Wiz Reviews

I'm working with Jackson Vision, the track and trace provider, and we have been using Wiz for six years. We use Wiz as a portal similar to an ERP tool, managing customer inventory for security purposes and vulnerability management.

The best features of Wiz are its security capabilities, providing the best security for pharmaceutical products and industries, along with the required dashboard containing customer details and inventory management features.

The runtime sensor in Wiz helps identify threats effectively as it integrates with machines and operates on a hierarchy-based system with different rights for operators and supervisors.

The benefits of using Wiz are significant as we provide a solution based on 21 CFR standards for security and audit purposes, making it the best tool for these needs.

With Wiz, we achieve almost zero downtime and zero fault management in its issue queues.

Using Wiz saves us a significant amount of time and resources, with an almost thirty to forty percent return on investment.

Wiz has significantly reduced alert fatigue in our organization, addressing operator-level mistakes that used to be common in manual processes before we adopted automation.

Wiz has been the best tool for consolidating our solutions.

There is room for improvement in Wiz, particularly in operator management, as general operators may lack the necessary knowledge, requiring an easier-to-understand tool. We also need all tasks and dashboards to show completed activities and next steps along with SOPs for missed steps.

I'm working with Jackson Vision, the track and trace provider, and we have been using Wiz for six years.

I rate the stability of Wiz as almost eight out of ten, indicating good performance with limited downtime, bugs, or glitches.

Wiz is a very scalable product, as we operate in sixty-five countries and serve the pharmaceutical industry well, rating it eight out of ten for scalability.

I rate the technical support of Wiz as eight out of ten.

Positive

We are not currently comparing Wiz with other solutions as we have our research team looking for the best solutions available.

The deployment of Wiz is easy.

Deployment takes almost three to four hours, and our IT teams facilitate this process. We have around two hundred fifty to two hundred eighty customers who work with Wiz, and our team and IT teams are knowledgeable about it.

Using Wiz saves us a significant amount of time and resources, with an almost thirty to forty percent return on investment.

The pricing of Wiz is cost efficient.

I find Wiz to be better compared to other software, and we are currently progressing, rating it seven out of ten against any master product or company.

I have experience with Wiz and can provide a review. We are manufacturers of pharmaceutical machines and provide integrated solutions for track and trace, but we are not partners or resellers.

Wiz requires maintenance including patching and updates; if we encounter issues on-site, we update accordingly.

We purchased Wiz from the AWS marketplace, and many of our customers are utilizing the cloud-based solution we provide them, along with the portal that includes all necessary details for them.

We recommend Wiz to other users, such as Life Pharma in Dubai. I rate this product a nine out of ten.

Wiz serves as our enterprise tool for securing our cloud platform. We use AWS as our cloud platform and have Wiz integrated across multiple accounts for IT, engineering, and other departments. Within IT itself, we have different environments including development, production, and stage accounts. In every account, we have Wiz integrated and use policies based on the environment. For example, the dev environment has a less secure policy while production has a high-security policy. Technically, we use Wiz for securing our cloud platform.

The best feature of Wiz is the ability to detect any security violations across multi-cloud platforms and the ability to integrate for creating security incidents and vulnerability incidents. It works very well for scanning the environment, detecting vulnerabilities, and reporting them based on our requirements. It can generate reports via email or create ServiceNow incidents. It has helped me identify threats more easily. When it comes to the Kubernetes cluster, we do not have any other option for detecting vulnerabilities. This is the only way we observe our Kubernetes clusters to determine whether they are secured or not. Regarding speed, I cannot compare it with other solutions, but so far, we are happy with the way it works.

Wiz has improved our business in many ways. While I do not know in numbers how it has helped the business gain more profit, as a technical expert and part of our IT architect team, I would say Wiz has helped tremendously to secure our cloud platform. There were many security vulnerabilities existing before we implemented this solution that were not at all in our attention because there was nothing to scan and report what was wrong. After implementing Wiz, it has helped significantly. There was a program for implementing high-security measures in our environment, and Wiz has contributed substantially to that program.

I feel there is a delay in detection, though I am uncertain whether this is due to our implementation disadvantage. Wiz can detect all the issues, threats, and security vulnerabilities, but the delay may be due to the time taken for running a scan because we have a 24-hour scan cycle. When I checked with the team, there was no on-demand scanning possibility. We still see improvement scopes in this area. It does the work, but we are not seeing the changes very fast. Once you get a threat and fix it, to see that fix reflected in Wiz, you have to wait 24 hours. That is something I am not happy with.

