimes when new features come out or when we see weird things for the first time. They provide help with writing either new regex alert queries or just helping us figure out how to do something with using the product. They are very helpful and very responsive, and if they cannot get you the answer, then they will find someone to help you; it has been as quick as a turnaround time of one business day, which is really good.

Positive

I have used CrowdStrike, Prisma, and I think that Wiz is the best out of all of them. Wiz is good at conveying the information for the active threats. The way that it shows you is easier to understand as a human. It is about the same quality of detection, but the presentation is better.

It's really easy. It's very user-friendly, and it's very intuitive.

My team had Wiz set up already when I joined, but I have gone through the whole setup process myself; they let me reset it up. I found that to be pretty simple. It only took about an hour and a half to install Wiz because we do not have a super big system.

Once you set up Wiz, it is good to go. As a security engineer, you need to maintain the alerts and keep that stuff moving. Once we have the system in place, I have not noticed it disconnect any of our accounts. It seems once you set it, it is good to go.

One person can deploy Wiz; they just have to have the right access.

I don't know how much we pay, but I do know that Wiz charges a lot. However, they're offering a good product, so it might be fair. I haven't seen the exact numbers.

I would rate Wiz a 10 out of 10. I really like it.

We are a Wiz user and partner. We have an environment using Wiz, and our use case is to provide risk analysis.

We have dashboards to understand and categorize the main risks. These dashboards help us generate baseline reports, and we have personalized some of these reports.

It can provide an inventory. When you have a large cloud database or environment, Wiz can provide you easily with the total inventory that you have in the cloud. 

Wiz has helped my organization by allowing us to analyze the critical issues and providing the best way to mitigate these issues with step-by-step guidance. We don't achieve zero criticals. This often depends on the environment, as solving some problems can lead to two or three others arising. Therefore, navigating through the critical issues is essential, but it relies on the specific installation you have or the dynamics of your cloud setup. Some customers have successfully reached a state of zero critical issues, and we have a program designed to support this. If they are interested in achieving this goal, we can provide them with materials or insights to help them.

Wiz's best features are the AI risk analysis and the compliance frameworks. We can check if frameworks are compliant, such as CCPA, and the toxic combination.

The Wiz runtime sensor identifies active threats more effectively by allowing us to run the analysis with granularity in databases, in operational systems, and some access keys. The granularity of the Wiz view is the key for this kind of risk analysis.

FinOps is an area where Wiz needs enhancement.

I have been using Wiz for almost one and a half years.

I had experience with Wiz's support, and I would rate it a nine out of ten.

Positive

Wiz can accommodate both huge and small environments. You can purchase Wiz from Google Marketplace, for example. Wiz seems to have a competitive price.

We evaluated other options such as Orca before choosing Wiz. We analyzed Orca because it lacks certain functions, such as toxic combination or resolving issues easily. Wiz performs better at providing the best way to resolve critical issues, while Orca can only show the issues without resolving them.

I would rate Wiz a nine out of ten.

I use the solution for test and demo environments, and then we deploy the platform's last version for our customers. We use the advanced license type, so we have all the features in the platform.

The tool is used for security assessment and maintaining our customers' correct security posture. We have different types of customers, so there are different types of use cases. But in general, the main need is for the maintenance of cloud security posture.

The tool's most valuable feature is its attack path analysis. The feature of the tool for inspecting running containers and the new feature of intelligent artificial intelligence security posture is good. With the attack path analysis, I can see the perfect path of a possible attack, I can see the exposure of different types of resources, and I can stop the attack with the remediation or suggestion of the platform. Regarding the container runtime security, I can see how the container runs and what type of action the container takes during execution. I can take some action to modify the running of the container. For the artificial intelligence security posture, I can see the misconfiguration problem with the security permission that customers give to the platform, like Bedrock or OpenAI, and so on. We can help the customer resolve this problem of data security exposure and so on. All such features are effective in identifying vulnerabilities. The platform allows users to collect information without the need for an install agent. So it's totally agentless, and it is a great feature. I don't need to install an agent, so onboarding the platform is very easy and very speedy.

The tool keeps improving on a weekly basis. Wiz enters into a lot of partnerships with other technologies. I don't have any idea about the improvements needed in the tool at the moment.

For me, Wiz is a very complete product, but it is not the perfect one. Other technologies are better for our customers' specific use cases. A possible way to grow the tool is by introducing new functionality or features.

In the future, the tool can introduce an on-prem infrastructure or platform. Not having an on-prem version can be an obstacle for customers who have a large workload in an on-prem environment.

The onboarding can be done in five minutes or five to ten minutes. Then, there is the configuration, and it depends on the type of the use case of the customer. There is a customer that has simple use cases for whom the onboarding can be done in four to eight hours a day. If there are some customers with a lot of use cases and a lot of different cloud providers, more time is needed. In general, we don't need more than five days to deploy the tool, even in the case of a very complex architecture and hybrid cloud environment.

