No more typing reviews! Try our Samantha, our new voice AI agent.
Madhav Shyam Lakhera - PeerSpot reviewer
Cyber Security Engineer at a consultancy with 10,001+ employees
Real User
Top 20
Dec 6, 2025
Cloud risk posture has improved and custom dashboards and graph views provide deeper insights
Pros and Cons
  • "One feature I particularly appreciate about Wiz is that, similar to other cloud-native security tools like Microsoft's Defender for Cloud, it allows you to define policies as code and deploy them through a version control system with a continuous deployment pipeline."
  • "Wiz does encounter some glitches similar to other tools in the market; I remember facing certain challenges, such as problems scanning encrypted disks or discrepancies in the findings from already remediated vulnerabilities not reflecting accurately in the tool."

What is our primary use case?

My experience with Wiz varies on a case-by-case basis because I don't work on it daily; I engage with it when we need to research something that isn't fully implemented in the organization. Some elements are implemented, but they were done on a POC basis. I have hands-on experience where I've explored the environment extensively, checked vulnerabilities, and shared different findings with team members. So while I've worked with all that, I wouldn't classify it as part of my everyday BAU work, but I've been introduced to it in the last one or two years, max.

We have multiple subscriptions linked to Wiz, and we monitor various aspects including cloud security posture management findings. Compliance is another area we've focused on, where we've created our own compliance framework within Wiz. One feature I particularly appreciate about Wiz is that, similar to other cloud-native security tools like Microsoft's Defender for Cloud, it allows you to define policies as code and deploy them through a version control system with a continuous deployment pipeline. This functionality is also present in Wiz, where their Terraform provider enables complete documentation on controlling aspects directly in the Wiz environment. The major things we've worked on include deploying policies based on CSPM findings detected in Wiz, setting up our own framework and rules within those categories, and we've also worked with inventory management, as Wiz provides an AI-driven inventory that gives visibility into all cloud deployments. Wiz also helps manage vulnerabilities in various environments, such as Kubernetes clusters or Azure container apps.

In different organizational contexts, whether product-based or service-based, the customization of dashboards is highly beneficial. For instance, if I'm a startup or a large company using Wiz for multiple applications, custom dashboards allow me to categorize data from various feeds. Dashboarding becomes effective after managing categorization; I can define a project and add relevant resources or subscriptions under that project. Moving forward in the dashboarding section, I can set up custom widgets to view high-severity CSPM findings or risks, thus visualizing data based on specific filters and categories.

What is most valuable?

One feature I appreciate about Wiz is the graph controls, which allow for the correlation of multiple findings. For example, if a virtual machine has a critical CVE and is exposed to the internet, this links multiple vulnerabilities such as initial access types. Wiz attempts to categorize these different types of findings, such as CWPP and CSPM, and offers customization through graph controls where we can create our own contextual risk assessments in the cloud environment. Additionally, Wiz allows you to deploy aspects in the tool similarly to the GitHub model, which I appreciate. Its UI is also very smooth and categorized, making it easy to navigate and search through resources efficiently. You can create custom reports and dashboards in your own way, which are some of the major aspects I value in Wiz.

What needs improvement?

There is definitely room for improvement with Wiz. Given the scope of CNAP technology, which covers the entire SDLC from deployment to monitoring and APIs, it would be beneficial to enhance data integration capabilities. Wiz could partner with leaders in the market, such as Checkmarx, for example; while it currently supports Checkmarx in preview, there still needs to be significant enhancement in contextually mapping risks from pre-deployment scans, such as SAS, SCA, and DAST scanning results. Including these results would elevate contextual risk assessments to a higher level.

Wiz does encounter some glitches similar to other tools in the market. I remember facing certain challenges, such as problems scanning encrypted disks or discrepancies in the findings from already remediated vulnerabilities not reflecting accurately in the tool. These issues are not indicative of an overarching systemic failure but are worth noting as areas that could be improved upon.

Currently, Wiz doesn't consolidate tools effectively. Though it is starting to move in that direction with Checkmarx integration in preview, it lacks the maturity to fully replace other mature open-source tools. Wiz does offer some capability in SCA via CLI, but it falls short compared to its market counterparts and would benefit from further development in tool consolidation and correlation.

For how long have I used the solution?

I started using Wiz around two years ago.

Buyer's Guide
Wiz
June 2026
Learn what your peers think about Wiz. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,118 professionals have used our research since 2012.

What do I think about the stability of the solution?

During the POC, there were indeed a lot of alerts generated by Wiz. It's important to note that alerts vary in type; there are different classifications for vulnerability alerts, CSPM alerts, and contextual risk alerts. Each category has its own significance, meaning that while there may be a high volume of alerts, they can be beneficial and informative based on the context.

Wiz does encounter some glitches similar to other tools in the market. I remember facing certain challenges, such as problems scanning encrypted disks or discrepancies in the findings from already remediated vulnerabilities not reflecting accurately in the tool. These issues are not indicative of an overarching systemic failure but are worth noting as areas that could be improved upon.

What do I think about the scalability of the solution?

I rate Wiz's scalability a perfect 10 out of 10. During our POC, we successfully linked many subscriptions and could manage them effectively without encountering any scalability issues.

How are customer service and support?

I would rate the vendor's technical support as a nine out of ten. They respond swiftly and provide support when needed; for instance, when we experienced some initial trouble figuring out how to configure CCRs and validate results, the vendor was readily available to assist us over calls, clarifying both technical aspects and theoretical insights.

How was the initial setup?

I didn't handle the initial installation of Wiz directly; that task fell to the operations team responsible for deploying security tools. However, from what I gather, integrating Wiz into the environment is not complex. It primarily requires the creation of a service account with sufficient permissions for Wiz to access necessary resources, making the overall integration process straightforward. Challenges might arise from organizational dynamics when persuading stakeholders, but technically, the setup doesn't appear to be cumbersome.

What about the implementation team?

Many people participated in the POC phase with Wiz, involving different teams such as the operational team for deployment and others handling various security dimensions. Many teams contributed during the POC phase., focusing primarily on the security specialists without including end users.

What was our ROI?

I would have appreciated providing a more specific return on investment metric for Wiz, but since my experience with it is based on a POC without full implementation, I cannot precisely track its impact on time or resource savings. It hasn't been operationalized fully yet in our organization.

What other advice do I have?