One improvement that I am looking for in Wiz is the capability for on-demand scanning. That should be available. Second, we should be able to see the fixes faster. Once a threat is detected and we apply the fix, we want to see that result updated in the dashboard or portal as soon as possible. If Wiz can detect it faster and update it in the portal, that would be beneficial.

I have been using Wiz for more than two years, approximately two years and four months.

Regarding stability, it is stable. I would rate it nine out of ten.

Regarding scalability, I would also rate it nine out of ten.

I would rate the technical support of Wiz eight out of ten on a scale from one to ten, with ten being the best.

Positive

When comparing Wiz with other software, I did not use any other software similar to Wiz for the same purpose. A similar tool was Qualys, but we used Qualys for a different use case. We used it for vulnerability scanning of our servers, not end-user devices. For securing or detecting threats from cloud accounts, I do not have any other tool that I am aware of. Qualys is another vulnerability management tool, but the use cases are different, so I do not have the expertise to compare.

Deployment took approximately three months.

From one to ten, with one being cheap and ten being expensive, I would rate the implementation cost a seven.

Wiz does require some maintenance.

Wiz does require some maintenance.

My thoughts on the pricing of Wiz are that it is not cheap, but it is cost-efficient. From one to ten, with one being cheap and ten being expensive, I would rate it a seven.

I would recommend Wiz to anyone. If anyone wants to secure their infrastructure, cloud environment, or Kubernetes cluster, I would strongly recommend Wiz as a tool because it is easy to use and user-friendly. It has tight integration with many tools out-of-the-box for sending alerts, creating emails, and creating incidents.

My advice to others looking to implement Wiz is that when you implement Wiz, if your hybrid environment is not managed properly, it will be difficult to implement. It is better to make some cleanup and ensure that the environment you are going to implement meets Wiz standards. If you do not take care of that and simply implement Wiz, you will encounter many issues being reported by the system. It is better to follow the prerequisite standards of your cloud account and then implement the solution. Otherwise, you will see many issues being reported.

Regarding whether Wiz has helped reduce alert fatigue, I do not have a definitive answer because we do not see that much decrease in the alerts. Initially, when we implemented Wiz, since we were not using any tool like that before, there were too many alerts. Because it was the first implementation, it started sending too many alerts. Later on, the alerts decreased, but this decrease was not because of Wiz itself. Rather, it was because we implemented security fixes wherever Wiz reported threats or vulnerabilities. That is how the number of alerts got reduced. I feel we can also customize the Wiz policy to reduce the number of alerts, but I am not at that level here, so I do not have that expertise.

My overall rating for this solution is eight out of ten.

We are a Wiz user and partner, so we have an environment using Wiz, and our use case is to provide risk analysis. We have dashboards to understand the main risks and categorize them, and we use these to get the baseline and reports. We personalize some reports.

The best features of Wiz are the AI, risk analysis, the framework, and the compliance frameworks, so we can check if our frameworks comply with CCPA or similar regulations, and the toxic combination. We can identify active threats more effectively with granularity in databases, operational systems, and access keys, so the granularity of the Wiz view is the key for this kind of risk analysis.

We can provide an inventory, which is crucial when managing large cloud databases or environments such as AWS, Azure, or Google environments, where it's difficult to have one view for all cloud components. Wiz can accomplish this and easily provide the total inventory in the cloud.

Wiz has helped us analyze critical issues, and it can provide guidance on how to mitigate these issues to resolve them, offering step-by-step instructions.

An area that Wiz can still continue to improve is FinOps.

I have been using Wiz for almost one and a half years.

My experience with Wiz's support has been satisfactory.

Positive

We analyzed other options before choosing Wiz. For example, we looked at Orca, which lacks functionality such as toxic combination or resolving issues easily. Wiz can provide a better way to resolve critical issues, while Orca can show the issues but not truly resolve them.

We use Wiz in the cloud with AWS and GCP. We use both AWS and GCP almost equally. The time frame to achieve zero criticals in our issue queues depends on the environment. While we don't achieve zero criticals, some problems can be solved in two or three weeks while others may occur. It's optimal to work toward zero critical issues, but it depends on the installation or the cloud dynamics.