To deploy the tool, we need to have access to the account of the customer, and Wiz is a stuff that we need to make with the customer. We do the onboarding together. The customer creates the correct authorization in the cloud platform and gives us the key to connect to the platform, and then the platform connector starts and begins to collect information.

I have been using Wiz since 2023. My company is a service integrator and a partner of Wiz. I use the solution's latest version.

It is a stable solution. Stability-wise, I rate the solution an eight to nine out of ten.

Scalability-wise, I rate the solution a ten out of ten.

I don't know the exact number of users because every customer can create a user autonomously on the platform. So, I don't have availability at the moment for the total number of users. We have five customers at the moment, and we have done a lot of PoC during the last two years. I suppose that we will have around 22 different customers. If you need a number, a minimum of 60 users use the tool.

My customers are medium and large enterprises.

The solution's technical support was excellent. We have had excellent communication and availability for any of our needs or questions. They answer quickly, and we have had a great experience with the technical support. I rate the technical support a nine out of ten.

Positive

If one is difficult and ten is easy to set up, I rate the product's initial setup phase a nine out of ten.

The solution is deployed on the cloud. In the future, the tool can introduce an on-prem infrastructure or on-prem platform, but at the moment, it is only cloud.

If one is cheap and ten is expensive, I rate the tool's price as a five out of ten. The pricing depends on the customer and the dimension of the environment, whether the customer is strategic or not. I suppose that it is available at a middle price. In some cases, it has a very aggressive price, so very cheap, in order it's expensive. In particular, if the workload is poor, they can't make grid cells, so the price is high, and it is not in terms of real value but in terms of the budget of the customer.

The tool can be used for all customers who don't have a security structure or security team inside because the platform is very easy to use. It is a very useful tool for developer teams that can use the platform without having security knowledge, and the platform helps the developer of code applications. The tool adapts to a use case in which there is a SOC team because of the rich data that the SOC can correlate and manage.

I recommend the tool to companies that use cloud products. Wiz can be integrated with other customer platforms because it enriches information and makes inaction very valuable in terms of security.

I rate the tool as an eight out of ten.

We use it to identify vulnerabilities in our cloud environment, including misconfiguration and other issues. More recently, we've used it to identify inactive resources that we can terminate to save money. 

It also helps us automate some minor tasks that we don't want to do manually, such as forwarding issues to the appropriate teams. Wiz has various workflows to route the vulnerabilities it discovers to the right teams. We integrated it with ServiceNow, enabling us to send ServiceNow incidents to the teams. We can also send Azure DevOps work items to developers. We're evaluating Jira for some teams, and Wiz can also send tickets to Jira. 

Wiz helps us reduce and manage our issues. Six months ago, we had no idea where we had problems in the cloud. We used another tool, but we still didn't know where most of the issues were. Wiz made it so easy to see from a high level. 

Before adding any projects, it showed us all the open issues we needed to fix. It started with the big ones because Wiz groups the issues by control. For example, you can see you have 100 issues under one control, so you start by trying to fix that. We can fix these 100 issues across all accounts by fixing one control.

Maybe we can put in some guardrails or prevent people from doing something problematic using CI/CD. Wiz helps us identify issues, prioritize them, and determine which ones should be resolved globally. 

If something can't be fixed at the highest level, Wiz can automatically send it to the appropriate teams. Wiz enabled us to define a structure for routing issues to people. We add a set of AWS accounts to a project and make them owners, so automation rules can be defined to send tickets to all project owners. That functionality helps us get the tool to operate.

Wiz is like a blind spot detector. You don't know what you don't know, so all I know now is what Wiz tells me. We don't leverage any native AWS features, so we rely solely on Wiz now. We're heavily in the cloud, but we still get our feet wet with it and ensure it's set up correctly. 

Wiz was the first tool we used to determine what we should look at and fix. We are notified when people do things they shouldn't, and employees are taking more responsibility for that. People are more conscious about what they put in their AWS accounts. 

Employees know they're being monitored and are responsible for it at the end of the day. Our InfoSec team will see it and ping them about it. They'll also see it when they get a ticket for the issue that they need to fix. It helps to create a secure-by-design mindset.

Addressing blind spots gives us peace of mind because we know that what we're doing makes sense. We can implement guardrails, understand why people continue to do things wrong and discover ways to prevent the problem from happening. It helps us develop best practices.

Wiz hasn't reduced the staff we need, but it has automated many tasks. It has built-in integration with other tools we can leverage by configuring automation rules. You don't need an external automation solution or a SOAR platform because you can do everything with Wiz's native tools. 

