Wiz Reviews

We use the solution as our cloud security platform.

We use Wiz across all of our GCP environments. We have approximately nine projects, around five thousand instances, and five thousand containers. As for AWS, it is relatively small; it consists of a few VPCs with around five hundred assets.

Wiz is the only security solution we use for our cloud platform. It scans data activity, potential exposures, and any efforts with overly wide permissions, especially when they involve semi-exposed ports of sensitive data. Wiz also tracks vulnerabilities, including zero-day vulnerabilities, and logs. We are taking advantage of the security graph and all its features to make it easier to track security across the board.

Wiz's ability to scan every layer of our cloud environment without any agents is why we have the ease of deployment that we can provide on the order level and view all the products, giving us a lot of value and immediate return on investment. Agents are required for certain use cases, such as blocking features or taking action immediately if something is not right, but we did not have that requirement. We created workflows to identify where the action is needed and integrated them with our ticketing system to assign appropriate urgency tickets, so the right team can work on it immediately.

Automated attack path analysis has been beneficial to us by helping us to identify what needs to be done when a vulnerability is discovered. It allows us to trace the attack paths from a potential point of exposure to the vulnerability and how it can be exploited. We can also determine how to mitigate the vulnerability, which is of great value from a remediation perspective.

Within the first two weeks of the deployment, we were able to limit all of our security issues in our production environment. We had been using another platform, but it lacked ease of use and we were not able to get all the details we needed. We replaced this solution with Wiz, and it allowed us to take action when an alert came in. We were able to drill down to the root cause and with the knowledge base that comes with it, we were able to fix issues and get rid of all our security issues. This was a huge value.

Having visibility into our risk detection with a contextual view to prioritize potentially critical risks is very important, as we do not have a large security or development team. If we were to receive twenty alerts, we would not have the capacity to address them all at once. Knowing the context of how this would impact the organization is of great value, as it allows us to tackle the most critical issues based on external exposure, exploitable areas, and the type of data behind the vulnerability. This context helps us prioritize, as all risks are not equal.

Wiz has helped us reduce blind spots in our restriction capabilities by 100 percent. We were running a tool that scanned for vulnerabilities, but we did not have an external exposure component or any context for it. We had just deployed the DSPM and were not able to look at many past levels. The tool we were using previously was just one ready assessment tool. Wiz adds a lot of value.

Additionally, since we have both e-commerce and SaaS, it is important for us to be compliant and isolated. Wiz makes this very easy as we are a hundred percent cloud-based. We can review our compliance and see all the efforts running in our cloud environment. If there are any controls that are not compliant with ISO software, we have set up learning on that and integrated it with IT and some tooling. This allows whoever needs to take action for their control to do so immediately, ensuring that we stay compliant.

I have limited resources in my department, but if I wasn't utilizing Wiz and used our old solution, I would need to acquire two to three more resources. Therefore, with Wiz, I can do all of the above with the existing resources instead of bringing on more tools and personnel.

The first thing that stood out was the ease of installation and the quick value we got out of the solution. I compared Wiz to two other products that we were sending to other clients for cloud security. We were able to get Wiz installed within a couple of hours for all of our cloud assets and we could see insights into our security posture within a couple of hours of the installation. Our DevOps team was very excited to see what they needed to work on. We addressed all the critical issues within two weeks of installing the solution.

The only thing that needs to be improved is the number of scans per day. We need to educate our auditors and ensure that scans are done more than once a day. If there is a vulnerability that is exposed, we can update it after the scan. We are currently scanning once a day, which is acceptable for UCSB. We are trying to figure out how to increase the frequency of the scans, as some universities do not wait a day before they know if something is exposed. Knowing earlier is always better.

I have been using the solution for six months.

We have not seen any outages with Wiz. The solution is stable.

Wiz is our e-commerce platform. That means we have approximately five hundred million impressions on our website per month, with around four million users.

This solution is very scalable; if I add resources to new accounts, they are automatically monitored. When adding a new account, no additional action is required; we don't even need to consider capacity, as it is already maximized.

Previously, we had an agent-based solution called Rapid7 which would alert us of any issues it identified. However, due to the outdated hardware, there was no context to the alerts, and we were overwhelmed. When I joined nine months ago, I noticed that the tool was being ignored and was a waste of money. Therefore, I began searching for a more effective solution that would provide context-based results without needing additional resources. We wanted something that would address real issues and provide five actionable alerts a day, with maximum outbound action taken if necessary. This is why we decided to switch to Wiz and discontinue the vulnerability assessment and API moderator tools.