My understanding of Wiz's pricing suggests it's not cheap. While I may not have direct involvement in pricing discussions due to different teams managing purchasing decisions, feedback indicates that Wiz is among the most expensive tools available. Though there's likely room for adjustment in pricing, it should be noted that, compared to tools such as Microsoft Defender for Cloud, which scales according to subscriptions, Wiz's pricing can be significantly higher when supporting multiple products within larger organizations.

Wiz was implemented as a POC, and while there were many subscriptions linked, I can share examples of its usage. For instance, when Log4j vulnerabilities emerged several years ago, we managed to quickly create a report through the Wiz dashboard, enabling us to identify all workloads impacted by a critical CVE. With resource tagging for ownership, this helped us reach out to the relevant individuals responsible. Although Wiz offers an option for service integrations such as Jira for issue creation if implemented fully, our approach was manual report generation, where we exported findings and alerted personnel to maintain a zero-issues status.

I would rate this review a 9 out of 10 overall.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: Dec 6, 2025
Flag as inappropriate
PeerSpot user
Senior Iam Engineer at a tech vendor with 10,001+ employees
Real User
Top 20
Jun 23, 2026
Unified cloud views have simplified finding infrastructure vulnerabilities and identity risks
Pros and Cons
  • "The UI is what I appreciate most about Wiz; the interface is really easy and not clunky."
  • "Wiz is not agnostic compared to other competitors in the market. If you want to add a new integration to another platform, it does not have an easy plug-and-play option for whatever platform."

What is our primary use case?

I have been working with Wiz for about two years. I use Wiz for vulnerability management, specifically finding infrastructure-related security bugs, particularly with Windows. I have also used it for a couple of months for identity-related purposes.

What is most valuable?

The UI is what I appreciate most about Wiz; the interface is really easy and not clunky. You can create many dashboards and a personal page for all the vulnerabilities you are trying to find. When it comes to your systems, users, and applications, having all of those attachments to your different platforms and being able to have the scans go throughout the platforms while pulling those vulnerabilities is really helpful with a nice user interface.

Wiz brings great integration into GCP resources, which is crucial for my previous organizations that were very heavily GCP-based. Wiz has seamless integration into GCP, AWS, Azure, Okta, and other large cloud platforms and SaaS platforms.

Wiz allows you to consolidate tools, but not all tools. It does not handle the nuanced type of tools, but the major tools it does allow you to consolidate from my experience.

The main advantage of Wiz is its user interface. A good interface makes it easy for engineers to not get fatigued from working with so much data and ensures it is not clunky-looking, as it is hard to identify issues. You want something that is visually appealing to identify risk, and having a good UI presents a huge benefit.

What needs improvement?

I would want to see Wiz improve by connecting to other major platforms agnostically, with the ability to connect to other platforms without needing to do too much integration. It requires a lot of alignment with different platforms for it to function properly.

I am not sure if Wiz has reduced alert fatigue in my organization, as I have not really looked into that aspect.

Wiz is not agnostic compared to other competitors in the market. If you want to add a new integration to another platform, it does not have an easy plug-and-play option for whatever platform. It requires integration to the proper tooling, and that is only from my experience with it.

For how long have I used the solution?

My experience with Wiz began six months ago.

What do I think about the stability of the solution?

I have not had any crashes, downtimes, or performance issues with Wiz.

What do I think about the scalability of the solution?

I find Wiz scalable and have tried to scale it up and out.

How are customer service and support?

I evaluate the customer service and technical support of Wiz as pretty useful. At my last company, we were able to have weekly calls with Wiz to talk about new updates and remediate any issues that we had. I would rate the technical support an eight on a scale of one to ten.

Which solution did I use previously and why did I switch?

I have used Exonius, but that is not a cloud posture platform; it is more of a logging platform or monitoring platform. I probably have used others, but I do not remember their names.

How was the initial setup?

Onboarding with Wiz is straightforward. I find it easy to teach myself how to use it, and I was able to figure it out within a week or two of just exploring it inside of Wiz.

What about the implementation team?

I was not involved in the setup deployment of Wiz.

What other advice do I have?

I have not utilized Wiz Defend. I do not use Wiz Code in my operations. I have not used the AI Posture Management in Wiz, but I have used Posture Management, though I only used it for a few weeks in the beginning.

I find Wiz Posture Management pretty beneficial in my overall cloud security strategy, as everything is in the cloud. Many companies use cloud resources, so I think it is pretty beneficial.

I have not utilized Wiz Runtime Sensor, as I am more infrastructure, networking, and compute-related, so I have not been involved in application risk and have not really used the runtime features for Wiz.

Wiz has not helped my organization achieve zero criticals in its issue queues. There are many critical issues that come up regularly, and having to tackle them means sometimes those critical issues cannot be resolved because of architectural issues. If you resolve it, there will be an issue within the architecture, so I do not think I have ever seen the critical issues get down to zero.

Regarding the cloud security democratization aspect of Wiz, I have only used it here and there for infrastructure-related items and touched some other cloud-related items, but from my scope, I do not think I have seen the actual impact it has on our entire team or organization. When I used it, I was a level one engineer, so I did not get to see the entire scope of its impact.

I have not used Wiz recently, but from my memory of using it, I did appreciate the identity platform and think that they should expand more into the identity area and make it more seamless for items such as RBAC or non-human identities.

I am not entirely sure how my latest company purchased Wiz, but my first company that I used it with bought it through Google's Marketplace.

I was not using Wiz post-sales support services.

My overall rating for Wiz is an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Google
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Last updated: Jun 23, 2026
Flag as inappropriate
PeerSpot user
Buyer's Guide
Wiz
June 2026
Learn what your peers think about Wiz. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,118 professionals have used our research since 2012.
Tanweer Ahmed - PeerSpot reviewer
Cyber Security Engineer at Tata Consultancy
Real User
Top 20
Nov 18, 2025
Streamlines cloud risk prioritization and accelerates resolution of critical vulnerabilities and IAM issues
Pros and Cons
  • "Wiz stands out for its strengths, particularly in agentless scanning and graph-based risk prioritization, in addition to its comprehensive CNAPP capabilities and multi-cloud coverage."
  • "There is also alert noise in larger environments that generates duplicate alerts for the same issues under different categories."

What is our primary use case?