It allowed us to decommission a cloud security tool that wasn't working well. Besides that, we haven't consolidated much because we don't have many other cloud tools. I expect a tool like Wiz could replace a traditional vulnerability scanner, like Rapid7. I prefer it over something like that. However, there will always be a use case for a traditional on-prem vault scanner for desktops, firewalls, and other hardware that doesn't have agents on it. 

We still need an endpoint detection tool and a traditional vault scanner. But if we were using other cloud security tools like Divvy and Lacework, we could have consolidated both of them into this.

The automation roles are essential because we ultimately want to do less work and automate more. The dashboards are easy to read and visually pleasing. You can understand things quickly, which makes it easy for our other teams. The network and infrastructure teams don't know as much about security as we do, so it helps to have a tool that's accessible and nice to look at.  

It's easy to see what needs to be fixed, which is crucial for the other teams. We are trying to adopt a comprehensive governance approach. The security team isn't necessarily responsible for fixing the problems, but we are responsible for ensuring they get fixed. We need to route things to the infrastructure team, and it's straightforward for them to find everything on the dashboard.

Wiz lets you group AWS accounts logically into projects. We have AWS accounts associated with an application, so we create a project named after that application, and the project owners will receive any related incidents. It's easy to identify who's responsible. It requires some configuration, but it's handy. 

They have a security graph with a point-and-click interface, so you can click the resources you want to search for. If you aren't sure what you're looking for, you can click through. You open the little browser, and it says "EC2 instance." When you click on that, it populates several other options. You see that the EC2 instance has a network interface and click it. That has a public IP, so you can start granularly filtering down using the security graph. 

I can use the security graph for threat hunting and identifying resources. I can click on a virtual machine and see it has been detected. I have AWS and VMware integrated so that I can see more than just our cloud environment. It provides visibility into the VMware environment. I can drill down further based on a specific project or subscription. I can see all the VMs in a particular project if I want. If I do that on our infrastructure project, it changes the results, and now I see around 800 VMs in this project.

It helps you understand the resources associated with individual projects. You can do that at the subscription level and narrow it down. It will show you that one project uses S3 buckets and another has VMs. You can determine if assets are active or inactive. It's a valuable tool. 

They have a new inventory feature that allows you to detect and classify technologies. For example, let's say a Linux server has an FTP application installed, but we're not supposed to have those on our Linux servers. You can mark it as unwanted. Wiz has controls triggered when you classify something as an unwanted technology, so it generates incident reports for your projects based on what you've specified in the inventory. If I say FTP is undesirable, it will detect that on resources and send tickets to the appropriate teams notifying them to fix it.

I like the features for managing SLAs. You can define SLAs, set due dates, and use the security graph to see if any SLAs are due soon. I also think they do an excellent job with SSO implementation. Using SAML role mappings, we can integrate Wiz with our identity provider and set it up based on different groups. It's simpler to manage user access. We don't need to do all that manual stuff no one wants to do.

The ability to scan every layer without agents is a huge selling point because we're multi-agent. We are heading in that direction, so it's vital to have something that works that way. We use agents where necessary because we've got endpoint detection and response. We have a vulnerability scanner that isn't agent-based. Reducing the number of agents, we must maintain on servers or desktops is essential. They fall a bit short when it comes to performing on-demand scans. However, I don't think that's their goal.

I don't think Wiz wants people to come in and click "scan now." In some cases, having more frequent scanning than what they currently have would be helpful. It is a little confusing to understand which scanner does what. They have disk and data security scanners that scan buckets and a dynamic scanner that scans other things. I don't know which scanner is doing what or if they all follow the same schedule. I don't think we could use it if it weren't agentless.

The reporting isn't that great. They have executive summaries, but it's only a compliance report that maps all current issues to specific controls. Whether you look at one subscription or project, regardless of the size, you will get a multipage report on how the issues in that account map to that control. Our CSO isn't going to read through that. He won't filter that out or show that to his leadership and say, "Here's what we're doing." It isn't a helpful report. They're working on it, but it's a poor executive summary.

All the other reports look great when you try to create them. I can pull a report of issues for a specific project, but it's a CSV file with findings, which isn't helpful. I expect a slick visual summary that looks like what they have on the dashboard. They spend a lot of time making the dashboard easy to understand, but you can't get that information into a report for our executive leadership. We want to show them the trends and what we're doing. It's critical for our team to demonstrate the tool's value. At the end of the year, we have to go to a meeting and show management the progress we made this year. I can only do that by going into open issues, putting them all in notepad, and taking a couple of screenshots. 

I would also like the dashboards to be customizable. They have excellent dashboards, but you can't create or customize them. At the same time, Wiz seems open to that feedback, and I think they're relatively new. They're growing fast and implementing new features quickly, so I hope this will be added soon.

