Wiz Reviews

I have worked in security for a while, but I'm new to the cloud security world, and Wiz helps me understand how to secure cloud environments like AWS and Azure on the backend. We have about 50 Wiz users, including four admins and the SOC team. About 10 members of the CloudOps team have access. 

Wiz's biggest benefit is visibility. My organization acquired a few other companies, and we didn't know what we had. With Wiz, we only needed to create a service account and add new accounts to gain visibility into how they are configured, what security holes they have, and how to fix their vulnerabilities.

Visibility into critical risks is essential to our security team's job. You need to know what's out there to protect the environment. Wiz helps us reduce blind spots in our remediation, and we're constantly working on that. Our cloud security team is relatively small, so we're still seeing several servers with vulnerabilities.

We're still refining our remediation process. Now, when we see a vulnerability, we open a ticket with CloudOps to remedy it. However, the company recently made some acquisitions, and the other organizations we bought have their own processes.

We've been able to consolidate a few tools. For example, we had another product that we were using to pull reports from AMIs, but we recently started doing that in Wiz, so we don't need it anymore.  It's easier to use one tool with a single pane of glass instead of logging into multiple tools to get some information, you can do it from the Wiz platform.

I like Wiz's reporting, and it's easy to do queries. For example, it's pretty simple to find out how many servers we have and the applications installed on each. I like Wiz's Security Graph because you can use it to see the whole organization even if you have multiple accounts. We can sort it by a specific account or see them all in one place. I can't imagine logging in to each AWS account every time I need to see something with it. It's making things much easier.

Given the level of visibility into all the cloud environments Wiz provides, it would be nice if they could integrate some kind of mechanism to better manage tenants on multiple platforms. For example, let's say that some servers don't have an application they need, such as an antivirus. Wiz could include an API or something to push those applications out to the servers. It would be great if you could remedy these issues directly from the Wiz platform. 

I have used Wiz for about a year.

I'm impressed with the stability. We've only had downtime from maintenance and updates, and they notify us in advance, so we aren't impacted. 

We haven't needed to scale anything. It's a SaaS solution, so everything happens in the background. I haven't noticed any issues. 

I've never contacted tech support directly, but I meet with our account managers weekly, and they help me when I have issues. They open the case for me and provide a solution. At the next meeting, they follow up with me, and it's usually resolved pretty fast.

We realized value immediately after implementing Wiz. 

I rate Wiz nine out of 10. Before implementing Wiz, you should have all the information about your cloud environment in hand. It's straightforward once you get started. The challenge is getting connected to the environment. It will be difficult if you don't have the keys to the environment. Make sure you have a list of all your tenants for AWS, Azure, GCP, etc., so you don't miss anything.

You're always going to have a lot of alerts in this business, but Wiz has the flexibility to tailor your controls to your company's specific needs. That will reduce the amount of alerts. 

Our adoption has primarily been centered around understanding vulnerabilities in the environment and the configuration landscape in terms of creating hardening rules, policies, and other components like that. We're also able to see what the true risk landscape looks like by vulnerability tracking.

It simplified our ability to respond to new issues that are happening in the environment. Previously, in a scenario where a vulnerability could be a problem, or where there was a high-profile vulnerability and we needed to look at the overall impact, it was normally spread across multiple teams doing the analysis for that. We had to coordinate with all of the teams that manage their own infrastructure. Now, my team is able to provide that analysis upfront without having to take cycles away from development and other discovery components. We're able to have that single view into the entire organization.

It scans every layer of our cloud environment without agents. One of the primary reasons we looked at the platform was its agentless integration. When we look at the deployment models and have to go through an agent-based model, we have to write the components, and there's still that touchpoint on all of the cloud assets. We have to stand up infrastructure, and there's a lot of deployment overhead, whereas agentless implementations are very quick. Because it's doing the site scanning, after we have it integrated into the organization, within 24 hours of the new account being integrated, we have analytics on it.

It helped to reduce blind spots in our risk detection capabilities. It has added a lot of visibility into areas that we otherwise have been lacking. One of the aspects that are cool about it's that it looks at things in terms of inheritance, which I call "shadows." There might be a permission set or a network path that might be inheriting something that you wouldn't know by looking at it from a model, but they show that in their platform. It has simplified the areas around analyzing our permissions and analyzing the exposure points on systems. We're not having to comb through every security group and every security policy to see what exposure points are. We can see that it's inheriting something that we didn't realize in one of the other security groups or other permission sets.

It has simplified the remediation components and how we're performing analysis on the security pieces. It hasn't reduced the number of people, but it has reduced cycles. We're now able to consolidate the cycles, which were necessary but were spread across all of the different areas of the organization, into my team to be able to perform a lot of the analytics and functions that were taking those cycles away. So, engineering is more able to focus on being engineering and not having security go, "Hey, can you look into and investigate this item for me?"

The vulnerability management modules and the discovery and inventory are the most valuable features. Before using Wiz, it was a very manual process for both. After implementing it, we're able to get all of the analytics into a single platform that gives us visibility across all the systems in our cloud. We're able to correspond and understand what the vulnerability landscape looks like a lot faster.

Wiz Security Graph is awesome because it tells us exactly what the exposure looks like and how to be able to get to it. So, we know what areas along the way we may need to look at for external exposures and other things that we may not have been aware of.