Some customers achieve zero critical issues, and Wiz has a program that rewards this achievement with a puzzle. Wiz offers pricing for both huge and small environments, and customers can purchase it from the Google Marketplace. In my opinion, Wiz has a competitive price.

I rate Wiz between 9 and 10 out of 10.

I use Wiz for both my own company and other companies to detect and investigate vulnerabilities and any type of alerts that pop up. 

I am really enjoying the new Threat Detection that they have set up; it is pretty nice. I appreciate the way that it lays out the data.

For some of my customers, I create custom dashboards, charts, or counters, and they're actually really helpful. It's quite easy. They have extensive technical documentation that guides you through the process. Additionally, there are short videos available in each section that demonstrate how to do things.

Wiz has helped my organization achieve zero criticals in its issue queues after a month. 

It would be better if, when you get an alert type, you are able to view the regex or alert logic without having to dig through all the different options; it is difficult to find where the alert logic is because you have to go to the investigations and then actually find and search for the individual alert. If they just showed the alert logic, that would be really nice. 

Also, if there was an easier way for threats to convert those into issues rather than having to set up a custom rule to pull those in as issues, it would be great.

I have been using Wiz for just under a year.

I have not seen any sort of instability with Wiz; I was curious how their SRE team works because I have not seen a single downtime.

Wiz scales really efficiently; I have worked with some huge companies that have multiple clouds and thousands of workflows, and it all seems to work.

We have account executive people that we talk to for help with Wiz. We talk to them sometimes when new features come out or when we see weird things for the first time. They provide help with writing either new regex alert queries or just helping us figure out how to do something with using the product. They are very helpful and very responsive, and if they cannot get you the answer, then they will find someone to help you; it has been as quick as a turnaround time of one business day, which is really good.

Positive

I have used CrowdStrike, Prisma, and I think that Wiz is the best out of all of them. Wiz is good at conveying the information for the active threats. The way that it shows you is easier to understand as a human. It is about the same quality of detection, but the presentation is better.

It's really easy. It's very user-friendly, and it's very intuitive.

My team had Wiz set up already when I joined, but I have gone through the whole setup process myself; they let me reset it up. I found that to be pretty simple. It only took about an hour and a half to install Wiz because we do not have a super big system.

Once you set up Wiz, it is good to go. As a security engineer, you need to maintain the alerts and keep that stuff moving. Once we have the system in place, I have not noticed it disconnect any of our accounts. It seems once you set it, it is good to go.

One person can deploy Wiz; they just have to have the right access.

I don't know how much we pay, but I do know that Wiz charges a lot. However, they're offering a good product, so it might be fair. I haven't seen the exact numbers.

I would rate Wiz a 10 out of 10. I really like it.

We are a Wiz user and partner. We have an environment using Wiz, and our use case is to provide risk analysis.

We have dashboards to understand and categorize the main risks. These dashboards help us generate baseline reports, and we have personalized some of these reports.

It can provide an inventory. When you have a large cloud database or environment, Wiz can provide you easily with the total inventory that you have in the cloud. 

Wiz has helped my organization by allowing us to analyze the critical issues and providing the best way to mitigate these issues with step-by-step guidance. We don't achieve zero criticals. This often depends on the environment, as solving some problems can lead to two or three others arising. Therefore, navigating through the critical issues is essential, but it relies on the specific installation you have or the dynamics of your cloud setup. Some customers have successfully reached a state of zero critical issues, and we have a program designed to support this. If they are interested in achieving this goal, we can provide them with materials or insights to help them.

Wiz's best features are the AI risk analysis and the compliance frameworks. We can check if frameworks are compliant, such as CCPA, and the toxic combination.

The Wiz runtime sensor identifies active threats more effectively by allowing us to run the analysis with granularity in databases, in operational systems, and some access keys. The granularity of the Wiz view is the key for this kind of risk analysis.

FinOps is an area where Wiz needs enhancement.

I have been using Wiz for almost one and a half years.

I had experience with Wiz's support, and I would rate it a nine out of ten.

Positive

Wiz can accommodate both huge and small environments. You can purchase Wiz from Google Marketplace, for example. Wiz seems to have a competitive price.

We evaluated other options such as Orca before choosing Wiz. We analyzed Orca because it lacks certain functions, such as toxic combination or resolving issues easily. Wiz performs better at providing the best way to resolve critical issues, while Orca can only show the issues without resolving them.

I would rate Wiz a nine out of ten.

I use the solution for test and demo environments, and then we deploy the platform's last version for our customers. We use the advanced license type, so we have all the features in the platform.