I have used Wiz for security findings, which includes dashboards with the main purpose of Cloud Security Posture Management. Wiz scans all cloud accounts to detect misconfigurations, open ports, publicly exposed resources, and weak IAM permissions. I also utilize it for vulnerability management, such as VMs, containers, serverless functions, and any IAM risky visibilities. I use Wiz for all these things as I work on these areas most of the time. Essentially, it is a cloud risk tool that prioritizes the most critical issues, allowing me to address high-yield issues quickly with the help of Wiz's architecture.

Achieving zero critical issues in Wiz means eliminating all critical severity securities across the cloud platform, which is a significant goal for our cloud security teams. I utilize the Risk Graph to identify real critical issues, prioritizing the resolution of public exposures and patching high and critical CVEs. I track OS-level and package vulnerabilities that need fixing, and sometimes when our OS isn't updated, it flags the errors. My processes involve patching libraries, upgrading AMIs, and removing secrets found in workloads, such as rotating keys for public IPs or un-updated software and databases. It is critical to implement least privilege measures for IAM risks, ensuring admin access is minimized. Moreover, I encrypt all storage and use tags to separate non-production issues according to different environments such as dev, stage, or prod. Utilizing Wiz projects, I segment teams such as network, platform, application, or DevOps so that each team handles their assigned issues, boosting closure speed. I also automate workflows through Jira to create tickets for critical exposures or IAM risks. Thus, achieving zero criticals in Wiz reflects my commitment to eradicating public exposures, patching critical vulnerabilities, and addressing IAM risks, ensuring I adhere to cloud best practices.

What is most valuable?

I love this interface because it is very clean, neat, and easy to understand. It includes the CNAPP and CSPM security features and extensively uses detection for vulnerabilities and misconfigurations. Everything is present on the dashboard. My personal interest lies in agentless scanning, which I consider the most powerful feature. The unique capability I can highlight is Attack Path Analysis, which identifies the exact path an attacker can exploit by correlating network exposure and any misconfigurations. Additionally, the unified Risk Graph is a very strong feature that helps teams find the most critical issues. I appreciate the accurate prioritization, which saves a great deal of time. Overall, Wiz provides a full CNAPP platform, encompassing CSPM, vulnerability management, IaC scanning, and more. I really appreciate these elements, and the dashboard is also very good.

What needs improvement?

I do not identify many areas for improvement, but I believe dashboard customization is somewhat limited. While the dashboards are quite good, the variety of widget types is restricted; I cannot fully customize colors or create complex multi-level dashboards. There is also alert noise in larger environments that generates duplicate alerts for the same issues under different categories. Furthermore, remediation automation is limited; Wiz suggests fixes but lacks auto-remediation for many issues. Compared to Prisma, the auto-resolve options are fewer. Although I have heard about deeper container and K8s scanning capabilities, I do not have a clear understanding of what that entails. I perceive that real-time cluster events are also somewhat limited. Regarding the reports, I face limitations in fully customizing PDF reports.

For how long have I used the solution?

I have been using Wiz for more than eight months.

How was the initial setup?

The setup for Wiz is a one-time configuration, similar to setups in ServiceNow or Ultimatics. This one-time setup ensures proper cloud integration, assessing the type of cloud account, the API permissions in place, and avoiding mistakes during the initial configuration. It highlights any missing requirements, such as IAM roles or permissions, and shows failed connections to allow for quick fixes. Agentless scanning is feasible, so this setup ensures proper configurations are in place. Additionally, it aids the administration in understanding what has been completed versus what remains pending. In summary, it guides onboarding tools to configure cloud accounts, permissions, and integrations accurately and prevents security visibility gaps while reducing onboarding errors.

The deployment time is not measured in days, weeks, or months; rather, it typically takes between five to ten minutes at most. IAM configurations and similar setups may take about two to three minutes.

Which other solutions did I evaluate?

When comparing Wiz with other solutions on the market, I note that my initial experience was with Prisma Cloud. Wiz stands out for its strengths, particularly in agentless scanning and graph-based risk prioritization, in addition to its comprehensive CNAPP capabilities and multi-cloud coverage. However, I recognize that certain areas, such as runtime threat detection and response, might be handled better by other vendors; while Wiz excels in posture and risk analysis, its runtime protection may not be as advanced as specialized tools designed for workload protection. Other tools might offer better capabilities for behavioral or anomaly detection, as Wiz may not capture the most subtle runtime issues. For instance, scanning public and private buckets requires waiting for scheduled scans or conducting manual scans, which can take significant time to yield updated records. While other vendors might possess better flexibility, the overall effectiveness depends heavily on data size and volume. I observe that legacy security vendor solutions offer mature enterprise support, while newer CNAPP solutions such as Wiz move rapidly but face trade-offs in large regulated enterprises. Overall, Wiz receives high ratings for its innovation and speed, which are great qualities despite some areas requiring improvement. So, in summary, I consider Wiz one of the strongest CNAPP platforms due to its agentless scanning architecture, making it lighter to deploy than competitors such as Prisma Cloud or Lacework. Nonetheless, organizations needing deep runtime protection or specialized identity entitlement management might want to explore other platforms, but I can definitely recommend Wiz for various needs.

What other advice do I have?

For the dashboard itself, it is a very simple and clear function. I generally go to the dashboards to create and add widgets for vulnerability by severity, public exposure, or misconfigurations. I also include widgets such as graphs or tables based on my requirements. I utilize saved views for custom data, which filters the exact information I have in the dashboard, for example, all AWS EC2 instances with critical CVEs or public-facing VMs with secret keys. Multiple sections include critical compliance and posture scores, and I apply filters at the dashboard level too. Essentially, I have almost everything available in terms of customization. I simply need to understand how to use Wiz dashboard in conjunction with my project requirements. Although Wiz is a relatively new tool and I have only worked on a portion of its capabilities, I can refer to the documentation to successfully carry out the needed customizations.

I find the pricing to be cost-effective, as Wiz includes features that many other vendors lack. It seems reasonable when compared to alternatives. Overall, pricing can vary significantly based on Wiz's licensing of workloads, which depends on the number of VMs, containers, and functions I deploy. However, I can request volume-based discounts for larger deployments, especially if managing numerous workloads. Hence, I classify Wiz as cost-effective.

I notice that redeployment is generally very easy compared to other CNAPP tools because it is agentless. The agentless architecture permits multiple operations without the need for redeployment. I only need to connect to the cloud, set up scans, and ensure workload visibility, making the entire process straightforward.