The only small pain point has been around some of the logging integrations. Some of the complexities of the script integrations aren't supported with some of the more automated infrastructure components. So, it's not as universal. For example, they have great support for cloud formation and other services, but if you're using another type of management utility or governance language for your infrastructure-as-code automation components, it becomes a little bit trickier to navigate that.

We implemented it in September.

From a stability standpoint, we've not seen any issues.

We have a cloud environment. One of the key components and a huge decision-maker in going with the platform was that we're able to scale into it. So, if we add cloud assets, it's very easy for the system to scale with us.

We haven't had any experience directly with them. Most of everything that we've been working through has been with the implementation team, and that has been great.

We didn't use any other solution in this company, but I have used Orca Security and Prisma Cloud in previous companies.

In terms of consolidation of tools, it didn't allow us to consolidate tools because we were in a net-new component, but it was one of the first tools that we started putting in within our security program for visibility just because of the necessity around that.

I oversaw the deployment. My team was the one that did most of the work. 

The initial setup was very straightforward. It was just working within our enterprise cloud account and then everything populated underneath that, and off we went.

After the deployment, we were seeing value in the first week. We were able to look at some of the analytics and other components and put some of that data together. It helped us to understand the inventory landscape and to be able to comb through that. I've written a lot of manual tools to do that. They go through and do the scanning of the environment and other things, but it ends up getting pretty gnarly and complex. To be able to plug a system in and then see all of my cloud assets and any issues that were associated with them right off the bat was huge.

We did not use an integrator, reseller, or consultant. We have just been working with the Wiz account team's implementation services.

For the phase one implementation, we had one engineer on security and probably one part-time engineer on the infrastructure side helping to troubleshoot. From my team, I had one FTE assigned to the project, and we were able to implement it.

The biggest return is the fact that a lot of the things that were decentralized while doing investigations and analysis can now be pulled into a single individual running some report queries to determine the impact and gauge that. We're now able to do that in real-time versus a multi-day turnaround across all of the different engineering groups.

The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing.

The biggest thing is understanding the hows of where your integration points are going to be.

To someone who is looking at buying Wiz but is concerned that they already have a bunch of products that give them a lot of alerts, I would say that from an alert perspective, we haven't had a whole lot of issues related to alert fatigue from the system. We were very calculated in the implementation in terms of the things that we're seeing just for that reason. One of the things is that there could be areas where there might be overlaps in alerting. So, you can look at potentially consolidating those systems down into this single platform. Depending upon how you're doing some of the logging, alerts, and change detections in the environments, you can consolidate things like your vulnerability scanning.

I would rate it an eight out of ten.

Per my company’s guidelines – I am not allowed to share any information about our environment or detailed use cases. What I am sharing is at a very high level.

Overall I can share that we are using Wiz for AWS cloud discovery, identification, and remediation of misconfigurations as well as vulnerabilities.

We are considering more use cases and scenarios (as well as expanding to more teams in the org) in time. For now, these are the primary use cases that we are currently using Wiz for.

The solution has made a difference in the organization via: 

Technical capability. It covers all our languages, frameworks, and assets on AWS with the ability to do side scanning, which reduces compute needs and agent deployment/maintenance.

Natural query language. The product supports out-of-the-box reporting with context about the asset and allows us to perform complex custom queries on UI.

Security data at all levels. Wiz supports Basic and Advanced modes, meaning Engineering and Business users can leverage the platform without being complicated or too dumbed down.

A fresh approach to Vulnerability Management. Legacy methods did not work effectively in the cloud, risk-based context-driven vulnerability identification drives real results.

The ‘Graph’ has uses beyond security. Leveraging centralized cloud asset information enables teams to query in one place their architecture for operational success.

The Security Graph is the power of Wiz. This, teamed with continually developed cloud configuration rules, makes Wiz a powerhouse of an application. We use this information to pull all levels of security-relevant data and also for use cases outside of security. Leveraging this technology saves us not only precious engineering time but also money developing and investing in other overlapping solutions.

We find Wiz's native integrations to be extremely useful and paramount to the operational success of the platform; from day one, we have worked on integrating Wiz into as many internal platforms as possible.

Wiz is fully aware of its areas of improvement. We are seeing huge platform releases over the next couple of quarters, which they promise and deliver on. Wiz is the first vendor I've worked with that has turnaround feature requests in less than a month. 

We would like to see improvements to executive-level reporting and data reporting in general, which we understand is being rolled out to the platform. Improvements around the IaC scanning dashboards and flexibility would be nice however, this does not detract from the current usability of the tool at all. 

I've used the solution for more than six months.

Technical support is excellent. It is some of the best post-sales support ever received. CSMs know the product and share the same level of passion for the solution.

Positive

By far, the easiest part of the solution is the setup. It took all of one hour to complete, and that's with a custom Terraform.

We handled the setup in-house

We evaluated six other solutions from larger and smaller vendors.

If possible, a company needs to do a demo and a PoC. That way, they will see the value right away.

We are evaluating security configuration and compliance. We also use it to scan for security vulnerabilities in our pipelines.

The security baseline and vulnerability assessments are a very valuable feature. 

We're looking at some of the data compliance stuff that they've got on offer. I know they're looking at container security, which we gonna be looking at next. 

I have been using Wiz for four months. 

The stability is a nine out of ten. 

Five users are using the solution. The scalability is a ten out of ten. 

The initial setup is straightforward. The deployment takes five hours. So scanning storage accounts, storage account compliance, public endpoint scanning, you know, all of the usual things that we would be looking at as part of deployment.

Overall, I rate the solution a ten out of ten.