A third issue is that we can't provide email notifications on connector status. Everything comes into Wiz through a connector. Our AWS environment is added as a connector, and there's no way to notify anyone if an issue is detected. We could wake up the next morning and not have any data from our AWS cloud environment because there was an issue with the connector, but no one would've known about it. I think that's something that needs to be fixed.

Wiz has room for improvement in terms of risk assessment. It has a severity meter with five levels: critical, high, medium, low, or informational. If I click on the highs, it sorts the issues by the control with the most total issues. They're all high, but it doesn't prioritize based on anything other than the number of issues that are impacted by that control. It's not a priority. It tells you you'll get the most bang for your buck if you fix this one. There's no risk score or anything like that.

For example, if a public-facing device has a significant vulnerability, it will consider that business context and label it "critical," but that's all it does. All the severity levels have the same weight. Wiz prioritizes well in terms of sorting the issues into broad categories. However, it doesn't prioritize those. I'm looking at all the highs right now, and I don't know if one of these is more impactful to fix than the other.

It helps to have an overview showing that 103 resources will be impacted if we fix this control. We can fix the control at the global level, put guardrails around it, and prevent the issue from happening in the future. You can start thinking that way, but it doesn't tell you this is more severe than other issues in the same severity category.

We have been using Wiz since October 2022.

I've never seen Wiz go down. It sometimes loads slowly, but that hasn't happened recently.

Wiz automatically scales with you. It's seamless.

I rate Wiz support a nine out of ten. Originally, they offered support through a chat app on their website, which was awful. They recently changed to Zendesk, which has been so much better. We also have a Slack channel with some of our account team. They've been excellent.

Positive

We used Lacework, but it couldn't operationalize like Wiz, and there were a lot of false positives. We found Wiz because we needed a replacement for Lacework that provided a better idea of our cloud environment.

Wiz does a better job than Lacework. It shows you what you need to fix on the front page. Lacework didn't do that as well, and it wasn't easy to automate. Once we knew what needed to be fixed in Lacework, it was difficult to forward the issue to the appropriate team. Wiz shows you what to fix and makes it easy to fix it.

Setting up Wiz is as straightforward as you want it to be. It's easy to set up, but there's a lot to learn, and there will be more as Wiz continues to add features. Being there from the beginning was nice because I learned all about the scanners and how they worked. 

Wiz is a SaaS solution connected to AWS, Azure, and our on-prem VMware environment in our data center. We worked with the Wiz team for the most part, but the platform is easy enough to do it yourself.

We already had Lacework, so we knew what we wanted to connect. We knew we wanted to connect our AWS and Azure cloud environments. We weren't thinking about VMware during our POC. We didn't care to add VMware. Our traditional vulnerability scanners would pick up the on-prem stuff, but they added it as an integration, so we decided to evaluate it. 

I was primarily responsible for deploying the solution, but I'm not a cloud engineer, so we called on some cloud resources to assist. If it's a one-person IT team with access to the cloud environment, they could do that on their own. I don't have access to certain things in AWS, so I needed our cloud team, which is two people, but I only worked with one of them. 

Some Wiz components require on-prem hardware. The VMware connector requires an agent-based server deployment. I deployed an EC2 instance with Docker on it, and each VMware vCenter environment requires its own agent. It was easy to set up, but some on-prem infrastructure is necessary to connect to them, get the information, and push it up to the cloud.

Though Wiz is a SaaS solution, it requires some maintenance on our side. If we have issues with the connectors, they must be fixed to ensure everything is coming in properly. If Wiz makes changes requiring additional permissions that impact the connectors or they release a new feature that requires additional permissions, we need to make some manual adjustments on our end.

We almost realized an ROI. The company only operationalized Wiz in January, even though we've had the tool for a while. We went through the POC. Then we tried to figure out the best method for implementing it and getting stuff out to our teams. I disappeared for a month because I was on paternity leave, so we've had maybe half a month where teams were addressing issues Wiz raised. Our issue count isn't increasing, and we continue to enable more rules and controls. People are starting to take accountability and proactively address issues they've seen in the ticketing system. 

I think we're reaching the point where we'll see a return on investment, and we'll be there by the end of the year. We started at the cloud level and already started implementing some of the things Wiz recommended. It might not trigger an issue on the platform, but it's one of those best practices. 

We realized value almost immediately, even during the POC. We plateaued a bit in terms of the ROI because we fixed some of the low-hanging fruit. We were like, "Okay, now what do we do?" We started creating accounts and putting them in projects. We set up the ticketing and tried to figure out where things were going. That took a few months to get going, and now we've enabled some of those. As time passes, we'll start to address some of these issues globally and hopefully implement the CI/CD stuff. 

