Wiz Reviews

We use it to identify vulnerabilities in our cloud environment, including misconfiguration and other issues. More recently, we've used it to identify inactive resources that we can terminate to save money. 

It also helps us automate some minor tasks that we don't want to do manually, such as forwarding issues to the appropriate teams. Wiz has various workflows to route the vulnerabilities it discovers to the right teams. We integrated it with ServiceNow, enabling us to send ServiceNow incidents to the teams. We can also send Azure DevOps work items to developers. We're evaluating Jira for some teams, and Wiz can also send tickets to Jira. 

Wiz helps us reduce and manage our issues. Six months ago, we had no idea where we had problems in the cloud. We used another tool, but we still didn't know where most of the issues were. Wiz made it so easy to see from a high level. 

Before adding any projects, it showed us all the open issues we needed to fix. It started with the big ones because Wiz groups the issues by control. For example, you can see you have 100 issues under one control, so you start by trying to fix that. We can fix these 100 issues across all accounts by fixing one control.

Maybe we can put in some guardrails or prevent people from doing something problematic using CI/CD. Wiz helps us identify issues, prioritize them, and determine which ones should be resolved globally. 

If something can't be fixed at the highest level, Wiz can automatically send it to the appropriate teams. Wiz enabled us to define a structure for routing issues to people. We add a set of AWS accounts to a project and make them owners, so automation rules can be defined to send tickets to all project owners. That functionality helps us get the tool to operate.

Wiz is like a blind spot detector. You don't know what you don't know, so all I know now is what Wiz tells me. We don't leverage any native AWS features, so we rely solely on Wiz now. We're heavily in the cloud, but we still get our feet wet with it and ensure it's set up correctly. 

Wiz was the first tool we used to determine what we should look at and fix. We are notified when people do things they shouldn't, and employees are taking more responsibility for that. People are more conscious about what they put in their AWS accounts. 

Employees know they're being monitored and are responsible for it at the end of the day. Our InfoSec team will see it and ping them about it. They'll also see it when they get a ticket for the issue that they need to fix. It helps to create a secure-by-design mindset.

Addressing blind spots gives us peace of mind because we know that what we're doing makes sense. We can implement guardrails, understand why people continue to do things wrong and discover ways to prevent the problem from happening. It helps us develop best practices.

Wiz hasn't reduced the staff we need, but it has automated many tasks. It has built-in integration with other tools we can leverage by configuring automation rules. You don't need an external automation solution or a SOAR platform because you can do everything with Wiz's native tools. 

It allowed us to decommission a cloud security tool that wasn't working well. Besides that, we haven't consolidated much because we don't have many other cloud tools. I expect a tool like Wiz could replace a traditional vulnerability scanner, like Rapid7. I prefer it over something like that. However, there will always be a use case for a traditional on-prem vault scanner for desktops, firewalls, and other hardware that doesn't have agents on it. 

We still need an endpoint detection tool and a traditional vault scanner. But if we were using other cloud security tools like Divvy and Lacework, we could have consolidated both of them into this.

I lead and manage our vulnerability management and threat intelligence program so relying on having quick visibility, coverage, comprehensiveness, and depth is an absolute benefit; Wiz agentless deployment and scaling give us that quick use CVE-based vulnerability scanning, detection, continuous monitoring, threat intelligence, and risk prioritization with little to no downtime or impact to availability. Lastly, the CSPM, threat-intelligence, and dashboard capability within Wiz gives leadership quick and efficient reporting on our overall risk in the cloud.

I believe the genius of Wiz is that, as we move towards a more zero-trust approach to cybersecurity, we can avoid using agents, which can be intrusive and difficult to manage. Furthermore, granting an agent full read rights access to our endpoint is not always the most secure, least privileged approach. I appreciate how Wiz can take a snapshot, scan it, and deliver results without affecting our workloads. Working with Wiz is great because it eliminates the need for staging and production environments. When we can't pick a snapshot-like reproduction environment right away, it does not have any impact.

We went from 1,000 to 10,000 employees after merging with a large company and purchasing another. Prior to this, it was like the Wild West. With Wiz, we were able to set up quickly and have visibility into our cloud workloads and environment. This has been incredibly helpful in reducing our attack surface and allowing us to prioritize risks. Wiz significantly lowered our risk and caused little to no disruption which is quite amazing.

