Wiz Reviews

I have worked in security for a while, but I'm new to the cloud security world, and Wiz helps me understand how to secure cloud environments like AWS and Azure on the backend. We have about 50 Wiz users, including four admins and the SOC team. About 10 members of the CloudOps team have access. 

Wiz's biggest benefit is visibility. My organization acquired a few other companies, and we didn't know what we had. With Wiz, we only needed to create a service account and add new accounts to gain visibility into how they are configured, what security holes they have, and how to fix their vulnerabilities.

Visibility into critical risks is essential to our security team's job. You need to know what's out there to protect the environment. Wiz helps us reduce blind spots in our remediation, and we're constantly working on that. Our cloud security team is relatively small, so we're still seeing several servers with vulnerabilities.

We're still refining our remediation process. Now, when we see a vulnerability, we open a ticket with CloudOps to remedy it. However, the company recently made some acquisitions, and the other organizations we bought have their own processes.

We've been able to consolidate a few tools. For example, we had another product that we were using to pull reports from AMIs, but we recently started doing that in Wiz, so we don't need it anymore.  It's easier to use one tool with a single pane of glass instead of logging into multiple tools to get some information, you can do it from the Wiz platform.

I like Wiz's reporting, and it's easy to do queries. For example, it's pretty simple to find out how many servers we have and the applications installed on each. I like Wiz's Security Graph because you can use it to see the whole organization even if you have multiple accounts. We can sort it by a specific account or see them all in one place. I can't imagine logging in to each AWS account every time I need to see something with it. It's making things much easier.

Given the level of visibility into all the cloud environments Wiz provides, it would be nice if they could integrate some kind of mechanism to better manage tenants on multiple platforms. For example, let's say that some servers don't have an application they need, such as an antivirus. Wiz could include an API or something to push those applications out to the servers. It would be great if you could remedy these issues directly from the Wiz platform. 

I have used Wiz for about a year.

I'm impressed with the stability. We've only had downtime from maintenance and updates, and they notify us in advance, so we aren't impacted. 

We haven't needed to scale anything. It's a SaaS solution, so everything happens in the background. I haven't noticed any issues. 

I've never contacted tech support directly, but I meet with our account managers weekly, and they help me when I have issues. They open the case for me and provide a solution. At the next meeting, they follow up with me, and it's usually resolved pretty fast.

We realized value immediately after implementing Wiz. 

I rate Wiz nine out of 10. Before implementing Wiz, you should have all the information about your cloud environment in hand. It's straightforward once you get started. The challenge is getting connected to the environment. It will be difficult if you don't have the keys to the environment. Make sure you have a list of all your tenants for AWS, Azure, GCP, etc., so you don't miss anything.

You're always going to have a lot of alerts in this business, but Wiz has the flexibility to tailor your controls to your company's specific needs. That will reduce the amount of alerts. 

Our adoption has primarily been centered around understanding vulnerabilities in the environment and the configuration landscape in terms of creating hardening rules, policies, and other components like that. We're also able to see what the true risk landscape looks like by vulnerability tracking.

It simplified our ability to respond to new issues that are happening in the environment. Previously, in a scenario where a vulnerability could be a problem, or where there was a high-profile vulnerability and we needed to look at the overall impact, it was normally spread across multiple teams doing the analysis for that. We had to coordinate with all of the teams that manage their own infrastructure. Now, my team is able to provide that analysis upfront without having to take cycles away from development and other discovery components. We're able to have that single view into the entire organization.

It scans every layer of our cloud environment without agents. One of the primary reasons we looked at the platform was its agentless integration. When we look at the deployment models and have to go through an agent-based model, we have to write the components, and there's still that touchpoint on all of the cloud assets. We have to stand up infrastructure, and there's a lot of deployment overhead, whereas agentless implementations are very quick. Because it's doing the site scanning, after we have it integrated into the organization, within 24 hours of the new account being integrated, we have analytics on it.