The tool is used for security assessment and maintaining our customers' correct security posture. We have different types of customers, so there are different types of use cases. But in general, the main need is for the maintenance of cloud security posture.

The tool's most valuable feature is its attack path analysis. The feature of the tool for inspecting running containers and the new feature of intelligent artificial intelligence security posture is good. With the attack path analysis, I can see the perfect path of a possible attack, I can see the exposure of different types of resources, and I can stop the attack with the remediation or suggestion of the platform. Regarding the container runtime security, I can see how the container runs and what type of action the container takes during execution. I can take some action to modify the running of the container. For the artificial intelligence security posture, I can see the misconfiguration problem with the security permission that customers give to the platform, like Bedrock or OpenAI, and so on. We can help the customer resolve this problem of data security exposure and so on. All such features are effective in identifying vulnerabilities. The platform allows users to collect information without the need for an install agent. So it's totally agentless, and it is a great feature. I don't need to install an agent, so onboarding the platform is very easy and very speedy.

The tool keeps improving on a weekly basis. Wiz enters into a lot of partnerships with other technologies. I don't have any idea about the improvements needed in the tool at the moment.

For me, Wiz is a very complete product, but it is not the perfect one. Other technologies are better for our customers' specific use cases. A possible way to grow the tool is by introducing new functionality or features.

In the future, the tool can introduce an on-prem infrastructure or platform. Not having an on-prem version can be an obstacle for customers who have a large workload in an on-prem environment.

The onboarding can be done in five minutes or five to ten minutes. Then, there is the configuration, and it depends on the type of the use case of the customer. There is a customer that has simple use cases for whom the onboarding can be done in four to eight hours a day. If there are some customers with a lot of use cases and a lot of different cloud providers, more time is needed. In general, we don't need more than five days to deploy the tool, even in the case of a very complex architecture and hybrid cloud environment.

To deploy the tool, we need to have access to the account of the customer, and Wiz is a stuff that we need to make with the customer. We do the onboarding together. The customer creates the correct authorization in the cloud platform and gives us the key to connect to the platform, and then the platform connector starts and begins to collect information.

I have been using Wiz since 2023. My company is a service integrator and a partner of Wiz. I use the solution's latest version.

It is a stable solution. Stability-wise, I rate the solution an eight to nine out of ten.

Scalability-wise, I rate the solution a ten out of ten.

I don't know the exact number of users because every customer can create a user autonomously on the platform. So, I don't have availability at the moment for the total number of users. We have five customers at the moment, and we have done a lot of PoC during the last two years. I suppose that we will have around 22 different customers. If you need a number, a minimum of 60 users use the tool.

My customers are medium and large enterprises.

The solution's technical support was excellent. We have had excellent communication and availability for any of our needs or questions. They answer quickly, and we have had a great experience with the technical support. I rate the technical support a nine out of ten.

Positive

If one is difficult and ten is easy to set up, I rate the product's initial setup phase a nine out of ten.

The solution is deployed on the cloud. In the future, the tool can introduce an on-prem infrastructure or on-prem platform, but at the moment, it is only cloud.

If one is cheap and ten is expensive, I rate the tool's price as a five out of ten. The pricing depends on the customer and the dimension of the environment, whether the customer is strategic or not. I suppose that it is available at a middle price. In some cases, it has a very aggressive price, so very cheap, in order it's expensive. In particular, if the workload is poor, they can't make grid cells, so the price is high, and it is not in terms of real value but in terms of the budget of the customer.

The tool can be used for all customers who don't have a security structure or security team inside because the platform is very easy to use. It is a very useful tool for developer teams that can use the platform without having security knowledge, and the platform helps the developer of code applications. The tool adapts to a use case in which there is a SOC team because of the rich data that the SOC can correlate and manage.

I recommend the tool to companies that use cloud products. Wiz can be integrated with other customer platforms because it enriches information and makes inaction very valuable in terms of security.

I rate the tool as an eight out of ten.

We use it to identify vulnerabilities in our cloud environment, including misconfiguration and other issues. More recently, we've used it to identify inactive resources that we can terminate to save money. 

It also helps us automate some minor tasks that we don't want to do manually, such as forwarding issues to the appropriate teams. Wiz has various workflows to route the vulnerabilities it discovers to the right teams. We integrated it with ServiceNow, enabling us to send ServiceNow incidents to the teams. We can also send Azure DevOps work items to developers. We're evaluating Jira for some teams, and Wiz can also send tickets to Jira. 