Implementing Wiz was really easy - it took us less than two hours and could have been done in half an hour if we hadn't needed to run three scripts. We were able to enable it on the cloud and view the scripts. From a user perspective, we set up SSO for our engineers and integrated it with Jira and ServiceNow. Everything else was automated, including compliance controls and processes. We had two sessions with our customer service management team to learn how to investigate critical issues, exposures, and secrets stored in files. All in all, it took about a week to process, integrate, and get the platform running.

The initial setup was straightforward; we used the CAD tooling to run the scripts and followed the steps. We examined the scripts and used the original commands to implement Wiz, which took us about two hours. We had three people from the CA team, two people from the DevOps team, and one Wiz details engineer. From the implementation perspective, we had a DevOps engineer, a studio engineer, and a Wiz details engineer.

The implementation was completed in-house by our presales engineer and my DevOps engineer.

We have definitely seen a return on investment with Wiz. There are multiple ways that we are seeing this. Firstly, Wiz simplifies the process as we are now using one tool instead of two or three. Secondly, compliance is much easier as we can now get in-depth monitoring of controls from an ISO or software perspective. This would have previously required a full-time resource. Additionally, we now have more coverage with external exposure, cloud entitlements, vulnerability management, and malware detection. All of this is being managed with only one-quarter of a resource, whereas if we were to do all the same things without Wiz, we would have needed to add at least two team members and several different tools. This has resulted in a large return on investment, as we now have to keep up with software and ISO certification.

The cost of the other solutions is comparable to Wiz. We have credits that we can use for whatever features we need. We bought more than we needed because I wanted a customer success manager dedicated to our account. We have meetings with them every week and they help us with our roadmap and site plan. We bought more credits to make up for the minimum buy-in, but it still didn't exceed our budget. We got results with Wiz immediately; we installed it and met our goal during the four-week trial.

When we began searching for a replacement for Rapid7, we looked at Wiz, Lacework, and Datadog Security. After trying all three, we decided to settle with Wiz.

I give the solution a ten out of ten.

My self-management team is very cooperative. We have a set plan with them, and they help us to determine what the next steps should be. We have implemented certain items, and then they come back and suggest new features for us to consider. They educate us on how to take advantage of these features.

Prioritization based on the context is a big help. It helps us know what some of the tools we are using are and which ones are our production instances versus non-production instances where we don't have production data. If I have ten critical issues and only half a team member works on those issues, it's important that we know which one can cause the most damage and fix that first. 

I suggest running a trial of Wiz. It won't take much to set up the trial. We don't need to dedicate a team to implement it. Run a trial on one account and people will see the value right away. The ease of implementation and immediate insights will be noticed. Compare Wiz with other solutions to see if you are getting the same type of intelligence, contacts, space, and the whole path from service to underlying vulnerability or exposed secrets. 

Wiz can do what it would normally take us three tools to accomplish. The best thing to do is run a trial and the number of resources needed will be minimal. It's a one-day engagement and we can evaluate Wiz within two weeks of implementing it.

We have a stress manager and an engineer assigned to our account by Wiz, who are both very responsive. So far, we have not had to open a ticket for support.

The main reason to use Wiz is that its cloud security posture management makes it very easy to identify issues such as vulnerabilities, exposure, and exempted permissions. This helps us maintain best practices for our cloud environment and quickly identify risks. Without Wiz, we would need to use multiple tools and correlate the data to pinpoint the issue, then require a few engineers to work out a solution. With Wiz, we can quickly identify the problem, the solution, and how severe the issue is. This adds a great deal of value.

Public Cloud

The Primary use cases are within cloud security posture management, in which we identify misconfigurations and any type of what they call "toxic combinations" of risk and vulnerabilities that are affecting our cloud deployments.

In the last year we have enabled DSPM and expanded on CIEM use cases. 

In addition to the agentless functionality, we have deployed the Wiz Sensor and enabled Admission Controller in our Kubernetes workloads. 

We don't consider Wiz just a cyber security tool. What we have done is opened up the visibility to our cloud users. Now, our cloud users are able to see for themselves what is affecting their assets. It helps enable a shared model of responsibility for security. With the visibility that Wiz enables, our users are no longer receiving a report in the form of a spreadsheet. They're able to quickly see and navigate, and drill into anything, if they need to, to see what is affecting their environments. 

