Wiz is a highly efficient solution for data security posture management (DSPM), with a 100% API-based approach that provides quick connectivity and comprehensive scans of platform configurations and workloads. The solution allows companies to automatically correlate sensitive data with relevant cloud context, such as public exposure, user identities, entitlements, and vulnerabilities.This integration enables them to understand data accessibility, configuration, usage, and movement within their internal environments.
Wiz has several valuable features according to its users. The reporting and query functionalities make it easy to find out information about servers and applications. Security Graph provides visibility into risks in cloud environments and allows for prioritization and risk evaluation. The ease of installation and quick value obtained from Wiz is also noted as a valuable feature. Other features include cloud security posture management, threat intelligence, risk prioritization, automation roles, and inventory management. The ability to scan every layer of cloud environments without agents and the thorough documentation are also highly appreciated. Security Graph is considered the most powerful feature, providing contextual views for prioritizing critical risks and creating custom reports. The automated attack path analysis is also useful in prioritizing remediation efforts.
Wiz could improve by integrating a mechanism to manage tenants on multiple platforms, providing case-insensitive searches, and allowing the grouping of resources into compliance sets. The number of scans per day could also be increased, and Wiz could expand into file integrity monitoring and improve remediation workflows. Reporting capabilities and customization options could be refined, and email notifications on connector status could be added. Wiz should prioritize and provide risk scores for severity levels. Users appreciate Wiz's responsiveness to feature requests and willingness to listen to customer feedback. Some users have experienced pain points with logging integrations and would like to see preventive controls to protect against vulnerabilities that cannot be remediated immediately.
Wiz has provided immediate value and a return on investment for organizations in various ways. It simplifies processes by using one tool instead of multiple, making compliance easier and reducing the need for full-time resources. Wiz also improves coverage and manages multiple security aspects with only a quarter of a resource compared to multiple team members and tools. By providing cybersecurity as a service internally, organizations can show a return on investment and improve overall security posture. Although some organizations took time to implement Wiz, once they did, they saw value almost immediately. Wiz provides a centralized platform for investigations and analysis, allowing for real-time reporting. By promoting adoption, organizations can continue to see value added from Wiz.
Wiz's pricing and licensing vary among users. Some find it fair and comparable to competitors, while others think it's expensive and wish it was more transparent. The pricing models can be confusing, but some appreciate the simplicity of selecting specific features. Some users have credits that they can use for various features, and some bought more credits than needed to have a dedicated customer success manager. Despite concerns about the longevity of the pricing model, results with Wiz were achieved immediately during the four-week trial.
The solution is primarily used for cloud security, with a focus on identifying and remedying misconfigurations and vulnerabilities in cloud environments such as AWS and Azure. It provides visibility into business integrations and resources, and can be used for compliance tracking and vulnerability management. Wiz is deployed as a SaaS and can automate tasks and route vulnerabilities to appropriate teams. It also offers cloud security posture management, inventory, risk and patch management, and framework maturity services. The solution is used across multiple cloud environments, including GCP and multi-cloud environments.
Customers have generally positive experiences with Wiz's customer service and support. Account managers are helpful in resolving issues, technical support is quick and responsive, and post-sales support is excellent. Some customers suggest that Wiz should make their information more publicly accessible to make it easier for users to access documentation.
Wiz's initial setup is straightforward and easy, with deployment taking anywhere from a couple of hours to a week. Some customization was required based on integration environments, but maintenance was minimal. The solution provided quick visibility to previously unknown issues and was deployed across multiple public clouds. Some on-prem infrastructure was necessary to connect to certain environments, but overall, the setup was seamless. The solution required some fine-tuning, but it provided immediate value to the user.
Wiz is highly scalable, with a SaaS model that allows for automatic monitoring and maximization of capacity. Users have not experienced any issues with scaling and rate it a 10 out of 10. The solution is also compatible with cloud environments and has not had any issues meeting demands.
Wiz's stability is highly praised by reviewers. They have experienced minimal downtime, mostly due to maintenance and updates, and have not encountered any outages. Some minor issues with logins have been reported, but they have not resulted in significant downtime. The platform is described as stable and has not required any changes. Although there have been occasional reports of slow loading, the stability is consistently rated as high.
Wiz's Security Graph delivers automated alerts whenever risks emerge, allowing teams to prioritize and address the most critical issues before they escalate into breaches. Furthermore, Wiz ensures rapid and agentless visibility into critical data across various repositories, enabling organizations to easily determine the location of their data assets.
Wiz provides various features in the following categories:
Agentless Scanning: The solution can scan every layer of a cloud environment without requiring agents, managing the entire process and providing comprehensive visibility.
Workflow Integration: Users can create customized workflows within Wiz to identify and assign actions based on urgency, integrating them with ticketing systems for quick and efficient remediation.
Vulnerability Management: Wiz's vulnerability management modules provide detailed analytics and visibility across cloud systems, streamlining the manual process of vulnerability discovery. The automated attack path analysis helps identify risks and trace potential points of exposure, allowing users to understand and mitigate them effectively and proactively.
CSPM (Cloud Security Posture Management): Wiz's CSPM module offers instant visibility into high-level risks to an enterprise’s cloud environment, covering all accounts without the need for agents.
Out-of-the-Box Reporting and Custom Queries: The service supports comprehensive reporting with asset context, allowing users to perform complex custom queries on the solution’s user-friendly interface.
Automation Roles and Dashboards: The solution facilitates automation by providing essential roles and dedicated dashboards that enable teams to understand security information quickly, even those with limited expertise.
Contextual Risk Evaluation: The service contextualizes the various components contributing to an issue, providing a risk evaluation framework that helps prioritize remediation efforts.
Security Graph and Visibility: Wiz's security graph offers visibility across the entire organization, even with multiple accounts, enabling users to understand their environment and assets effectively.
Wiz offers the following benefits:
Comprehensive agentless scanning
Effective identification and mitigation of vulnerabilities
Streamlined vulnerability management
Robust reporting capabilities and customizable queries
Enhanced automation and role-based access control
Prioritized risk evaluation for efficient remediation
Security posture across multiple accounts
Kamran Siddique, VP Information Security at boxed.com, remarks his company has seen a ROI while using Wiz, as it simplifies the process by integrating multiple useful tools into one solution.
According to a Senior Security Architect at Deliveroo, Wiz has given their company a fresh approach to vulnerability management, as Wiz's native integrations are extremely useful and paramount to the operational success of their platform.
Wiz is the fastest growing software company ever - $100M ARR in 18 months: Wiz becomes the fastest-growing software company ever | Wiz Blog
Discover why companies, including Salesforce, Morgan Stanley, Fox, and Bridgewater choose Wiz as their cloud security partner. Read their success stories here: Customers | Wiz