Wiz helps us reduce and manage our issues. Six months ago, we had no idea where we had problems in the cloud. We used another tool, but we still didn't know where most of the issues were. Wiz made it so easy to see from a high level. 

Before adding any projects, it showed us all the open issues we needed to fix. It started with the big ones because Wiz groups the issues by control. For example, you can see you have 100 issues under one control, so you start by trying to fix that. We can fix these 100 issues across all accounts by fixing one control.

Maybe we can put in some guardrails or prevent people from doing something problematic using CI/CD. Wiz helps us identify issues, prioritize them, and determine which ones should be resolved globally. 

If something can't be fixed at the highest level, Wiz can automatically send it to the appropriate teams. Wiz enabled us to define a structure for routing issues to people. We add a set of AWS accounts to a project and make them owners, so automation rules can be defined to send tickets to all project owners. That functionality helps us get the tool to operate.

Wiz is like a blind spot detector. You don't know what you don't know, so all I know now is what Wiz tells me. We don't leverage any native AWS features, so we rely solely on Wiz now. We're heavily in the cloud, but we still get our feet wet with it and ensure it's set up correctly. 

Wiz was the first tool we used to determine what we should look at and fix. We are notified when people do things they shouldn't, and employees are taking more responsibility for that. People are more conscious about what they put in their AWS accounts. 

Employees know they're being monitored and are responsible for it at the end of the day. Our InfoSec team will see it and ping them about it. They'll also see it when they get a ticket for the issue that they need to fix. It helps to create a secure-by-design mindset.

Addressing blind spots gives us peace of mind because we know that what we're doing makes sense. We can implement guardrails, understand why people continue to do things wrong and discover ways to prevent the problem from happening. It helps us develop best practices.

Wiz hasn't reduced the staff we need, but it has automated many tasks. It has built-in integration with other tools we can leverage by configuring automation rules. You don't need an external automation solution or a SOAR platform because you can do everything with Wiz's native tools. 

It allowed us to decommission a cloud security tool that wasn't working well. Besides that, we haven't consolidated much because we don't have many other cloud tools. I expect a tool like Wiz could replace a traditional vulnerability scanner, like Rapid7. I prefer it over something like that. However, there will always be a use case for a traditional on-prem vault scanner for desktops, firewalls, and other hardware that doesn't have agents on it. 

We still need an endpoint detection tool and a traditional vault scanner. But if we were using other cloud security tools like Divvy and Lacework, we could have consolidated both of them into this.

The automation roles are essential because we ultimately want to do less work and automate more. The dashboards are easy to read and visually pleasing. You can understand things quickly, which makes it easy for our other teams. The network and infrastructure teams don't know as much about security as we do, so it helps to have a tool that's accessible and nice to look at.  

It's easy to see what needs to be fixed, which is crucial for the other teams. We are trying to adopt a comprehensive governance approach. The security team isn't necessarily responsible for fixing the problems, but we are responsible for ensuring they get fixed. We need to route things to the infrastructure team, and it's straightforward for them to find everything on the dashboard.

Wiz lets you group AWS accounts logically into projects. We have AWS accounts associated with an application, so we create a project named after that application, and the project owners will receive any related incidents. It's easy to identify who's responsible. It requires some configuration, but it's handy. 

They have a security graph with a point-and-click interface, so you can click the resources you want to search for. If you aren't sure what you're looking for, you can click through. You open the little browser, and it says "EC2 instance." When you click on that, it populates several other options. You see that the EC2 instance has a network interface and click it. That has a public IP, so you can start granularly filtering down using the security graph. 

I can use the security graph for threat hunting and identifying resources. I can click on a virtual machine and see it has been detected. I have AWS and VMware integrated so that I can see more than just our cloud environment. It provides visibility into the VMware environment. I can drill down further based on a specific project or subscription. I can see all the VMs in a particular project if I want. If I do that on our infrastructure project, it changes the results, and now I see around 800 VMs in this project.

It helps you understand the resources associated with individual projects. You can do that at the subscription level and narrow it down. It will show you that one project uses S3 buckets and another has VMs. You can determine if assets are active or inactive. It's a valuable tool. 