Now that we have given them visibility into what's running in production, through some of the capabilities available in Wiz, we are investing in how we can shift things and identify some of those issues earlier in the pipeline so that they don't have to worry about things after going to production.

In addition, the fact that Wiz is agentless and that it's leveraging APIs to give us visibility at the organizational or the account level, are factors that have definitely reduced some of the overhead that come with other technologies that use agents to attain the same results.

Another benefit is that it consolidates tools. We now have one tool that is capable of giving us vulnerabilities, not just on modern services or cloud-ready services, but also on traditional instances in which we would have been using an agent to be able to pull the information we need. The fact that Wiz is agentless and is capable of looking at traditional compute as well as modern compute has reduced the need for additional tools that are agent-based.

Out of all the features, the one item that has been most valuable is the fact that Wiz puts into context all the pieces that create an issue, and applies a particular risk evaluation that helps us prioritize when we need to address a misconfiguration, vulnerability, or any issue that would put our environment into risk. The fact that it's able to reveal those toxic combinations has been really key for us in prioritizing what to fix first.

Having visibility with a contextual view for prioritizing potentially critical risks has been quite important. Especially in the cloud, it's no longer about applying a particular patch or applying particular updates to address a CVE. It's more about, for example, how a combination of a misconfiguration with the fact that it's externally facing allows us to prioritize that to be addressed first. There's a higher risk for an externally facing asset that has a vulnerability with, potentially, a service account that has high privileges. We're able to say, "Hey, we need to fix that first," and not worry so much about a compute engine that might be vulnerable, but is still protected by some other security controls that are in place. Knowing where we gain the most value, from a security perspective, and where we can reduce the most risk, has been a critical piece of our adoption of Wiz.

The solution's Security Graph has been key as well. One of the things that Wiz provides is out-of-the-box dashboards, but the Security Graph allows us to pinpoint things by creating custom reports to target specific vulnerabilities. We have multiple use cases in which we can target, for example 

• a subscription ID that we are after, and that we are trying to prioritize for remediation
• if a particular CVE is part of our environment. 

Through the Security Graph, we're able to quickly determine those types of things. It also enables us to start looking at our assets and our inventory. It's almost human-readable. I don't have to write any type of RQL code. Rather, it allows me to quickly select, through the UI, the pieces that I'm interested in and build a report or query for it.

In addition, the automated attack path analysis is one of the factors that we use when we're prioritizing where we should focus first in our remediation. Understanding any type of lateral movement within an attack path helps us determine the type of urgency involved, as we try to prioritize what to address first. It has been very important in detecting assets that we consider valuable and quickly identifying if they are well protected.

Something that we're starting to look into is identifying vulnerabilities for which we potentially need to delay the remediation. We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade. We don't have remediation prevention capabilities available through Wiz. We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately.

We've been using Wiz for almost 4 years.

It is pretty stable. We initially had some problems with timeouts, but they addressed them and the platform has been quite stable.

We have not had any problems with being able to scale to meet our demands.

We did not have a previous solution for the cloud.

It was straightforward. We did it in partnership with Wiz.

We have it deployed across multiple public clouds and it's deployed at the organization level. All of our application teams and our 250-plus cloud users are able to see the data through Wiz.

We started with one FTE on Wiz and, since then, we have grown the team to three FTEs. 

In terms of maintenance, no solution is perfect. We have been able to identify issues on the platform and to engage support to either address the bugs and issues that we see, or to enable a feature enhancement for a particular use case.

We have seen ROI from Wiz and we continued to see value in Wiz. Although we have been using Wiz for close to two years, one of the key items that we are still driving is adoption. The more cloud users that adopt the tool, the more value we gain from it. We still continue to see value added. 

In terms of immediate benefits, the first major benefit was asset management. We got a better understanding of the type of workloads or services that were being run in our cloud. The second benefit was around vulnerabilities. Wiz quickly proved that a lot of our application teams were not following best practices related to patching. We were able to quickly tell a story: although you are using a modern service in the form of a container, you are not maintaining the container image in a way that prevents vulnerabilities.

One of the main values that we see is that as a SaaS platform, Wiz continues to deploy new features. As those new features are enabled, more value is being gained by us and by our community.

I believe they're moving to a different licensing model. We are still grandfathered to the initial pricing models. What I do like is that the pricing seems pretty simple. We don't have to do a lot of calculations to figure out what the components are. They do it by enabling specific features, either basics or advanced, which makes it easy to select. But I'll have to see how the new pricing model will work for us.