It helped to reduce blind spots in our risk detection capabilities. It has added a lot of visibility into areas that we otherwise have been lacking. One of the aspects that are cool about it's that it looks at things in terms of inheritance, which I call "shadows." There might be a permission set or a network path that might be inheriting something that you wouldn't know by looking at it from a model, but they show that in their platform. It has simplified the areas around analyzing our permissions and analyzing the exposure points on systems. We're not having to comb through every security group and every security policy to see what exposure points are. We can see that it's inheriting something that we didn't realize in one of the other security groups or other permission sets.

It has simplified the remediation components and how we're performing analysis on the security pieces. It hasn't reduced the number of people, but it has reduced cycles. We're now able to consolidate the cycles, which were necessary but were spread across all of the different areas of the organization, into my team to be able to perform a lot of the analytics and functions that were taking those cycles away. So, engineering is more able to focus on being engineering and not having security go, "Hey, can you look into and investigate this item for me?"

The vulnerability management modules and the discovery and inventory are the most valuable features. Before using Wiz, it was a very manual process for both. After implementing it, we're able to get all of the analytics into a single platform that gives us visibility across all the systems in our cloud. We're able to correspond and understand what the vulnerability landscape looks like a lot faster.

Wiz Security Graph is awesome because it tells us exactly what the exposure looks like and how to be able to get to it. So, we know what areas along the way we may need to look at for external exposures and other things that we may not have been aware of.

The only small pain point has been around some of the logging integrations. Some of the complexities of the script integrations aren't supported with some of the more automated infrastructure components. So, it's not as universal. For example, they have great support for cloud formation and other services, but if you're using another type of management utility or governance language for your infrastructure-as-code automation components, it becomes a little bit trickier to navigate that.

We implemented it in September.

From a stability standpoint, we've not seen any issues.

We have a cloud environment. One of the key components and a huge decision-maker in going with the platform was that we're able to scale into it. So, if we add cloud assets, it's very easy for the system to scale with us.

We haven't had any experience directly with them. Most of everything that we've been working through has been with the implementation team, and that has been great.

We didn't use any other solution in this company, but I have used Orca Security and Prisma Cloud in previous companies.

In terms of consolidation of tools, it didn't allow us to consolidate tools because we were in a net-new component, but it was one of the first tools that we started putting in within our security program for visibility just because of the necessity around that.

I oversaw the deployment. My team was the one that did most of the work. 

The initial setup was very straightforward. It was just working within our enterprise cloud account and then everything populated underneath that, and off we went.

After the deployment, we were seeing value in the first week. We were able to look at some of the analytics and other components and put some of that data together. It helped us to understand the inventory landscape and to be able to comb through that. I've written a lot of manual tools to do that. They go through and do the scanning of the environment and other things, but it ends up getting pretty gnarly and complex. To be able to plug a system in and then see all of my cloud assets and any issues that were associated with them right off the bat was huge.

We did not use an integrator, reseller, or consultant. We have just been working with the Wiz account team's implementation services.

For the phase one implementation, we had one engineer on security and probably one part-time engineer on the infrastructure side helping to troubleshoot. From my team, I had one FTE assigned to the project, and we were able to implement it.

The biggest return is the fact that a lot of the things that were decentralized while doing investigations and analysis can now be pulled into a single individual running some report queries to determine the impact and gauge that. We're now able to do that in real-time versus a multi-day turnaround across all of the different engineering groups.

The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing.

The biggest thing is understanding the hows of where your integration points are going to be.

To someone who is looking at buying Wiz but is concerned that they already have a bunch of products that give them a lot of alerts, I would say that from an alert perspective, we haven't had a whole lot of issues related to alert fatigue from the system. We were very calculated in the implementation in terms of the things that we're seeing just for that reason. One of the things is that there could be areas where there might be overlaps in alerting. So, you can look at potentially consolidating those systems down into this single platform. Depending upon how you're doing some of the logging, alerts, and change detections in the environments, you can consolidate things like your vulnerability scanning.