Wiz is pretty expensive. It costs more than others in the market. For example, Lacework was half as much. We didn't get as much obviously, but it was half as much. The other platform was even less than Lacework, so Wiz is at the higher end of the market.

We looked at other tools like Ermetic. Rapid7 was actively pitching DivvyCloud to us. It's now called Insight Cloud SEC. We didn't evaluate that one though. We evaluated Ermetic but didn't do a POC. The company briefly tried them, and they didn't meet our expectations. Wiz is easier to use and navigate than the other solutions. 

I rate Wiz a nine out of ten. I recommend evaluating it with a full POC, but be prepared to set up connectors and go through the entire process. You'll know if you like the tool within a month. Try it if you have the budget. 

If you're concerned about getting too many alerts from multiple solutions, I would say it depends on what you can consolidate. Not everything can be consolidated into Wiz. At the same time, Wiz mainly reports actual issues, and there isn't a lot of noise or false positives. Wiz will detect specific resources that might be exposing ports to the internet and trigger an issue on that. But that's by design. In some cases, you might have network resources that a firewall needs to have exposed to the internet in that way.

Wiz has accounted for everything, so you can configure it to ignore particular issues for a given resource. They've implemented a few ways to work around issues you don't want to address so you can clear from the interface and get people to focus on what's important.

We use Wiz to monitor cloud security across Azure, Oracle OCI, and Google GCP cloud environments. With Wiz implementation we aim to eliminate the security team from security findings communication and triage and allow development, cloud and infrastructure teams direct access to security configuration findings - saving time for everyone involved.

The client has around over 2000 workloads in Azure, and more than 200 in Oracle OCI, as well as small cloud presence in Google GCP.

For the initial deployment, we aim to enable good visibility across all cloud platforms (width), as well as across different levels of visibility (depth) by employing CSPM, CIEM, DSPM, EASM, CDR and other capabilities offered by Wiz. 

Going forward, we plan to implement cloud forensics feature, as well as integrate it into our CI/CD pipelines and code repositories for preventative capabilities.

The integration is still in its early stages, and I will continue to update this report as we move forward. That being said, everything has been excellent so far!

Wiz helped to detect multiple virtual machines in Azure and Oracle OCI cloud environments that had problems, including crypto-miners and malware. Furthermore, Google GCP usage in the company was discovered by Wiz, which the other two CNAPP tools we've tested have missed. 

We also discovered credentials stored on the disk of a virtual machine in the test/dev environment, which could potentially provide access to parts of other cloud environments if compromised (allow lateral movement).

We can confidently say that we now see the full picture of risk across our cloud environments, including internet-exposed, vulnerable (unpatched) and misconfigured cloud assets, as well as sensitive data stored in those cloud assets.

We're currently going through the process of user onboarding to enable time savings for security team and streamline the time to take action to remediate the findings.

The time savings and the many moments of "if I was building a CNAPP, this is how I would do it" were where Wiz had already implemented what I wished for. Wiz also saves time by validating a network misconfiguration by not only looking at the cloud asset configuration but also by testing if a port that is stated to be open is actually open.

The Wiz product team recognises that the world doesn't revolve around Cyber Security teams. This is evident in their emphasis on providing clear and simple remediation advice and offering explanations of the alerts, making it easy for non-security team members to understand what’s happening and why. This was one of the key criteria why Wiz has been selected over the competitors.

My favourite is the EASM/External Exposure view and overall package - full risk visibility. It allows us to prioritize, and I mean truly prioritize, what should be addressed first. We can now see cloud workloads exposed to the internet in case of critical vulnerabilities, and if these workloads hold or can access sensitive data, we can act fast and patch these workloads first, and therefore reduce our overall risk exposure time.

Another favourite feature is the ability to give feedback and quickly raise a support case, as well as the comment option for each finding in Wiz web portal. It enables simple, yet effective collaboration between security, cloud, infrastructure and development teams.

It's too early to tell what can really be improved. However, we noticed some capabilities that were lacking, specifically ignoring some false-positive Issue findings. The good news - with the latest update, this has been resolved.

The built-in reports have room for improvement, especially the executive summary reports. However, this is compensated by the excellent Dashboards available in Wiz web portal.

Overall, nothing is majorly lacking, and so far, all issues we encountered have been addressed with a few outstanding ones that are pending for a feature release.

I have been using this solution since June 2024. 

With two main cloud platforms fully onboarded, the integration project is still ongoing.

The solution is very stable. We observed a case where some of the newly introduced built-in policies caused minor discrepancies in the alert count, but the Wiz support team promptly resolved the issue.

So far, so good! No issues were observed in scalability.

Support is excellent. We had 10 to 15 TAC cases open; most are addressed, and few that remain open have updates and a clear path towards resolution.