The results from using Wiz have been quite positive; it effectively reduces alert fatigue within my organization. It is clearly a time-efficient solution, which enhances operational efficiency.

I indeed consolidate tools when using Wiz, effectively streamlining processes to enhance focus on critical risks. I would rate this solution a nine out of ten.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: Nov 18, 2025
Flag as inappropriate
PeerSpot user
Mubasshir Quadri - PeerSpot reviewer
Engineering Lead at Persistent Systems
MSP
Top 5Leaderboard
May 27, 2026
Cloud risks have become transparent and vulnerability management is now streamlined
Pros and Cons
  • "Wiz helps to identify active threats more effectively as it does active scanning on workloads, keeps looking into logs and images of virtual machines, and upon detecting threats, it checks possible connections through events and logs, giving visibility into where the issue started and exactly where it is."
  • "An area of improvement is that there is a lot of data inside Wiz and the naming is confusing, as similar categories for vulnerabilities and issues sometimes duplicate issues across resources, which can be hectic."

What is our primary use case?

I basically use it for vulnerability management, so from an admin's perspective, I am using it as an actual user of Wiz. It is for vulnerability management majorly, and to apply or review the compliances of the cloud environment.

How has it helped my organization?

Wiz helps to consolidate our tools. Wiz helps to identify active threats more effectively as it does active scanning on workloads, keeps looking into logs and images of virtual machines, and upon detecting threats, it checks possible connections through events and logs, giving visibility into where the issue started and exactly where it is.

Wiz helps to achieve zero criticals in its issue queues. Wiz reduces alert fatigue overall, but there is a learning curve; out of the box, it may increase noise if there isn't a proper architecture in place.

Wiz makes cloud security visibility clear for stakeholders, allowing them to understand risk posture, and does that really well. It creates a sense of ownership, as risk factors are presented, enabling anyone, including non-security and non-engineering teams, to use the tool if they are interested.

What is most valuable?

The biggest advantages of Wiz are that we can monitor multiple environments, as it has the capability to monitor multi-cloud models or architectures, providing visibility on a single page or tool. It also has AI integrations, so if you are finding a zero-day issue, you can calculate the risk score of that particular product and utilize that score to prioritize that particular CVE. If you are unsure about the resolution, Wiz also provides solutions and can craft custom PowerShell scripts to resolve a particular issue, all within the same tool, so you do not have to look elsewhere for solutions.

Wiz only provides visibility; if you want to take any actions, Wiz requires your consent to do it, so it does not automatically fix issues until you provide feedback.

We do have Wiz Code, but it is only for visibility, and we have not integrated it into our CI/CD pipelines yet, as it just gives us the library views and reports on DevOps content.

What needs improvement?

An area of improvement is that there is a lot of data inside Wiz and the naming is confusing, as similar categories for vulnerabilities and issues sometimes duplicate issues across resources, which can be hectic. While it doesn't cost much in terms of workloads, larger environments may incur higher costs based on architecture, and Wiz does not provide pre-configured reports but rather a dashboard requiring access to the tool.

For how long have I used the solution?

I am using Wiz for the last three years.

What do I think about the stability of the solution?

Wiz is stable; aside from the mentioned cons, there are no other issues from the tool's perspective, so it is about 99% stable.

What do I think about the scalability of the solution?

There is no issue with scalability; depending on architecture, you can scale Wiz anytime, as it has ready-to-deploy workloads utilizing cloud capabilities.

How are customer service and support?

Technical support is quite good; they help with configuration, cyber advisory, and provide support for any major changes needed.

Which solution did I use previously and why did I switch?

I have worked with Prisma, which is Palo Alto's CSPM, and Azure Cloud Security tools.

How was the initial setup?

Deployment for Wiz is not complex; various deployment types exist depending on the desired approach, primarily requiring keys and registrations to connect to environments, though installing workloads can be complicated.

What about the implementation team?

We are not using post-sales support, just the regular support for major configuration-related issues.

What was our ROI?

Wiz is worth the investment, and if everything is properly configured, it definitely offers value for money. I would say around 80% in ROI benefits. That is in terms of money and time; doing everything manually would take a lot of work and effort, and Wiz reduces both the workload and the need for manual thinking and human feedback.

What's my experience with pricing, setup cost, and licensing?

Wiz is fairly priced compared to competitors and fits well within a low budget. Wiz is less expensive than Microsoft and Palo Alto.

Which other solutions did I evaluate?

This particular integration of AI Security Posture Management is kind of new, introduced in one or two years, and for customers who have integrated their own LLMs or opted for special Azure or AWS Bedrock services, it is useful as it lets you know about security-related risks and provides visibility around AI-specific resources in the cloud, grouping risk factors, which helps present details in meetings.

The current AI integration makes Wiz good for those not using on-premises or other environments, but proprietary cloud tools like Azure or AWS excel in features and ease of deployment.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: May 27, 2026
Flag as inappropriate
PeerSpot user
Navaneet Upadhyay - PeerSpot reviewer
Principal Solution Architect at ACPL Systems Pvt Ltd
Reseller
Top 10
Jan 28, 2026
Automates security workflows and improves visibility across hybrid environments
Pros and Cons
  • "Wiz is very effective and very advanced compared to other solutions."
  • "When integrating multiple clouds like hybrid cloud with Wiz, these processes need to be more user-friendly because more scripting is required in this scenario."

What is our primary use case?

I use Wiz to secure code to cloud posture. We are using Wiz and also positioning Wiz to my customers, especially to protect their code environment, runtime environment like DevOps environment, and other code-related vulnerabilities in an automated way. Automating security processes is particularly helpful. We also provide CSPM and CNAPP ability to the customers.

I have created custom dashboards with Wiz for code-to-cloud scenarios, different scenarios, and for our whole infrastructure which is monitored through Wiz.

Wiz is very helpful to achieve a zero critical scenario. Wherever possible, it gives good insights and there is an ability to automate with AI scenarios. Their powerful AI engines also recommend best solutions to apply to identified vulnerabilities and identified gaps related to coding scenarios especially. It also suggests the best way to patch vulnerabilities and other related issues. This is really helpful.

What is most valuable?

Wiz is very effective and very advanced compared to other solutions. It is helpful to use and user-friendly from the customer's view. It is easy to use, easy to handle, and easy to customize for our scenarios especially.

