The pricing is fair and comparable to their competitors. The cost seems to be going up, which is a concern. There are potential savings from consolidating tools, but we're uncertain how Wiz's pricing will change over time. It might follow a trajectory similar to Splunk. Early adopters got an excellent deal, but it became pricey when they became the market leader. Many CISOs are concerned about the longevity of Wiz's pricing model. It's becoming a go-to product that lots of folks are shifting toward.
I believe they're moving to a different licensing model. We are still grandfathered to the initial pricing models. What I do like is that the pricing seems pretty simple. We don't have to do a lot of calculations to figure out what the components are. They do it by enabling specific features, either basics or advanced, which makes it easy to select. But I'll have to see how the new pricing model will work for us.
Please share with the community what you think needs improvement with Wiz. What are its weaknesses? What would you like to see changed in a future version?
CyberSecurity Sr Manager at a retailer with 10,001+ employees
Dec 1, 2022
Something that we're starting to look into is identifying vulnerabilities for which we potentially need to delay the remediation. We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade. We don't have remediation prevention capabilities available through Wiz. We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately.
Director, Information Security at a computer software company with 501-1,000 employees
Dec 22, 2022
The only small pain point has been around some of the logging integrations. Some of the complexities of the script integrations aren't supported with some of the more automated infrastructure components. So, it's not as universal. For example, they have great support for cloud formation and other services, but if you're using another type of management utility or governance language for your infrastructure-as-code automation components, it becomes a little bit trickier to navigate that.
CyberSecurity Sr Manager at a retailer with 10,001+ employees
Dec 1, 2022
Initially, there was unplanned work when our cloud owners saw the risks in their environments. But because we were prioritizing what needed to be fixed first, they were able to utilize existing staff resources to address those vulnerabilities. We were not just trying to patch or fix something that might be low risk. Rather, we were always trying to identify where our critical issues were and address those first. If you're looking at Wiz but are concerned that your existing products already give you a lot of alerts, I would ask about your journey to the cloud and what you're focusing on. Are you mainly focusing on what I call CVEs and patching? Or are you looking into other areas like compliance and identity and access management pieces? If you are, then Wiz is definitely the right choice. It has to be driven based on that journey to the cloud. Visibility, once deployed, is one thing, and visibility prior to deployment is another thing. You should have a good understanding of what your requirements are and where you see the value of addressing any type of risk that is introduced into your environment. Understand what is important to you. Are you more focused on the CSPM features that are available through Wiz? Are you more focused on cloud infrastructure entitlements that are available through Wiz? Are you looking to remove existing agents that could create overlap, and how does that fit into your roadmap? Understanding your requirements for the type of information that you want to see out of the tool is going to be critical to understanding your use cases, and how your community is engaged with those use cases, regardless of how easy the tool is to integrate. Those are factors that are going to be vital to your success.
Director, Information Security at a computer software company with 501-1,000 employees
Dec 22, 2022
The biggest thing is understanding the hows of where your integration points are going to be. To someone who is looking at buying Wiz but is concerned that they already have a bunch of products that give them a lot of alerts, I would say that from an alert perspective, we haven't had a whole lot of issues related to alert fatigue from the system. We were very calculated in the implementation in terms of the things that we're seeing just for that reason. One of the things is that there could be areas where there might be overlaps in alerting. So, you can look at potentially consolidating those systems down into this single platform. Depending upon how you're doing some of the logging, alerts, and change detections in the environments, you can consolidate things like your vulnerability scanning. I would rate it an eight out of ten.
Download our free Vulnerability Management Report and find out what your peers are saying about Wiz, Orca Security, Lacework, and more! Updated: February 2023.
The pricing is fair and comparable to their competitors. The cost seems to be going up, which is a concern. There are potential savings from consolidating tools, but we're uncertain how Wiz's pricing will change over time. It might follow a trajectory similar to Splunk. Early adopters got an excellent deal, but it became pricey when they became the market leader. Many CISOs are concerned about the longevity of Wiz's pricing model. It's becoming a go-to product that lots of folks are shifting toward.
The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing.
I believe they're moving to a different licensing model. We are still grandfathered to the initial pricing models. What I do like is that the pricing seems pretty simple. We don't have to do a lot of calculations to figure out what the components are. They do it by enabling specific features, either basics or advanced, which makes it easy to select. But I'll have to see how the new pricing model will work for us.