Positive

Previously, I used Check Point's CloudGuard (while it was still called Dome9), Prisma Cloud by Palo Alto Networks, and Microsoft's Defender for Cloud (since 2020, when it was still called Azure Security Center). I have also tested Orca Security CNAPP solution in a PoC setting for about a month.

The setup is straightforward. There were no issues with either cloud connector that I used (Azure, OCI and Kubernetes).

I am a consultant working on this integration - HLD, LLD, integration itself, policy review/triage of findings, and user training/onboarding. The support team has been great! From sales to customer success - it has been a smooth ride. 

The main ROI will be the time savings from not needing to write a basic remediation advisory for the dev team and then send/track it using email.

The sizing script provided by Wiz is fairly accurate. The support team will help you accurately identify the licensing needs. We've done it, and it is spot-on.

We evaluated two other CNAPP solutions.

So far, I really like the solution and the team supporting our integration.

While it's quite early for a full review, we already have the key parts functionality deployed, and I will be updating this review once the integration is finalized next year (code security for CI/CD, cloud incident response and forensics, and automation of preventative capabilities remains on our to-do list).

Disclaimer: I received a typical customer "swag" package (jumper, backpack, thermal cup) from Wiz, but I can confidently say it had no influence on the content of my review of the CNAPP solution.

I lead and manage our vulnerability management and threat intelligence program so relying on having quick visibility, coverage, comprehensiveness, and depth is an absolute benefit; Wiz agentless deployment and scaling give us that quick use CVE-based vulnerability scanning, detection, continuous monitoring, threat intelligence, and risk prioritization with little to no downtime or impact to availability. Lastly, the CSPM, threat-intelligence, and dashboard capability within Wiz gives leadership quick and efficient reporting on our overall risk in the cloud.

I believe the genius of Wiz is that, as we move towards a more zero-trust approach to cybersecurity, we can avoid using agents, which can be intrusive and difficult to manage. Furthermore, granting an agent full read rights access to our endpoint is not always the most secure, least privileged approach. I appreciate how Wiz can take a snapshot, scan it, and deliver results without affecting our workloads. Working with Wiz is great because it eliminates the need for staging and production environments. When we can't pick a snapshot-like reproduction environment right away, it does not have any impact.

We went from 1,000 to 10,000 employees after merging with a large company and purchasing another. Prior to this, it was like the Wild West. With Wiz, we were able to set up quickly and have visibility into our cloud workloads and environment. This has been incredibly helpful in reducing our attack surface and allowing us to prioritize risks. Wiz significantly lowered our risk and caused little to no disruption which is quite amazing.

It is extremely important for our organization to have visibility into our risk detection with a contextual view for prioritizing potential critical risks. When companies try to approach this single pane of glass from a risk perspective, it is essential to be able to share this information with stakeholders and non-technical people, such as the president, CFO, or other C-level personnel. I believe it is possible to share our cloud posture and risk overall within a five-minute presentation.

With the deep coverage and visibility that Wiz provides, we need more resources. It's clear that we have a lot of issues to address and we need to be careful and strategic in how we roll out solutions so that we don't overwhelm the business. Wiz has been helpful in determining our needs and getting us the resources and people we need.

Remediation is currently a manual process. Because the automation workflow within the tool is lacking, we have a remediation webinar to help. I still recommend and suggest that Wiz build it within the tool itself and not depend on manual processes. I have created an SOP to review and share findings, but it is a tedious process and can take up a lot of time. We are not yet in an optimized automated state and the tool and procedure are not there yet. However, Wiz does help and I have set up projects to help with organization and remediation workflow. The security personnel I work with have been pleased with the results, as I can provide a link to the issue and we can review it together. I usually have biweekly remediation calls and internal SLAs to track the ticket creation of the finding to when it is remediated. I find it useful to use that feature within the solution. Wiz allows us to go into the issue and assign a due date, which is very helpful. It would be great to have our own remediation board within Wiz, more like a dashboard.

There are many different features within Wiz that are valuable in their own right. I believe the best features are cloud security posture management, threat intelligence, and risk prioritization. This combination is my favorite aspect of Wiz. There are very few false positives. Wiz does an excellent job of leveraging their threat intelligence and distinguishing issues from findings to prioritize their risk. Having threat intelligence as part of our overall cloud posture management, cloud configurations, CVEs, and CWEs helps to prioritize our inherent and residual risk to the business. Wiz does not try to make actions overly complex, so even a non-technical person can take a webinar and understand the basics of how it works. The solution is very user-friendly.