Pricing in comparison to other solutions is good, but a little bit of discounting and flexibility if Wiz can offer to customers would be helpful. Training, vouchers, and certifications would help position this solution in the market. If Wiz integrates their certifications free with their solution positioning in the market for customers especially, it would be helpful. In comparison to the Microsoft product, it is not as costly, but for other products in comparison to other available players, it is a little bit on the high side.

What needs improvement?

Wiz may try to ease the connector positions. When integrating multiple clouds like hybrid cloud with Wiz, these processes need to be more user-friendly because more scripting is required in this scenario. Without a coder or without a deep administrator managing things, it is not possible to integrate clouds with Wiz dashboards. Some easy steps are required so that users who are not highly technical can do these things.

For how long have I used the solution?

I have been using Wiz in my career for approximately one year.

What do I think about the stability of the solution?

I have not observed stability issues in my scenario, and my customers also have not reported any major crises.

What do I think about the scalability of the solution?

Wiz is very much scalable. It totally depends on the workloads which are working on cloud scenarios, either GCP or Azure or any cloud scenario. It totally depends on your workloads. In cloud scenarios, workloads are always scalable, so Wiz is also scalable and adopts these things easily. There is no challenge.

Which solution did I use previously and why did I switch?

I have used Microsoft CNAPP and CSPM functionality very frequently, and also used Palo Alto Prisma CNAPP and CWP functionality. I can compare them with these two OEMs.

Which other solutions did I evaluate?

Wiz is OEM agnostic. It is able to integrate any cloud, either GCP, Azure, or AWS. Similarly, like Palo Alto, Wiz is OEM agnostic. Microsoft is more specific to Azure where it is easy to integrate with Azure and it is a native platform. For other platforms, there may be some complications, like AWS with other GCP and other suites like Oracle OCI cloud. However, Wiz is OEM agnostic, so it is helpful to integrate and manage hybrid cloud scenarios efficiently.

Pricing in comparison to other solutions is good, but a little bit of discounting and flexibility if Wiz can offer to customers would be helpful. Training, vouchers, and certifications would help position this solution in the market. If Wiz integrates their certifications free with their solution positioning in the market for customers especially, it would be helpful. In comparison to the Microsoft product, it is not as costly, but for other products in comparison to other available players, it is a little bit on the high side.

What other advice do I have?

Maintenance is required from time to time, as patching is required. If there are any latest updates available, then we need to just patch those updates. Integrations need to be monitored to ensure there are no gaps in the integration part. If we monitor multiple hybrid clouds, we need to be there and monitor these things also.

We deployed Wiz, but not for our internal use. We are just demoing and practicing scenarios.

I would rate this review a 9 overall.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
Last updated: Jan 28, 2026
Flag as inappropriate
PeerSpot user
Vikram Chakravarthy - PeerSpot reviewer
Cyber Security Engineer II (Vulnerability & Threat Management) at FICO
Real User
Top 5Leaderboard
May 26, 2026
Contextual risk insights have transformed how our teams prioritize and remediate cloud exposures
Pros and Cons
  • "The biggest impact Wiz has had on our organization is improved visibility and better prioritization, as previously mentioned."
  • "One important area for improvement in Wiz could be customization and reporting flexibility."

What is our primary use case?

Wiz is primarily used to identify risks, assert exposed workloads, identify publicly exposed resources, and prioritize vulnerabilities in our cloud environment. The main use case for Wiz revolves around cloud security posture visibility, risk prioritization, vulnerability exposure management, misconfiguration detection, and identifying toxic combinations of risks in our cloud environments.

Our main use case for Wiz is contextual prioritization. In many environments, there are thousands or millions of vulnerabilities, but not all are equally important. Wiz helps reduce noise by enabling security teams to focus on exploitable and high-impact risks first.

What is most valuable?

One of the best features of Wiz, in my opinion, is risk prioritization and the context for visibility. Another major strength is its cloud posture visibility across environments, supporting multiple cloud environments. The attack path visualization and ability to correlate vulnerabilities, exposure, identities, and permissions into a single risk view are very helpful for our security teams.

In our day-to-day work, the contextual prioritization feature reduces our investigation effort because analysts do not need to perform manual correlations related to vulnerabilities, exposure, or cloud asset permissions. Instead of reviewing thousands of alerts individually, the team can focus on high-priority risks where exposure and business impact are clearer. Another useful aspect is visibility across multi-cloud environments and the centralized posture management, which helps our team understand risk in one place instead of depending on fragmented visibility.

Wiz helps us by identifying a publicly exposed cloud asset with critical vulnerabilities and permission-related risks. Instead of reviewing findings separately, Wiz provides contextual visibility that shows which issues were internet exposed, whether they had vulnerabilities, and the high risks from a business perspective, which accelerates our prioritization remediation instead of treating every vulnerability equally.

Wiz improves efficiency because remediation teams receive more context about why something matters. Instead of only seeing a vulnerability, teams can understand the exposure, permissions, affected assets, and the business relevance. The biggest impact Wiz has had on our organization is improved visibility and better prioritization, as previously mentioned. The security teams in our environment are able to focus on meaningful cloud risks faster rather than spending too much time manually reviewing low-priority findings.

Wiz allows us to consolidate tools, meaning we can use a single tool for vulnerability management, risk analysis, and threat management, which the SOC team utilizes. It is a flexible tool, enabling every team to use Wiz to detect and defend their organizational posture. On the consolidation aspect, Wiz integrates multiple tools; for example, we have integrated Microsoft Teams and ServiceNow, allowing us to create tickets directly using a single tool and send notifications via Teams or Slack.

Wiz's runtime sensor provides visibility across multiple cloud environments, including AWS, Azure, GCP, and Oracle. It helps us prioritize vulnerabilities by discovering newly identified assets or vulnerabilities and has different signatures and policies compared to other CSPM tools, which proves to be very helpful.

What needs improvement?

One important area for improvement in Wiz could be customization and reporting flexibility. Sometimes organizations want deeper tailoring based on their internal workflows and governance requirements. If we can have customization for reports and dashboards, it will be helpful.

Reporting and dashboard customization can improve further, especially for leadership reporting that can be highly customized to meet specific workflows.

For how long have I used the solution?

I have been working in cybersecurity, particularly on vulnerability management-related tasks for around six years.

What do I think about the stability of the solution?