They have a new inventory feature that allows you to detect and classify technologies. For example, let's say a Linux server has an FTP application installed, but we're not supposed to have those on our Linux servers. You can mark it as unwanted. Wiz has controls triggered when you classify something as an unwanted technology, so it generates incident reports for your projects based on what you've specified in the inventory. If I say FTP is undesirable, it will detect that on resources and send tickets to the appropriate teams notifying them to fix it.

I like the features for managing SLAs. You can define SLAs, set due dates, and use the security graph to see if any SLAs are due soon. I also think they do an excellent job with SSO implementation. Using SAML role mappings, we can integrate Wiz with our identity provider and set it up based on different groups. It's simpler to manage user access. We don't need to do all that manual stuff no one wants to do.

The ability to scan every layer without agents is a huge selling point because we're multi-agent. We are heading in that direction, so it's vital to have something that works that way. We use agents where necessary because we've got endpoint detection and response. We have a vulnerability scanner that isn't agent-based. Reducing the number of agents, we must maintain on servers or desktops is essential. They fall a bit short when it comes to performing on-demand scans. However, I don't think that's their goal.

I don't think Wiz wants people to come in and click "scan now." In some cases, having more frequent scanning than what they currently have would be helpful. It is a little confusing to understand which scanner does what. They have disk and data security scanners that scan buckets and a dynamic scanner that scans other things. I don't know which scanner is doing what or if they all follow the same schedule. I don't think we could use it if it weren't agentless.

The reporting isn't that great. They have executive summaries, but it's only a compliance report that maps all current issues to specific controls. Whether you look at one subscription or project, regardless of the size, you will get a multipage report on how the issues in that account map to that control. Our CSO isn't going to read through that. He won't filter that out or show that to his leadership and say, "Here's what we're doing." It isn't a helpful report. They're working on it, but it's a poor executive summary.

All the other reports look great when you try to create them. I can pull a report of issues for a specific project, but it's a CSV file with findings, which isn't helpful. I expect a slick visual summary that looks like what they have on the dashboard. They spend a lot of time making the dashboard easy to understand, but you can't get that information into a report for our executive leadership. We want to show them the trends and what we're doing. It's critical for our team to demonstrate the tool's value. At the end of the year, we have to go to a meeting and show management the progress we made this year. I can only do that by going into open issues, putting them all in notepad, and taking a couple of screenshots. 

I would also like the dashboards to be customizable. They have excellent dashboards, but you can't create or customize them. At the same time, Wiz seems open to that feedback, and I think they're relatively new. They're growing fast and implementing new features quickly, so I hope this will be added soon.

A third issue is that we can't provide email notifications on connector status. Everything comes into Wiz through a connector. Our AWS environment is added as a connector, and there's no way to notify anyone if an issue is detected. We could wake up the next morning and not have any data from our AWS cloud environment because there was an issue with the connector, but no one would've known about it. I think that's something that needs to be fixed.

Wiz has room for improvement in terms of risk assessment. It has a severity meter with five levels: critical, high, medium, low, or informational. If I click on the highs, it sorts the issues by the control with the most total issues. They're all high, but it doesn't prioritize based on anything other than the number of issues that are impacted by that control. It's not a priority. It tells you you'll get the most bang for your buck if you fix this one. There's no risk score or anything like that.

For example, if a public-facing device has a significant vulnerability, it will consider that business context and label it "critical," but that's all it does. All the severity levels have the same weight. Wiz prioritizes well in terms of sorting the issues into broad categories. However, it doesn't prioritize those. I'm looking at all the highs right now, and I don't know if one of these is more impactful to fix than the other.

It helps to have an overview showing that 103 resources will be impacted if we fix this control. We can fix the control at the global level, put guardrails around it, and prevent the issue from happening in the future. You can start thinking that way, but it doesn't tell you this is more severe than other issues in the same severity category.

We have been using Wiz since October 2022.

I've never seen Wiz go down. It sometimes loads slowly, but that hasn't happened recently.

Wiz automatically scales with you. It's seamless.

I rate Wiz support a nine out of ten. Originally, they offered support through a chat app on their website, which was awful. They recently changed to Zendesk, which has been so much better. We also have a Slack channel with some of our account team. They've been excellent.

Positive

We used Lacework, but it couldn't operationalize like Wiz, and there were a lot of false positives. We found Wiz because we needed a replacement for Lacework that provided a better idea of our cloud environment.