We evaluated Aqua Cloud Security Posture Management, Prisma Cloud, and Orca Security. Wiz seems to be more user-friendly. It enables a user to quickly identify risks with minimal intervention. That was definitely a positive factor and a welcome one because it's less hands-on than some of the other tools.

Also, the fact that Wiz is able to see and contextualize multiple components or issues, provides a richer way of looking at risk. It takes into account not just a particular vulnerability that is CVE-driven, but also items like misconfigurations, over-privileged service accounts, and other factors that help us better prioritize our risk.

Initially, there was unplanned work when our cloud owners saw the risks in their environments. But because we were prioritizing what needed to be fixed first, they were able to utilize existing staff resources to address those vulnerabilities. We were not just trying to patch or fix something that might be low risk. Rather, we were always trying to identify where our critical issues were and address those first.

If you're looking at Wiz but are concerned that your existing products already give you a lot of alerts, I would ask about your journey to the cloud and what you're focusing on. Are you mainly focusing on what I call CVEs and patching? Or are you looking into other areas like compliance and identity and access management pieces? If you are, then Wiz is definitely the right choice. It has to be driven based on that journey to the cloud. Visibility, once deployed, is one thing, and visibility prior to deployment is another thing. You should have a good understanding of what your requirements are and where you see the value of addressing any type of risk that is introduced into your environment.

Understand what is important to you. Are you more focused on the CSPM features that are available through Wiz? Are you more focused on cloud infrastructure entitlements that are available through Wiz? Are you looking to remove existing agents that could create overlap, and how does that fit into your roadmap? Understanding your requirements for the type of information that you want to see out of the tool is going to be critical to understanding your use cases, and how your community is engaged with those use cases, regardless of how easy the tool is to integrate. Those are factors that are going to be vital to your success.

Wiz is an agentless cloud assets vulnerability scanner. You don't need to install anything to use any of the machines. It takes snapshots and then scans it. It is interesting because all other scanners need to install some agent.

This solution is designed to be agentless. This approach saves bandwidth and other resources. Nobody needs to report anything or send packages to the backend. Everything operates as a SaaS solution. They perform snapshots and alerting, converting the data into metadata, which they then analyze and return. Thus, the SaaS solution handles the entire process without requiring additional effort from us.

Wiz is a very powerful and easy-to-use tool. It's highly customizable, allowing us to manage many custom features effectively.

You need to enter numbers manually. Now, everyone has to press to proceed. Wiz still requires managing all the numbers on the web page. Wiz could enhance API integration with ServiceNow and Jira. 

I have been using Wiz for six months.

The initial setup is straightforward and takes two to three weeks to complete.

Wiz is quite expensive. However, having a comprehensive view of your cloud environment is essential. On-premises systems are much easier to track, but managing numerous instances in the cloud requires enhanced visibility.

We are paying 250k per year.

For our business case, we needed Wiz to meet regulatory requirements and quickly identify public exposure vulnerabilities, such as publicly accessible instances or resources. This information immediately helps prevent vulnerabilities within your business environment, providing a cybersecurity advantage. While this doesn't translate to direct financial benefits, it helps prevent potential breaches and escalations, which is invaluable. Like other security tools, Wiz incurs a cost, but its value lies in enhanced security rather than financial gain.

Wiz's scanning and detection capabilities can identify vulnerabilities potentially affecting the cloud or exposure. It's not solely focused on database issues. It performs various tasks effectively. The categorization is excellent, the dashboards are informative, and the reporting features are robust. Additionally, you can create highly customizable reports.

Everything works using a CI/CD pipeline, which is very good because every DevOps engineer can manage it by simply creating some code around the message request. Wiz works fine and is fully compliant with CI/CD. The workflow and the tasks align with industry standards.

We can configure any compliance framework for checking with Wiz. For example, you can select frameworks such as GDPR, AWS Fundamentals, and CI/CD. You can configure the tool based on the recommendations provided by these frameworks. If your company has specific requirements, like allowing an 8-character password while the state requires 12 characters, you can customize the settings accordingly. Wiz will then assess compliance based on these customized parameters, and if everything meets the set criteria, it will confirm that you are compliant.