Wiz has been stable for cloud visibility and posture monitoring activities.

What do I think about the scalability of the solution?

Wiz scales well for our enterprise cloud environment and growing workloads because visibility requirements increase significantly in a cloud-first environment.

How are customer service and support?

The customer support experience typically depends on the complexity of the issues. When we raise a ticket with the support team, the deployment is handled well, and the support is generally good.

Which solution did I use previously and why did I switch?

We have used McAfee MVISION in the past. As we expanded our cloud, we switched to Wiz because it offers more visibility for our fragmented security approach.

What was our ROI?

We see a return on investment primarily from improved prioritization and reduced investigation effort. Instead of spending time on thousands of findings, teams can focus on the highest risk exposures, which improves remediation efficiency.

Which other solutions did I evaluate?

We compared Wiz with other CNAPP and CSPM solutions based on visibility, prioritization, cloud integration, and operational simplicity.

What other advice do I have?

My advice for others looking to use Wiz is to first understand their cloud visibility gaps. If an organization struggles with prioritization, cloud posture visibility, or encounters too many findings with little context, Wiz can provide strong value in addressing those issues. I rate this product 9 out of 10.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: May 26, 2026
Flag as inappropriate
PeerSpot user
Senior Cloud Architect at Commonwealth Bank of Australia
Real User
Top 20
Mar 30, 2026
Security scanning has consolidated cloud vulnerabilities and provides clear remediation paths
Pros and Cons
  • "Wiz gives a very good insight into how secure your software and code are and is quite good at consolidating the scanning results."
  • "Wiz is agentless, which is a plus, but the runtime and real-time detection could be limited, as it is not its strength."

What is our primary use case?

As a customer, I use Wiz myself, but because I work for the Commonwealth Bank, it could be a partner with Wiz. I don't have insight into this tool as it is a very large organization and was already in place before I joined, with other people having set it up, so I don't have that background.

So far, I am scanning for vulnerabilities in packages and dependencies. I use Wiz Code a bit.

What is most valuable?

What I like most about Wiz is that it is similar to other tools. Wiz has integrated with industry standards, such as security protocols and policies like Open OWASP and several others, based on my security standards for scanning packages, finding vulnerabilities, and providing fix versions based on its search and information retrieval.

I think it is at a good price and gives analysis while working well with other testing or pen testing tools that other security teams use to scan software to ensure it aligns with security requirements. Wiz helps because other tools, based on what they detect, usually reflect those fixes or remediations in other tools as well. Wiz gives a very good insight into how secure your software and code are.

Wiz is quite good at consolidating the scanning results.

What needs improvement?

Wiz is agentless, which is a plus, but the runtime and real-time detection could be limited, as it is not its strength. I could not give details on how limited it is. Its price could be high compared to others, and I feel it is expensive.

For how long have I used the solution?

I have been using Wiz for one and a half years.

What do I think about the stability of the solution?

I would give stability a nine because I did not see significant instability.

What do I think about the scalability of the solution?

I feel scalability is good, and I can give it a nine. We have many pipelines running Wiz scanning, and I have not seen Wiz pending or taking too long, which is a good thing.

How are customer service and support?

I rate support from Wiz an eight.

How was the initial setup?

Regarding installation, I just joined and used it, which might not be my area to comment on whether it is easy or difficult.

What was our ROI?

I see possible ROI with Wiz, but as I mentioned, I am not at that level of use. I just researched Wiz prices, and I got a feeling about it.

Which other solutions did I evaluate?

I do not have in-depth knowledge to give a detailed pros and cons analysis of Wiz compared to products such as OWASP, SonarQube, or Snyk. However, when comparing Wiz to Dynatrace or Snyk, I see they focus on different areas. Dynatrace focuses on code quality scanning, and Snyk may have more focus on security. Wiz scans artifacts or dependency packages, which is a bit different from SonarQube, as SonarQube scans code. However, Wiz is able to scan code and also manage the artifactory, dependencies, and their versions. This is quite similar to JFrog X-ray scanning.

What other advice do I have?

Wiz Code impacts the development workflow similar to SonarQube. Wiz Code can detect coding quality issues or coding conventions and those kinds of problems. Nowadays, we leverage AI tools for development. As a developer, I probably use AI for initial code, and in most cases, I just review and integrate, with the AI generating code programming. Wiz Code or SonarQube scans those codes and then gives a report. If we instruct the AI or do proper prompting, they usually give very good code that can pass the scanning.

AI security is definitely very important for our security strategy.

AI security posture management is important because if you use an AI tool, you need to protect your data. As a commercial company or even a government organization, you do not want to leak sensitive data such as PII or other organization-related data to the AI, especially in uncontrolled environments. When we use AI tools at the Commonwealth Bank itself, we are only allowed to use internal AI, which means it has many regulations in place, including guardrails, and the deployment environment looks at both input and output, ensuring that data does not go to the internet. This protects organization-level data and filters unnecessary inputs and outputs.

For Wiz Runtime Sensor, I am not quite familiar with it, but I know that this tool is meant to find dynamic analysis at runtime. I probably have little practice with another tool called OWASP ZAP.

I think the alert fatigue from Wiz is quite similar at the same level as the other scanning tools. If it detects any critical or high vulnerabilities, it alerts you. You can set up alerts based on your standards or rules to send alerts. With alerts based on findings, it allows you to set alerts on multiple domains such as vulnerabilities. For example, you might have critical CVEs on an EC2 instance and send an alert. It could also be scanning identity risks and possibly security exposures such as secrets exposure. Wiz covers a lot, including data exposure and attack paths. In alerting, it gives very clear information such as severity, affected resources, risks, and possibly an attack path description explaining how an attacker might use that vulnerability. Wiz includes such information based on severity, affected resources, attack paths, risk descriptions, and possibly remediation guidance.

If I summarize everything about Wiz, it deserves an eight in general.

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: Mar 30, 2026
Flag as inappropriate
PeerSpot user
Pratik Vandariya - PeerSpot reviewer
Sr. Technical Lead Support Executive at Jekson Vision
Real User
Top 20
Nov 7, 2025
Has increased inventory visibility and significantly reduced operational mistakes through improved threat identification
Pros and Cons
  • "The best features of Wiz are its security capabilities, providing the best security for pharmaceutical products and industries, along with the required dashboard containing customer details and inventory management features."
  • "There is room for improvement in Wiz, particularly in operator management, as general operators may lack the necessary knowledge, requiring an easier-to-understand tool."