Wiz does a better job than Lacework. It shows you what you need to fix on the front page. Lacework didn't do that as well, and it wasn't easy to automate. Once we knew what needed to be fixed in Lacework, it was difficult to forward the issue to the appropriate team. Wiz shows you what to fix and makes it easy to fix it.

Setting up Wiz is as straightforward as you want it to be. It's easy to set up, but there's a lot to learn, and there will be more as Wiz continues to add features. Being there from the beginning was nice because I learned all about the scanners and how they worked. 

Wiz is a SaaS solution connected to AWS, Azure, and our on-prem VMware environment in our data center. We worked with the Wiz team for the most part, but the platform is easy enough to do it yourself.

We already had Lacework, so we knew what we wanted to connect. We knew we wanted to connect our AWS and Azure cloud environments. We weren't thinking about VMware during our POC. We didn't care to add VMware. Our traditional vulnerability scanners would pick up the on-prem stuff, but they added it as an integration, so we decided to evaluate it. 

I was primarily responsible for deploying the solution, but I'm not a cloud engineer, so we called on some cloud resources to assist. If it's a one-person IT team with access to the cloud environment, they could do that on their own. I don't have access to certain things in AWS, so I needed our cloud team, which is two people, but I only worked with one of them. 

Some Wiz components require on-prem hardware. The VMware connector requires an agent-based server deployment. I deployed an EC2 instance with Docker on it, and each VMware vCenter environment requires its own agent. It was easy to set up, but some on-prem infrastructure is necessary to connect to them, get the information, and push it up to the cloud.

Though Wiz is a SaaS solution, it requires some maintenance on our side. If we have issues with the connectors, they must be fixed to ensure everything is coming in properly. If Wiz makes changes requiring additional permissions that impact the connectors or they release a new feature that requires additional permissions, we need to make some manual adjustments on our end.

We almost realized an ROI. The company only operationalized Wiz in January, even though we've had the tool for a while. We went through the POC. Then we tried to figure out the best method for implementing it and getting stuff out to our teams. I disappeared for a month because I was on paternity leave, so we've had maybe half a month where teams were addressing issues Wiz raised. Our issue count isn't increasing, and we continue to enable more rules and controls. People are starting to take accountability and proactively address issues they've seen in the ticketing system. 

I think we're reaching the point where we'll see a return on investment, and we'll be there by the end of the year. We started at the cloud level and already started implementing some of the things Wiz recommended. It might not trigger an issue on the platform, but it's one of those best practices. 

We realized value almost immediately, even during the POC. We plateaued a bit in terms of the ROI because we fixed some of the low-hanging fruit. We were like, "Okay, now what do we do?" We started creating accounts and putting them in projects. We set up the ticketing and tried to figure out where things were going. That took a few months to get going, and now we've enabled some of those. As time passes, we'll start to address some of these issues globally and hopefully implement the CI/CD stuff. 

Wiz is pretty expensive. It costs more than others in the market. For example, Lacework was half as much. We didn't get as much obviously, but it was half as much. The other platform was even less than Lacework, so Wiz is at the higher end of the market.

We looked at other tools like Ermetic. Rapid7 was actively pitching DivvyCloud to us. It's now called Insight Cloud SEC. We didn't evaluate that one though. We evaluated Ermetic but didn't do a POC. The company briefly tried them, and they didn't meet our expectations. Wiz is easier to use and navigate than the other solutions. 

I rate Wiz a nine out of ten. I recommend evaluating it with a full POC, but be prepared to set up connectors and go through the entire process. You'll know if you like the tool within a month. Try it if you have the budget. 

If you're concerned about getting too many alerts from multiple solutions, I would say it depends on what you can consolidate. Not everything can be consolidated into Wiz. At the same time, Wiz mainly reports actual issues, and there isn't a lot of noise or false positives. Wiz will detect specific resources that might be exposing ports to the internet and trigger an issue on that. But that's by design. In some cases, you might have network resources that a firewall needs to have exposed to the internet in that way.

Wiz has accounted for everything, so you can configure it to ignore particular issues for a given resource. They've implemented a few ways to work around issues you don't want to address so you can clear from the interface and get people to focus on what's important.

We use Wiz to monitor cloud security across Azure, Oracle OCI, and Google GCP cloud environments. With Wiz implementation we aim to eliminate the security team from security findings communication and triage and allow development, cloud and infrastructure teams direct access to security configuration findings - saving time for everyone involved.

The client has around over 2000 workloads in Azure, and more than 200 in Oracle OCI, as well as small cloud presence in Google GCP.