You have everything in one dashboard. The dashboard and reports are quite literally perfect. Since everything is in one dashboard, you can customize the reports to show only the columns you want to see. For example, you can exclude low-risk items so you don't get notifications about low-risk issues that do not impact your compliance status.

Wiz has some AI features for consolidation, but it's not customizable. What VMware offers is similar, but there's not much to choose between. You either have a batch compliance agreement, or you don't. Wiz's framework complies with requirements, or it doesn't. It's a vulnerability management tool similar to Kangaroo but with better AI documentation features. You can ask questions about how to do something, and the AI will provide the relevant information. This feature is built into the system.

Overall, I rate the solution a ten out of ten.

On-premises

Wiz allows us to get a view into what's happening in our cloud environments, helping us see the gaps, how things are connected, and it aids in CVE monitoring, especially during incident response as we're able to look at what that environment or host might look like, how it connects, and how big of an issue this might be versus how small it could be, along with other indications gathered from Wiz's reporting that help us better understand what's happening and how it might have all started.

We have created a couple of custom dashboards and charts for Wiz to help keep track of specific environments. One example is when we were looking for certain types of activities; it allowed us to create a singular place to see the events in the subscriptions of interest that needed remediation, bringing it together quickly, allowing us to take action and track progress as things were fixed.

Zero Criticals is the dream for us; that's our goal, and we've made good progress, with Wiz allowing us to see everything together in an easy-to-understand way, giving us a path to have conversations with the business about what can be done from policy or user education standpoints to prevent recurring issues that need remediation, resulting in improved numbers and positively impacting our approach over time.

Wiz has enabled us to consolidate tools. Having multiple cloud providers presents challenges as each has its own versions of security products, leading to the problem of needing to monitor three different tools, which do different things. Wiz helps standardize alerting and responses while allowing us to fill in the gaps since many tools don't do CVE analysis and reporting, resulting in time savings and less effort in creating detections to fill those gaps.

Wiz helps us consolidate our alerting process. I am a strong advocate for avoiding alerts that do not add value to our environment. It's especially crucial to eliminate alerts that are single-instance or one-off occurrences. Instead, we need detections that tell a comprehensive story. Additionally, we require a way to drill down into these detections to understand them fully. Wiz has surpassed other tools across the multi-cloud landscape in alerting us to the issues that truly matter. It presents the information in a manner that allows us to address and remediate those issues effectively.

Wiz also includes excellent remediation steps within the detection, helping us understand what is happening. Our SOC team comprises individuals with varying levels of seniority and experience in the cloud, which can present challenges for skill development. Therefore, it is vital that we don’t just receive a barrage of noise in our SOC; we need information that clarifies what actually happened. Being able to communicate to the business how to resolve these issues is extremely important to us. Wiz has filled the gaps where other tools excelled in one or two areas but failed to provide a complete picture.

My favorite feature of Wiz is how it gathers information together; instead of generating a thousand independent signals, it rolls that up and shows you within that environment how all the different toxic combinations contribute to a critical alert, making it an issue worth responding to, unlike many other vendors or tools that show singular things which may appear small, but when looked at holistically, are actually part of a much bigger issue needing attention.

Wiz has significantly reduced alert fatigue in our organization. One of the key functions is that it groups together elements that can form toxic combinations. Instead of treating a policy violation and a critical CVE as separate issues that would generate two different alerts requiring two different tools, it consolidates them into a single event. This allows us to identify problems more effectively. For example, if I see a high or critical CVE alongside a policy misconfiguration tied to an account, I know I need to address both issues. This grouping enables us to take action rather than approaching it as a simple decision of whether or not to act on a single alert. Previously, I might see a policy issue and wonder if it’s significant enough to warrant attention. However, when these issues are combined, I can assess the full scope of what’s happening, allowing me to take appropriate action. I can also determine quickly whether something might be a false positive, preventing unnecessary investigations.With the critical issues we identify, we can confidently fix them and reach out to the right people without relying on a "hope" strategy or waiting for an hour of research to see if it turns into something actionable. Based on my experience with other tools, Wiz helps us bypass that frustrating process.

I believe they are on the right path. However, Wiz has a unique way of identifying issues. As part of its growth and maturity, I'm noticing that it is taking an approach where it not only detects problems but also provides solutions to fix them. This expansion into a more comprehensive ecosystem allows it to become a 360-degree product. Instead of just continuously pointing out findings and detections, it starts to integrate with existing solutions, reducing the cycle of repeated issues. We can learn from these mistakes, and ideally, they will only occur once, allowing us to address them effectively. I appreciate the continued growth in this partnership, as it aims to reduce the number of findings over time by tackling the root of the problem.