What is our primary use case?

I'm working with Jackson Vision, the track and trace provider, and we have been using Wiz for six years. We use Wiz as a portal similar to an ERP tool, managing customer inventory for security purposes and vulnerability management.

What is most valuable?

The best features of Wiz are its security capabilities, providing the best security for pharmaceutical products and industries, along with the required dashboard containing customer details and inventory management features.

The runtime sensor in Wiz helps identify threats effectively as it integrates with machines and operates on a hierarchy-based system with different rights for operators and supervisors.

The benefits of using Wiz are significant as we provide a solution based on 21 CFR standards for security and audit purposes, making it the best tool for these needs.

With Wiz, we achieve almost zero downtime and zero fault management in its issue queues.

Using Wiz saves us a significant amount of time and resources, with an almost thirty to forty percent return on investment.

Wiz has significantly reduced alert fatigue in our organization, addressing operator-level mistakes that used to be common in manual processes before we adopted automation.

Wiz has been the best tool for consolidating our solutions.

What needs improvement?

There is room for improvement in Wiz, particularly in operator management, as general operators may lack the necessary knowledge, requiring an easier-to-understand tool. We also need all tasks and dashboards to show completed activities and next steps along with SOPs for missed steps.

For how long have I used the solution?

I'm working with Jackson Vision, the track and trace provider, and we have been using Wiz for six years.

What do I think about the stability of the solution?

I rate the stability of Wiz as almost eight out of ten, indicating good performance with limited downtime, bugs, or glitches.

What do I think about the scalability of the solution?

Wiz is a very scalable product, as we operate in sixty-five countries and serve the pharmaceutical industry well, rating it eight out of ten for scalability.

How are customer service and support?

I rate the technical support of Wiz as eight out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We are not currently comparing Wiz with other solutions as we have our research team looking for the best solutions available.

How was the initial setup?

The deployment of Wiz is easy.

What about the implementation team?

Deployment takes almost three to four hours, and our IT teams facilitate this process. We have around two hundred fifty to two hundred eighty customers who work with Wiz, and our team and IT teams are knowledgeable about it.

What was our ROI?

Using Wiz saves us a significant amount of time and resources, with an almost thirty to forty percent return on investment.

What's my experience with pricing, setup cost, and licensing?

The pricing of Wiz is cost efficient.

Which other solutions did I evaluate?

I find Wiz to be better compared to other software, and we are currently progressing, rating it seven out of ten against any master product or company.

What other advice do I have?

I have experience with Wiz and can provide a review. We are manufacturers of pharmaceutical machines and provide integrated solutions for track and trace, but we are not partners or resellers.

Wiz requires maintenance including patching and updates; if we encounter issues on-site, we update accordingly.

We purchased Wiz from the AWS marketplace, and many of our customers are utilizing the cloud-based solution we provide them, along with the portal that includes all necessary details for them.

We recommend Wiz to other users, such as Life Pharma in Dubai. I rate this product a nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: Nov 7, 2025
Flag as inappropriate
PeerSpot user
reviewer2860287 - PeerSpot reviewer
Senior Cloud Security Engineer at a wholesaler/distributor with 201-500 employees
Real User
Top 20
Jun 22, 2026
Comprehensive cloud security has improved visibility and enabled precise threat response
Pros and Cons
  • "Wiz has positively impacted my organization by stopping security incidents, giving us full visibility in our cloud environments, and providing us with the confidence that we can use the tool not just for security but also for operations tooling, DevOps, code scanning, and all of the above."
  • "Wiz's pricing model is very poor."

What is our primary use case?

My main use case for Wiz is cloud security, infrastructure as code, threat detection and response, and application security.

For example, if we have a cloud resource that has an Amazon GuardDuty alert, we will use Wiz to ingest the log, and we review it for security reasons and use that information in our alerting pipeline. Wiz is where we ingest all the information and logs.

My main use case is to scan cloud infrastructure for misconfigurations, issues, security threat intelligence, and more.

What is most valuable?

The best features Wiz offers include the scanning, the ability to map vulnerabilities to specific resources, the ability for GraphQL API integration, and their security graph when it comes to querying information, finding specific detections, and responding to them, and much more.

For example, we use many other automation tools that need to integrate with Wiz, and through the graph API or GraphQL API, we are able to call Wiz in a very specific way where if we want to automate anything, it is possible via their API.

There is a variety of features per team, such as cloud security, AI security, security operations center, and more.

Wiz has positively impacted my organization by stopping security incidents, giving us full visibility in our cloud environments, and providing us with the confidence that we can use the tool not just for security but also for operations tooling, DevOps, code scanning, and all of the above.

We have seen specific outcomes and information improve as a result, and we have definitely narrowed down more incidents that we might need to take care of with the tooling, which has given us wider visibility compared to when we did not have it.

Wiz allowed us to consolidate tools, and on the issues it gives us from the top level down—critical to informational—we are able to fully prioritize the things that are most important due to that capability.

What needs improvement?

Wiz's pricing model is very poor.

The pricing is out of control, but when it comes to the actual functionality of the tool, the tool is great.

On a scale of one to ten, I would rate Wiz an eight. I rate it an eight because internally, they have specific people who want to bulldoze you when it comes to signing agreements that are much higher priced than the value that you get. Wiz is great. Some people are great and some are not, so they are a little bit less willing to work with customers on their specific needs regarding things such as pricing versus other tools.

For how long have I used the solution?

I have been using Wiz for over four years.

What do I think about the stability of the solution?

Wiz is stable.

What do I think about the scalability of the solution?

Wiz's scalability is very good, and I have not had any issues yet.

How are customer service and support?

The customer support is fair; they are not great, nor bad.

Which solution did I use previously and why did I switch?

We started to use Wiz since their inception.

How was the initial setup?

Everything is very well set up; the UI is easy to use, and their API is great.

What about the implementation team?

We are just a customer without a business relationship with this vendor other than that.

What was our ROI?

I have definitely saved time, but money saved is still up in the air; there have been things that make us feel that is not the case. We also need fewer employees, partially.

What's my experience with pricing, setup cost, and licensing?

My experience with pricing, setup cost, and licensing has been very poor.

Which other solutions did I evaluate?

Before choosing Wiz, I evaluated other options such as Orca and Upwind.