It is extremely important for our organization to have visibility into our risk detection with a contextual view for prioritizing potential critical risks. When companies try to approach this single pane of glass from a risk perspective, it is essential to be able to share this information with stakeholders and non-technical people, such as the president, CFO, or other C-level personnel. I believe it is possible to share our cloud posture and risk overall within a five-minute presentation.

With the deep coverage and visibility that Wiz provides, we need more resources. It's clear that we have a lot of issues to address and we need to be careful and strategic in how we roll out solutions so that we don't overwhelm the business. Wiz has been helpful in determining our needs and getting us the resources and people we need.

Remediation is currently a manual process. Because the automation workflow within the tool is lacking, we have a remediation webinar to help. I still recommend and suggest that Wiz build it within the tool itself and not depend on manual processes. I have created an SOP to review and share findings, but it is a tedious process and can take up a lot of time. We are not yet in an optimized automated state and the tool and procedure are not there yet. However, Wiz does help and I have set up projects to help with organization and remediation workflow. The security personnel I work with have been pleased with the results, as I can provide a link to the issue and we can review it together. I usually have biweekly remediation calls and internal SLAs to track the ticket creation of the finding to when it is remediated. I find it useful to use that feature within the solution. Wiz allows us to go into the issue and assign a due date, which is very helpful. It would be great to have our own remediation board within Wiz, more like a dashboard.

We use the solution as our cloud security platform.

We use Wiz across all of our GCP environments. We have approximately nine projects, around five thousand instances, and five thousand containers. As for AWS, it is relatively small; it consists of a few VPCs with around five hundred assets.

Wiz is the only security solution we use for our cloud platform. It scans data activity, potential exposures, and any efforts with overly wide permissions, especially when they involve semi-exposed ports of sensitive data. Wiz also tracks vulnerabilities, including zero-day vulnerabilities, and logs. We are taking advantage of the security graph and all its features to make it easier to track security across the board.

Wiz's ability to scan every layer of our cloud environment without any agents is why we have the ease of deployment that we can provide on the order level and view all the products, giving us a lot of value and immediate return on investment. Agents are required for certain use cases, such as blocking features or taking action immediately if something is not right, but we did not have that requirement. We created workflows to identify where the action is needed and integrated them with our ticketing system to assign appropriate urgency tickets, so the right team can work on it immediately.

Automated attack path analysis has been beneficial to us by helping us to identify what needs to be done when a vulnerability is discovered. It allows us to trace the attack paths from a potential point of exposure to the vulnerability and how it can be exploited. We can also determine how to mitigate the vulnerability, which is of great value from a remediation perspective.

Within the first two weeks of the deployment, we were able to limit all of our security issues in our production environment. We had been using another platform, but it lacked ease of use and we were not able to get all the details we needed. We replaced this solution with Wiz, and it allowed us to take action when an alert came in. We were able to drill down to the root cause and with the knowledge base that comes with it, we were able to fix issues and get rid of all our security issues. This was a huge value.

Having visibility into our risk detection with a contextual view to prioritize potentially critical risks is very important, as we do not have a large security or development team. If we were to receive twenty alerts, we would not have the capacity to address them all at once. Knowing the context of how this would impact the organization is of great value, as it allows us to tackle the most critical issues based on external exposure, exploitable areas, and the type of data behind the vulnerability. This context helps us prioritize, as all risks are not equal.

Wiz has helped us reduce blind spots in our restriction capabilities by 100 percent. We were running a tool that scanned for vulnerabilities, but we did not have an external exposure component or any context for it. We had just deployed the DSPM and were not able to look at many past levels. The tool we were using previously was just one ready assessment tool. Wiz adds a lot of value.

Additionally, since we have both e-commerce and SaaS, it is important for us to be compliant and isolated. Wiz makes this very easy as we are a hundred percent cloud-based. We can review our compliance and see all the efforts running in our cloud environment. If there are any controls that are not compliant with ISO software, we have set up learning on that and integrated it with IT and some tooling. This allows whoever needs to take action for their control to do so immediately, ensuring that we stay compliant.