One significant area for improvement would be increasing automation. While they excel at identifying issues, we need assistance in minimizing the human hours required for tasks. Ideally, the process would become more automated, allowing us to quickly respond with steps such as: we found an issue, reached out, and fixed it immediately. In cybersecurity, if it takes several hours to address a concern and a human attacker is present, that delay can lead to severe consequences. We need more immediate measures in our response strategies.

I have been using Wiz for almost two years.

Regarding stability, I was pleasantly surprised by the performance of this SaaS provider. We haven't encountered any outages or issues with reports not running, finishing, or data being incomplete or inaccurate.

Scalability is great. We haven't faced any problems. There were no requirements like, “once you get to this point, you have to do this or that.” We were simply able to connect our accounts, and during our last round, our environment quadrupled in size. We didn’t have to make any adjustments or configuration changes; it just accommodated the growth. Even as some environments scaled back down, the service scaled back down with us, which has been a great benefit.

Regarding technical support, we haven't needed to contact them. All the questions and issues we encountered were addressed by our account team. It was very helpful not having to open a ticket and wait for assistance; our account team was knowledgeable about the tool and could provide immediate answers. This level of support was refreshing, as we didn’t have to deal with delays or uncertainty. Overall, we were very satisfied with the support we received.

For support, I would rate them a ten out of ten. They have great documentation and excellent support from the account team, which reduces how much you have to rely on technical support. I've dealt with other tools where the account team couldn't answer any questions, and the only option was to open a ticket and wait, sometimes for a day or two, for someone to respond. However, with this service, we received answers immediately and at the level we needed. Additionally, we received plenty of training and education without having to pay for expensive classes. So, I would definitely give them a ten in that area.

Positive

It was very easy to deploy. We were able to get everything set up quickly during a call with our Wiz account team. They walked us through the process, and once we connected the accounts, it was off and running. From that standpoint, it was great to easily tap into the different cloud providers. The experience was positive overall.

After the initial setup, the team also assisted us with health checks to ensure everything was functioning properly. They provided feedback and helped us make any necessary adjustments to permissions so that the tool would work effectively.

As for the setup time, we had a 30-minute call scheduled, and we managed to complete the setup within that timeframe. It mostly involved connecting the parent account and giving Wiz access to deploy the tool. After that, we were able to start viewing the results. So, in total, we spent about 10 to 15 minutes actually configuring it during that 30-minute window.

I’m familiar with their pricing. I believe it aligns well with what we typically see for security tools. It’s not unreasonable or outrageous. They have a great product that works effectively and fulfills its intended purpose. I don’t think there’s anyone else out there offering the same level, scale, or efficiency. While their pricing may be a bit on the premium side, it also enables users to consolidate tools, which can offset some of those costs.

A significant alternative out there is AWS GuardDuty. It operates within a single scope, analyzing your logs and identifying signals of potential issues. However, this can lead to high alert fatigue because it focuses on individual events. Instead of grouping and triaging alerts, it may send you multiple separate notifications for a single host or device performing several actions.

In addition, we've utilized scanners for Common Vulnerabilities and Exposures (CVEs) like Rapid7. This tool effectively scans for CVEs, but it requires thorough configuration, continuous monitoring of output, and the creation of reports to take necessary actions. This process is not on the same level as Wiz, which consolidates all of these tools into one platform.

We haven't used Wiz Runtime Sensor; we've seen demos and it looks really cool, but it's not something we have implemented.

I believe there isn't a perfect tool, but Wiz comes very close, continuously growing and expanding to add more value into its ecosystem, and I'm happy with it. I would rate Wiz a nine out of ten.

Public Cloud

Amazon Web Services (AWS)

We use Wiz in our cloud security management by connecting it to our main cloud environment and other multi-cloud solutions. It helps us consolidate and manage information and risks, dividing them between VPCs and business units. Wiz keeps all information up-to-date and helps us identify any toxic connections within our cloud implementations.

The most valuable feature of Wiz is that it keeps information up to date without needing to perform scans or schedule maintenance windows. It provides a fresh snapshot of our vulnerability metrics. It also helps us make decisions on improvements, maintenance, or updates for our systems. Regarding compliance and governance, Wiz streamlines our vulnerability management to meet specific needs effectively.