I like the security graph feature, and being able to start with a dashboard. I am a fan of drilling into the dashboard, and I love how the solution handles different technologies. If we go to Wiz's inventory, they have their work, visibility, and coverage of technologies, as well as how they prioritize external exposures, cloud entitlements, containers, overall vulnerabilities, malware findings, and so on.
I really appreciate the visibility and the way the security graph lays out the risks. When we join the security graph, we can get very detailed and granular information. I like how I can drill into an issue, for example, if I want to look at a critical finding. I can look up fields in my query for all the hits and interact with the security graph and those expressions easily. It's a very digital footprint, root cause analysis type of interaction. I like that element of the security graph. We can get very specific, elaborate, and add to it. Whether we just want to look at the security graph level or drill into the issue specifically, it gives us a detailed footprint of the attack. It's pretty cool.

Wiz is trying to get into File Integrity Monitoring and it would be nice to set up what they call 'alert profiles' in their dashboard. For instance, if they had a threshold of a hundred images or files within a Docker container, image, or files within a particular workload that has been deleted within one minute, this could be an Indicator of a compromise of ransomware or something else. We typically don't think of this in the cloud, but the same rules apply as they would on-premise. It would be beneficial for Wiz to expand into this space and set up alert profiles for thresholds that indicate areas of compromise.

The remediation workflow within Wiz could be improved. For example, Rapid7 has done this well with InsightVM, which they call goals, SLAs, and projects in their remediation workflow. It would be beneficial to have a remediation tab that focuses on the visibility and coverage of findings, as well as an automated remediation workflow. This would save time, as it would not require creating tickets in Jira or going to another place. If these two can be done, it will be very helpful for the user, the person administering the tool, and the developers who need to fix the findings and issues.

I have been using Wiz for almost one year. Six months of that was proof of concept, and now in my current role, four to five months.

We have not encountered any issues with Wiz since I have been here, and it remained stable with no downtime or changes required. I give the stability a ten out of ten.

I am a great admirer of scalability. Wiz scales very well. The only potential obstacle to perfect scalability is probably in the remediation workflow space. The product's availability is excellent. The scalability is almost there. However, by focusing on the remediation automation workflow, goals, SLAs, and projects, we can get Wiz to scale quite well. I give the scalability a nine out of ten.

The technical support is good. The only improvement I would suggest is that Wiz should make their information more publicly accessible, rather than requiring users to have a console account in order to access the portal. This can be an extra step for SREs who do not need to use the tool but still need to access the documentation. It would be helpful to have public documentation that can be accessed by anyone associated with the domain.

Positive

At my previous company, I used Aquasec and Prisma. When I joined my current organization, they were using Wiz.

The initial setup could not be more straightforward. 

We saw the value of Wiz right away. We had onboarded a company we had purchased within three weeks and set up Terraform, AWS, Kubernetes connectors, and BS connectors. We also created a staging environment and a production environment. I was working with SRE to manage posture and address CV-based vulnerabilities that we were seeing. Thankfully, Wiz had a great zero-trust approach and the solution was really good.

The deployment was completed by myself, an SRE engineer, and an SME from Wiz.

We have three different business units. Within those three business units, we have 341 containerized application endpoints. Our next step is to get these onboarded into Wiz, which will be a big project due to the number of applications and workloads. For Prism, the resources we have for both Azure and AWS for our core applications and Namely are all set and ready to go.

The implementation was completed in-house.

Now, with any organization, security is a cost center. However, with the model I suggested, we turn our global cybersecurity team into a service model. This is one of the service offerings we have for our cloud environments. The return on investment is not just a cost to the business, but rather, we provide visibility and coverage of the risk and its potential impact. If this particular issue became a security incident, it would have an operational and financial impact. Ultimately, who is the cost center? By providing a cybersecurity service internally to our customers, we can show them the return on investment. This is not just a cost, but a way to improve our overall security posture. We often say in security, "It's not if, it's when a breach happens." Therefore, it is important to be proactive rather than reactive, which will bring a return on the investment.

I wish the pricing was more transparent. We are in the discovery phase of onboarding other business units and looking at what our pricing looks like. Wiz is agentless and goes based on our projects and resources, so it is good in terms of pricing compared to others. There is room for improvement on our pricing models, so it would be nice if Wiz could share the price beforehand rather than onboarding and then having pricing based on utilization. Despite this, the pricing is fair given the capabilities and features that Wiz offers, as competitors are not doing this at the same level yet.

We evaluated Prisma Cloud by Palo Alto Networks and Aqua Cloud Security Posture Management. In an effort to achieve a single pane of glass, Wiz is the closest to doing that, which is a difficult task. Wiz does this through their security portfolio. Cisco also accomplished this with Cisco SecureX, a unified dashboard and single pane of glass.