For the initial deployment, we aim to enable good visibility across all cloud platforms (width), as well as across different levels of visibility (depth) by employing CSPM, CIEM, DSPM, EASM, CDR and other capabilities offered by Wiz. 

Going forward, we plan to implement cloud forensics feature, as well as integrate it into our CI/CD pipelines and code repositories for preventative capabilities.

The integration is still in its early stages, and I will continue to update this report as we move forward. That being said, everything has been excellent so far!

Wiz helped to detect multiple virtual machines in Azure and Oracle OCI cloud environments that had problems, including crypto-miners and malware. Furthermore, Google GCP usage in the company was discovered by Wiz, which the other two CNAPP tools we've tested have missed. 

We also discovered credentials stored on the disk of a virtual machine in the test/dev environment, which could potentially provide access to parts of other cloud environments if compromised (allow lateral movement).

We can confidently say that we now see the full picture of risk across our cloud environments, including internet-exposed, vulnerable (unpatched) and misconfigured cloud assets, as well as sensitive data stored in those cloud assets.

We're currently going through the process of user onboarding to enable time savings for security team and streamline the time to take action to remediate the findings.

The time savings and the many moments of "if I was building a CNAPP, this is how I would do it" were where Wiz had already implemented what I wished for. Wiz also saves time by validating a network misconfiguration by not only looking at the cloud asset configuration but also by testing if a port that is stated to be open is actually open.

The Wiz product team recognises that the world doesn't revolve around Cyber Security teams. This is evident in their emphasis on providing clear and simple remediation advice and offering explanations of the alerts, making it easy for non-security team members to understand what’s happening and why. This was one of the key criteria why Wiz has been selected over the competitors.

My favourite is the EASM/External Exposure view and overall package - full risk visibility. It allows us to prioritize, and I mean truly prioritize, what should be addressed first. We can now see cloud workloads exposed to the internet in case of critical vulnerabilities, and if these workloads hold or can access sensitive data, we can act fast and patch these workloads first, and therefore reduce our overall risk exposure time.

Another favourite feature is the ability to give feedback and quickly raise a support case, as well as the comment option for each finding in Wiz web portal. It enables simple, yet effective collaboration between security, cloud, infrastructure and development teams.

It's too early to tell what can really be improved. However, we noticed some capabilities that were lacking, specifically ignoring some false-positive Issue findings. The good news - with the latest update, this has been resolved.

The built-in reports have room for improvement, especially the executive summary reports. However, this is compensated by the excellent Dashboards available in Wiz web portal.

Overall, nothing is majorly lacking, and so far, all issues we encountered have been addressed with a few outstanding ones that are pending for a feature release.

I have been using this solution since June 2024. 

With two main cloud platforms fully onboarded, the integration project is still ongoing.

The solution is very stable. We observed a case where some of the newly introduced built-in policies caused minor discrepancies in the alert count, but the Wiz support team promptly resolved the issue.

So far, so good! No issues were observed in scalability.

Support is excellent. We had 10 to 15 TAC cases open; most are addressed, and few that remain open have updates and a clear path towards resolution.

Positive

Previously, I used Check Point's CloudGuard (while it was still called Dome9), Prisma Cloud by Palo Alto Networks, and Microsoft's Defender for Cloud (since 2020, when it was still called Azure Security Center). I have also tested Orca Security CNAPP solution in a PoC setting for about a month.

The setup is straightforward. There were no issues with either cloud connector that I used (Azure, OCI and Kubernetes).

I am a consultant working on this integration - HLD, LLD, integration itself, policy review/triage of findings, and user training/onboarding. The support team has been great! From sales to customer success - it has been a smooth ride. 

The main ROI will be the time savings from not needing to write a basic remediation advisory for the dev team and then send/track it using email.

The sizing script provided by Wiz is fairly accurate. The support team will help you accurately identify the licensing needs. We've done it, and it is spot-on.

We evaluated two other CNAPP solutions.

So far, I really like the solution and the team supporting our integration.

While it's quite early for a full review, we already have the key parts functionality deployed, and I will be updating this review once the integration is finalized next year (code security for CI/CD, cloud incident response and forensics, and automation of preventative capabilities remains on our to-do list).

Disclaimer: I received a typical customer "swag" package (jumper, backpack, thermal cup) from Wiz, but I can confidently say it had no influence on the content of my review of the CNAPP solution.