I would rate it an eight out of ten.

We currently use Wiz for cloud security management to identify and address vulnerabilities in our AWS platforms. Wiz is also integrated with our EKS clusters, allowing us to monitor and manage cluster security. We deploy sensors across our infrastructure, from the base level to more advanced setups, to gather comprehensive vulnerability data. Additionally, Wiz helps us manage our inventory and images. We have integrated Wiz with our ECR to monitor and secure container images through the ECR connector.

Our main goal is to use Wiz as our secondary product. We aim to gather all logs and vulnerabilities and integrate them into our main tool, Splunk. Wiz helps us identify issues, but Splunk remains our primary solution. We forward all logs from Wiz to Splunk. The client, Vericore, uses Splunk as their main tool to gather data from third-party CSPM tools like Prisma and others, including DDoS detection. This integration allows us to generate reports and distribute them to other departments to address the identified vulnerabilities.

Wiz offers greater visibility and more in-depth findings in terms of configuration, misconfiguration, and vulnerabilities.

The APIs are currently quite limited and not very mature, which makes integration with Splunk difficult. As a result, we often have to use Wiz instead of our mainframe to handle tasks related to Splunk. We regularly meet with the Wiz team, who then consult their product team to find solutions and alternative methods for these tasks.

I have been using Wiz for six months.

It is stable.

We don't have any issues with the scalability. 45-50 users are using this solution.

We have multiple departments, including product security and sales. We have development teams and other departments as well. For each senior and director in these departments, we have created users and provided them with access to Wiz. This allows them to gather reports from Wiz. Additionally, if they cannot get the reports from Wiz, they can use Splunk, with which we have integrated Wiz.

We have deployed Wiz in three organizations on AWS, each with approximately 70 to 80 accounts, totaling more than 120 accounts. We have also deployed Wiz in Microsoft environments, ensuring we can gather data from every platform.

Support has been great. We have a dedicated channel with Wiz and are always in communication with them.

Neutral

The initial setup was very straightforward. We used the deployment connectors in Wiz. We deployed three connectors for our AWS environment, and each connector requires specific roles: Wiz rules and read-only roles. The deployment was done using the CloudFormation template through our management account, and we deployed the template to all the accounts in the organization.

The deployment took no more than 48 hours because it was done easily. However, the setup to get all the data from AWS into Wiz took about 24-48 hours.

We use Splunk for DDoS detection and the AWS Security Data Lake for micro detections. We use Wiz for cloud platform configuration. For threat detection, we rely on the AWS Security Data Lake and Splunk.

We use Wiz to enhance our cloud security, and as a result, the number of vulnerabilities has gone down. We have integrated Jira authentication with Wiz to create tickets. We have set up rules in Wiz that generate tickets for misconfigurations. These tickets are sent to the respective departments that own the accounts with the identified vulnerabilities and misconfigurations. Our security team pushes these tickets to the relevant teams, enhancing security. 

Integration and deployment are relatively easy. However, we have encountered some incidents with Wiz in the past. As Wiz mentioned, some policies included in the connectors were flagging our production EBS in AWS. 

Maintenance is very easy.

I recommend Wiz for its simplicity, comprehensive findings, and impressive security graph. It provides excellent visibility, threat detection, and data classification rules. Additionally, Wiz offers more control compared to Prisma and other third-party tools.

Overall, I rate the solution at eight-point five out of ten.

Our primary use case for this solution is within our security team for monitoring purposes. We have integrated the solution with our cloud environments to establish notifications for security misconfigurations. These notifications create tickets for relevant teams to address the issues, and our security team ensures the tool works properly, assisting product teams with remediation and consulting on resolving the generated tickets.