The reporting should be improved because until a few months ago, the reports were only in CSV format, which made it difficult to clean up. Wiz tried to improve the reporting process, but it's not as valuable as Tenable.

I have experience of using Wiz for more than a year.

Wiz was quite scalable and easy to manage initially. However, as the solution became more costly with our growth, it posed some challenges. We had to work on managing costs and scaling according to our needs, which required some effort, but we were able to find a balance in terms of pricing and performance.

It is difficult to get in touch with them initially. We had to get in touch every for our queries related to AWS and GCP marketplaces. However, once you need to discuss numbers, they are very responsive. 

Positive

I have worked with Tenable and Qualys. Wiz stands out in deployment ease and resource consumption compared to Qualys or Tenable. Its simplified processes and snapshot features make it a preferred choice.

The initial setup was easy. We need to key details, therefore setting up Wiz very easily. It’s easier than Tenable, which requires deploying infrastructure and handling the associated costs. Deploying Wiz took about one month due to our multi-cloud services, but the main cloud service took less than a week.

Wiz requires no maintenance since it is a SaaS, but if we need to deploy a new service or have any issues, the technical support is really helpful without additional costs. Once integrated, it is very easy to maintain.

We took help from an external account manager and a technical account manager from Wiz. Our team consisted of three people: a DevOps engineer, a TechOps engineer, and the person responsible for the implementation.

Using Wiz has significantly reduced our costs compared to having three separate solutions. We estimate a cost reduction of around 35% to 50%, or even more, due to consolidating our security management into one platform. This operational impact has been one of the most significant benefits we've experienced with Wiz.

Regarding pricing, it’s more than $100k because we have a very big infrastructure. Our environment supports around three thousand people, and we offer business-to-client financial services to around one million clients, so we rely heavily on Wiz.

We use the solution for security from external attacks and vulnerabilities and for container security.

With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment.

The solution's container security could be improved. We have to install an agent. We need an agent that can be installed, or that can overview all the containers and Kubernetes so that it can detect malicious activities that are happening in them. If it happens, we need to have an option to take a remote from one console, like we do in EDR, and remediate all those activities.

I have been using Wiz for one year.

Wiz is a stable solution, and we haven't faced any breakdowns.

Around 10 to 15 users are using the solution in our organization. The solution is not in a place to take up scalability requests.

The solution's technical support was timely.

The solution's initial setup was easy, and the onboarding was very simple.

The solution is deployed pretty fast. We deployed the solution last year, and it was on boarded and in production in less than a week.

Wiz is a moderately priced solution, where it is neither cheap nor costly.

Before choosing Wiz, we evaluated and did a POC with Prisma Cloud And Tenable. We chose Wiz because Prisma Cloud was costly and out of our budget, and Tenable did not satisfy most of our requirements.

You can choose to use Wiz if you're not looking for a container deduction and response or Kubernetes security. The solution is deployed on AWS Azure and a private cloud in our organization. The solution's compliance reporting capabilities increased the score of our security scorecard.

Overall, I rate the solution an eight out of ten.

We are primarily using Wiz for vulnerability scanning on our servers. If there is a vulnerability, we work on remediating it.

A valuable feature is that Wiz helps in identifying vulnerabilities. We can get information like remediation suggestions and links to understand vulnerabilities better. Additionally, we can download reports for all servers at the same time, which saves us the need to check each server individually.

In Wiz, if there is one vulnerability that occurs multiple times, it is listed only once. However, even if it is a single vulnerability in the same category, it repeats multiple times. This feature can be time-consuming as it requires continuous scrolling.

I have been using Wiz for one year.

Our team manager and the director have communicated with the vendor for support.

Neutral

There is another team responsible for the deployment part, so I did not work on that.

We also use Qualys.

We use both cloud and on-premises versions. I mainly work on the cloud side but we use on-premises as well. I would rate the overall solution an eight out of ten.

Hybrid Cloud

Other

The solution provides visibility into our business integrations in the cloud environment. We have a multi-cloud environment, and the tool provides a visual representation of misconfigurations, including the risks associated with combinations of multiple misconfigurations. Additionally, we use the solution to track resources provisioned in the cloud for compliance with our organization's baseline controls. Wiz is deployed as a SaaS.

Wiz helped us reduce blind spots in our risk detection capabilities; the older tools we previously used did not offer the same level of visibility and capability. The solution can validate exposures, which we can then communicate to the application team, allowing the developers to configure their applications to be more secure.  