Wiz has done a great job of being transparent about their roadmap and capabilities. They are not over-promising on delivery, which is important. In contrast, Aqua had a single pane of glass, but they moved on from one feature or module that wasn't perfected before moving on to something else, resulting in issues. Wiz does a good job of balancing the need to make money in the market and keep up with the times. Wiz is taking a slow and steady approach to winning the race. This is a major difference compared to other solutions. Additionally, Wiz's risk prioritization and user-friendly interface are impressive. From a design perspective, Wiz is trying to keep things as simple and organized as possible, which is very much appreciated by someone managing and running the tool for a vulnerability management program.

I give Wiz a nine out of ten. If Wiz can figure out the remediation workflow, I would put the solution close to a ten out of ten.

Although we are not able to consolidate tools with Wiz yet, the solution is getting there. It is on Wiz's roadmap. We will deprecate our SaaS and SCA offerings once Wiz rolls that ability out by the end of the year.

Very rarely do people truly conduct a thorough proof of concept. Analysts from Gartner or Forrester may not fully understand individual environments, as each one is unique. To get a better understanding, we need to compare side-by-side, setting up Prisma, Aqua, and Wiz. It will become clear how Wiz is a leader in the space, both from a technical standpoint and from a high-level view. Additionally, other solutions often lack up-to-date documentation, whereas Wiz takes documentation seriously and has excellent documents and revisions. Furthermore, Wiz's portal is user-friendly and prioritizes risk, making it stand out from its competitors.

With any solution, we want to conduct a health check. We schedule health checks with Wiz every six months to ensure the solution is well maintained.

My use cases for Wiz mostly revolve around cloud security posture management, compliance, internal opex reporting, and shift-left security tooling, centered around compliance and cloud security shift-left.

What I appreciate most about Wiz is that the compliance and CSPM aspects of this cloud-native application protection offering are genuinely better than other products available in the market. Having worked on Prisma, Orca, and Qualys as well, when I compare Wiz with everything else, it definitely has an edge. The graph queries and graph explorer in Wiz are exceptionally well done by their team, giving me a complete view of resources, how they relate to other resources in the account or in other accounts, and how they pose an external threat or risk.

I have created boards in Wiz for internal projects and teams depending on what product line it is, and I have tried creating custom dashboards. My experience with creating custom dashboards is that it is neither easy nor difficult; it is somewhere in between. Obviously, it is not the same as Power BI or any other visualization tool, so I understand it will not be at that level, but it gets the job done. I get a high-level overview of trends of the findings or non-compliant items, and it accomplishes what I need. I also do not expect it to be at that level because that is not what it is built for.

I really cannot think of anything that Wiz can improve, because the use cases I deal with have almost all features that cater to them, so I really do not have anything in mind right now.

One thing Wiz can do better is regarding support for the open-source fork of Terraform called OpenTofu. Many organizations are moving from Terraform to OpenTofu to save costs in licensing, but their documentation does not officially state that they are supporting OpenTofu, so that would be beneficial to have. Since it is just a copy of Terraform, it should not be a difficult addition, but that would be a valuable feature.

I have been using Wiz in my career for close to one and a half years.

I have seen some lagging or downtime a couple of times, but I am not sure why it happened. It was just a couple of times, and it did not impact what I was doing.

Wiz is very scalable.

I have contacted Wiz's technical support. The quality and speed of the support are very good; most of the time, I do get the answers I am looking for, and if not, the team works internally. If there is no feature, they raise a feature request for us, so it has been very good. On a scale from 1 to 10, I would give Wiz's support a 10.

Positive

The initial deployment of Wiz is very easy for me. The first time I deployed Wiz, it took me approximately 10 to 20 minutes, depending on the availability of the other team. When they are available, I usually get it done within 10 or 15 minutes, or even less than that when we have all the prerequisites ready.

Wiz does require some maintenance on my end, but it is minimal. The maintenance involves configuring connectors for Wiz, and it does require a few permissions for Wiz to scan the cloud accounts and other resources. That is the only maintenance needed, such as adding or updating the role in Wiz if other permissions or services introduced by the cloud provider are not covered.

I have used some alternatives and similar solutions to Wiz. I remember the names of those alternatives; one is Palo Alto's Prisma Cloud, and the other was Qualys' tool, which was kind of a makeshift tool, not a full-fledged CSPM, but they called it CSPM. When I compare Wiz to those tools, I prefer Wiz a lot more because it is definitely a couple of notches above all those tools. They have done much better with their UI, which is very organized, whereas Prisma is mostly a lot of acquisitions and a lot of tools stitched together and offered as a SaaS solution. Not saying it is bad, but Wiz does it better than what they have been doing.

I personally have not worked on Wiz Runtime Sensor, so I cannot really comment on whether it has helped identify active threats more effectively compared to any other solutions that I have used. We have plans, but not yet. I would rate this review overall as a 9.