The product's most valuable feature combines different contexts and attributes to produce highly confident alerts. It can detect issues based on factors like public exposure, network vulnerabilities, and privilege assignments, leading to minimal false positives and a low volume of alerts, which is highly valuable for our operations.

They could improve the product's visibility in the internal network topology. It focuses mainly on external risks, and additional visibility into internal network communication and cross-cloud or cloud-to-on-prem connectivity would be beneficial.

We have been using Wiz for almost three years.

The solution is generally stable. I would rate its stability as eight or nine out of ten.

The solution is highly scalable.

Our experience with customer service and support has been positive. While initial replies are fast, the resolution time can vary depending on the issue.

Positive

We previously used a different solution from Check Point. We decided to switch due to the additional features, capabilities, and support offered by Wiz.

The initial setup was straightforward and can be completed in a few hours with the necessary permissions.

I rate the process an eight.

Based on the features and capabilities, the product pricing seems reasonable.

I rate Wiz a nine out of ten. 

Per my company’s guidelines – I am not allowed to share any information about our environment or detailed use cases. What I am sharing is at a very high level.

Overall I can share that we are using Wiz for AWS cloud discovery, identification, and remediation of misconfigurations as well as vulnerabilities.

We are considering more use cases and scenarios (as well as expanding to more teams in the org) in time. For now, these are the primary use cases that we are currently using Wiz for.

The solution has made a difference in the organization via: 

Technical capability. It covers all our languages, frameworks, and assets on AWS with the ability to do side scanning, which reduces compute needs and agent deployment/maintenance.

Natural query language. The product supports out-of-the-box reporting with context about the asset and allows us to perform complex custom queries on UI.

Security data at all levels. Wiz supports Basic and Advanced modes, meaning Engineering and Business users can leverage the platform without being complicated or too dumbed down.

A fresh approach to Vulnerability Management. Legacy methods did not work effectively in the cloud, risk-based context-driven vulnerability identification drives real results.

The ‘Graph’ has uses beyond security. Leveraging centralized cloud asset information enables teams to query in one place their architecture for operational success.

The Security Graph is the power of Wiz. This, teamed with continually developed cloud configuration rules, makes Wiz a powerhouse of an application. We use this information to pull all levels of security-relevant data and also for use cases outside of security. Leveraging this technology saves us not only precious engineering time but also money developing and investing in other overlapping solutions.

We find Wiz's native integrations to be extremely useful and paramount to the operational success of the platform; from day one, we have worked on integrating Wiz into as many internal platforms as possible.

Wiz is fully aware of its areas of improvement. We are seeing huge platform releases over the next couple of quarters, which they promise and deliver on. Wiz is the first vendor I've worked with that has turnaround feature requests in less than a month. 

We would like to see improvements to executive-level reporting and data reporting in general, which we understand is being rolled out to the platform. Improvements around the IaC scanning dashboards and flexibility would be nice however, this does not detract from the current usability of the tool at all. 

I've used the solution for more than six months.

Technical support is excellent. It is some of the best post-sales support ever received. CSMs know the product and share the same level of passion for the solution.

Positive

By far, the easiest part of the solution is the setup. It took all of one hour to complete, and that's with a custom Terraform.

We handled the setup in-house

We evaluated six other solutions from larger and smaller vendors.

If possible, a company needs to do a demo and a PoC. That way, they will see the value right away.

We are evaluating security configuration and compliance. We also use it to scan for security vulnerabilities in our pipelines.

The security baseline and vulnerability assessments are a very valuable feature. 

We're looking at some of the data compliance stuff that they've got on offer. I know they're looking at container security, which we gonna be looking at next. 

I have been using Wiz for four months. 

The stability is a nine out of ten. 

Five users are using the solution. The scalability is a ten out of ten. 

The initial setup is straightforward. The deployment takes five hours. So scanning storage accounts, storage account compliance, public endpoint scanning, you know, all of the usual things that we would be looking at as part of deployment.

Overall, I rate the solution a ten out of ten.