Our most important features are those around entitlement, external exposure, vulnerabilities, and container security.

The Wiz Security Graph provides a single prioritized view of risks in our cloud environments. The query functionality also helps us write custom queries and quick searches, allowing us to find vulnerabilities and prioritize externally exposed servers or resources. We can then use other tools to segregate outcomes and prioritize actions between teams based on the threats. 

Wiz's ability to scan every layer of our cloud environments without agents gives us profound visibility into the vulnerabilities. The scanner can search the ports and running services, detecting vulnerable packages in the server. The solution also helps in the storage of Cleartext credentials; it can see if files contain cloud or private keys, whereas an agent-based scanner cannot. This visibility allowed us to fast-track remediation by informing the relevant teams about their vulnerabilities. 

Having visibility into our risk detection with a contextual view for prioritizing potentially critical risks is essential. Our environment is segregated, so it's crucial to understand what will happen if a particular resource is exposed to the internet. We need some context in the back end, including whether it's a production, nonproduction, or development resource, and it's important to attach the misconfiguration risk order. 

One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging.

The second area for improvement concerns grouping resources into a set. It usually works fine but it depends on the tags configured to the cloud platform. We can group resources into the same project, but we also need the capability to run a check on, say, 15 or 20 resources by grouping them into a compliance set. That would be a welcome improvement.

We've been using the solution for over a year. 

The solution is relatively stable; over the past year or so, we faced two minor issues around logins, resulting in around an hour of downtime. 

The solution is highly scalable; as it's a SaaS, we don't have to manage any back-end infrastructure. We can onboard whatever we want and purchase the additional licensing if necessary.

The technical support is quick and easy; as we were onboarded as new customers, we had Wiz representatives available for hand-holding during the deployment. Post-deployment, we faced a few issues around integrations and always got a response within a couple of hours, so I rate the customer support nine out of ten.

Positive

We previously used a Prisma product and switched because the technology was not getting upgraded, among other issues. We also disagreed with Palo Alto's vision about where they wanted to take Prisma, and we submitted meditation reports, bug reports, and feature requests: none of which were addressed.

During our market research, we found Wiz to be superior in terms of ease of use, plus we were impressed by the company's commitment to features and functionality. We discussed changes with them during the demo period, and they had already been implemented by the time we went into the POC, which was one of the reasons we decided to go with them. 

We saw that Wiz offers better visibility and builds a view based on correlated resource configurations, so we decided it was a better solution for us. 

The deployment was straightforward, as was the initial integration; we didn't have to customize many settings. We did some customization based on our integration environment, but we knew what we were rolling out as we had already carried out a POC. We integrated and onboarded all our cloud environments within a week or so.

One staff member was responsible for tool management during deployment, and as we were integrating into different environments, one to two representatives from each were also involved. Regarding maintenance, we set the rules and do some fine-tuning, but no tool maintenance is required.  

We started seeing the value of Wiz within a couple of months following deployment, as it helped us rapidly gain visibility that we didn't have previously. The product allowed us to visualize which servers were exposed to the internet immediately, the associated package logs, and so on.

We implemented the solution in-house, with on-call support from Wiz.

I'm not involved in the pricing or licensing, so I can't speak to it.

We tested the capabilities of several cloud providers.

I rate the solution nine out of ten. 

We have yet to explore the product's newer features, but we will conduct that exploration and enrollment very soon.

We attempted to consolidate tools using Wiz, but we have yet to be able to due to our organizational level of adoption, not because of any limitation with the product. We have both cloud and on-prem areas in our environment, so if we were to consolidate tools in the cloud, we would also have to replicate that in our data center.

To someone looking into buying Wiz but concerned that they already have a bunch of products that give them many alerts, I recommend the product because it significantly helps with prioritization. Not every alert is critical, but when it comes to combinations of multiple misconfigurations, these can be, and the solution highlights them as such. You can then start fixing the configurations step by step. At the same time, Wiz reprioritizes the vulnerabilities, meaning you can always be focused on the most pressing concerns, regardless of the number of alerts received. 

Additionally, whether someone implements Wiz or not depends on their technology. If they already have a product that does scanning and vulnerability correlation, then a product focused on handling the number of alerts is a consideration. For those using older Cloud Security Posture Management (CSPM) tools, I recommend they switch to Wiz, but if they have a newer one and are determined to stick with it, the switch is a more complicated case to make.