What other advice do I have?

The extent to which the Wiz runtime sensor has helped in identifying active threats more effectively compared to previous solutions is pretty minimal.

My impression of the cloud security democratization aspect of the product is that it is one of the best sources of truth we have. It is extremely impactful on the organization, so it is definitely a tool we are going to use if the pricing is right.

We have gone through three technical account managers and have decided not to renew.

My advice to others looking into using Wiz is to make sure that you are working with the right account team, set up all of your integrations correctly, and take your time during your proof of value.

Wiz is a great tool, and we will continue to use it over time. I rate Wiz an eight out of ten overall.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: Jun 22, 2026
Flag as inappropriate
PeerSpot user
MohammedYasin - PeerSpot reviewer
Senior AI, SRE and Automation Engineer at a tech vendor with 5,001-10,000 employees
MSP
Top 20
Dec 9, 2025
Cloud security has improved and detects vulnerabilities across multi-account environments
Pros and Cons
  • "If anyone wants to secure their infrastructure, cloud environment, or Kubernetes cluster, I would strongly recommend Wiz as a tool because it is easy to use and user-friendly."
  • "Once you get a threat and fix it, to see that fix reflected in Wiz, you have to wait 24 hours. That is something I am not happy with."

What is our primary use case?

Wiz serves as our enterprise tool for securing our cloud platform. We use AWS as our cloud platform and have Wiz integrated across multiple accounts for IT, engineering, and other departments. Within IT itself, we have different environments including development, production, and stage accounts. In every account, we have Wiz integrated and use policies based on the environment. For example, the dev environment has a less secure policy while production has a high-security policy. Technically, we use Wiz for securing our cloud platform.

What is most valuable?

The best feature of Wiz is the ability to detect any security violations across multi-cloud platforms and the ability to integrate for creating security incidents and vulnerability incidents. It works very well for scanning the environment, detecting vulnerabilities, and reporting them based on our requirements. It can generate reports via email or create ServiceNow incidents. It has helped me identify threats more easily. When it comes to the Kubernetes cluster, we do not have any other option for detecting vulnerabilities. This is the only way we observe our Kubernetes clusters to determine whether they are secured or not. Regarding speed, I cannot compare it with other solutions, but so far, we are happy with the way it works.

Wiz has improved our business in many ways. While I do not know in numbers how it has helped the business gain more profit, as a technical expert and part of our IT architect team, I would say Wiz has helped tremendously to secure our cloud platform. There were many security vulnerabilities existing before we implemented this solution that were not at all in our attention because there was nothing to scan and report what was wrong. After implementing Wiz, it has helped significantly. There was a program for implementing high-security measures in our environment, and Wiz has contributed substantially to that program.

What needs improvement?

I feel there is a delay in detection, though I am uncertain whether this is due to our implementation disadvantage. Wiz can detect all the issues, threats, and security vulnerabilities, but the delay may be due to the time taken for running a scan because we have a 24-hour scan cycle. When I checked with the team, there was no on-demand scanning possibility. We still see improvement scopes in this area. It does the work, but we are not seeing the changes very fast. Once you get a threat and fix it, to see that fix reflected in Wiz, you have to wait 24 hours. That is something I am not happy with.

One improvement that I am looking for in Wiz is the capability for on-demand scanning. That should be available. Second, we should be able to see the fixes faster. Once a threat is detected and we apply the fix, we want to see that result updated in the dashboard or portal as soon as possible. If Wiz can detect it faster and update it in the portal, that would be beneficial.

For how long have I used the solution?

I have been using Wiz for more than two years, approximately two years and four months.

What do I think about the stability of the solution?

Regarding stability, it is stable. I would rate it nine out of ten.

What do I think about the scalability of the solution?

Regarding scalability, I would also rate it nine out of ten.

How are customer service and support?

I would rate the technical support of Wiz eight out of ten on a scale from one to ten, with ten being the best.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

When comparing Wiz with other software, I did not use any other software similar to Wiz for the same purpose. A similar tool was Qualys, but we used Qualys for a different use case. We used it for vulnerability scanning of our servers, not end-user devices. For securing or detecting threats from cloud accounts, I do not have any other tool that I am aware of. Qualys is another vulnerability management tool, but the use cases are different, so I do not have the expertise to compare.

How was the initial setup?

Deployment took approximately three months.

What about the implementation team?

From one to ten, with one being cheap and ten being expensive, I would rate the implementation cost a seven.

What was our ROI?

Wiz does require some maintenance.

What's my experience with pricing, setup cost, and licensing?

Wiz does require some maintenance.

Which other solutions did I evaluate?

My thoughts on the pricing of Wiz are that it is not cheap, but it is cost-efficient. From one to ten, with one being cheap and ten being expensive, I would rate it a seven.

What other advice do I have?

I would recommend Wiz to anyone. If anyone wants to secure their infrastructure, cloud environment, or Kubernetes cluster, I would strongly recommend Wiz as a tool because it is easy to use and user-friendly. It has tight integration with many tools out-of-the-box for sending alerts, creating emails, and creating incidents.

My advice to others looking to implement Wiz is that when you implement Wiz, if your hybrid environment is not managed properly, it will be difficult to implement. It is better to make some cleanup and ensure that the environment you are going to implement meets Wiz standards. If you do not take care of that and simply implement Wiz, you will encounter many issues being reported by the system. It is better to follow the prerequisite standards of your cloud account and then implement the solution. Otherwise, you will see many issues being reported.

Regarding whether Wiz has helped reduce alert fatigue, I do not have a definitive answer because we do not see that much decrease in the alerts. Initially, when we implemented Wiz, since we were not using any tool like that before, there were too many alerts. Because it was the first implementation, it started sending too many alerts. Later on, the alerts decreased, but this decrease was not because of Wiz itself. Rather, it was because we implemented security fixes wherever Wiz reported threats or vulnerabilities. That is how the number of alerts got reduced. I feel we can also customize the Wiz policy to reduce the number of alerts, but I am not at that level here, so I do not have that expertise.

My overall rating for this solution is eight out of ten.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: Dec 9, 2025
Flag as inappropriate
PeerSpot user
Buyer's Guide
Download our free Wiz Report and get advice and tips from experienced pros sharing their opinions.
Updated: June 2026
Buyer's Guide
Download our free Wiz Report and get advice and tips from experienced pros sharing their opinions.