I have limited resources in my department, but if I wasn't utilizing Wiz and used our old solution, I would need to acquire two to three more resources. Therefore, with Wiz, I can do all of the above with the existing resources instead of bringing on more tools and personnel.

The Primary use cases are within cloud security posture management, in which we identify misconfigurations and any type of what they call "toxic combinations" of risk and vulnerabilities that are affecting our cloud deployments.

In the last year we have enabled DSPM and expanded on CIEM use cases. 

In addition to the agentless functionality, we have deployed the Wiz Sensor and enabled Admission Controller in our Kubernetes workloads. 

We don't consider Wiz just a cyber security tool. What we have done is opened up the visibility to our cloud users. Now, our cloud users are able to see for themselves what is affecting their assets. It helps enable a shared model of responsibility for security. With the visibility that Wiz enables, our users are no longer receiving a report in the form of a spreadsheet. They're able to quickly see and navigate, and drill into anything, if they need to, to see what is affecting their environments. 

Now that we have given them visibility into what's running in production, through some of the capabilities available in Wiz, we are investing in how we can shift things and identify some of those issues earlier in the pipeline so that they don't have to worry about things after going to production.

In addition, the fact that Wiz is agentless and that it's leveraging APIs to give us visibility at the organizational or the account level, are factors that have definitely reduced some of the overhead that come with other technologies that use agents to attain the same results.

Another benefit is that it consolidates tools. We now have one tool that is capable of giving us vulnerabilities, not just on modern services or cloud-ready services, but also on traditional instances in which we would have been using an agent to be able to pull the information we need. The fact that Wiz is agentless and is capable of looking at traditional compute as well as modern compute has reduced the need for additional tools that are agent-based.

I use the solution for test and demo environments, and then we deploy the platform's last version for our customers. We use the advanced license type, so we have all the features in the platform.

The tool is used for security assessment and maintaining our customers' correct security posture. We have different types of customers, so there are different types of use cases. But in general, the main need is for the maintenance of cloud security posture.

The tool's most valuable feature is its attack path analysis. The feature of the tool for inspecting running containers and the new feature of intelligent artificial intelligence security posture is good. With the attack path analysis, I can see the perfect path of a possible attack, I can see the exposure of different types of resources, and I can stop the attack with the remediation or suggestion of the platform. Regarding the container runtime security, I can see how the container runs and what type of action the container takes during execution. I can take some action to modify the running of the container. For the artificial intelligence security posture, I can see the misconfiguration problem with the security permission that customers give to the platform, like Bedrock or OpenAI, and so on. We can help the customer resolve this problem of data security exposure and so on. All such features are effective in identifying vulnerabilities. The platform allows users to collect information without the need for an install agent. So it's totally agentless, and it is a great feature. I don't need to install an agent, so onboarding the platform is very easy and very speedy.

We use Wiz to monitor cloud security across Azure, Oracle OCI, and Google GCP cloud environments. With Wiz implementation we aim to eliminate the security team from security findings communication and triage and allow development, cloud and infrastructure teams direct access to security configuration findings - saving time for everyone involved.

The client has around over 2000 workloads in Azure, and more than 200 in Oracle OCI, as well as small cloud presence in Google GCP.

For the initial deployment, we aim to enable good visibility across all cloud platforms (width), as well as across different levels of visibility (depth) by employing CSPM, CIEM, DSPM, EASM, CDR and other capabilities offered by Wiz. 

Going forward, we plan to implement cloud forensics feature, as well as integrate it into our CI/CD pipelines and code repositories for preventative capabilities.

The integration is still in its early stages, and I will continue to update this report as we move forward. That being said, everything has been excellent so far!

Wiz helped to detect multiple virtual machines in Azure and Oracle OCI cloud environments that had problems, including crypto-miners and malware. Furthermore, Google GCP usage in the company was discovered by Wiz, which the other two CNAPP tools we've tested have missed. 

We also discovered credentials stored on the disk of a virtual machine in the test/dev environment, which could potentially provide access to parts of other cloud environments if compromised (allow lateral movement).

We can confidently say that we now see the full picture of risk across our cloud environments, including internet-exposed, vulnerable (unpatched) and misconfigured cloud assets, as well as sensitive data stored in those cloud assets.

We're currently going through the process of user onboarding to enable time savings for security team and streamline the time to take action to remediate the findings.

The solution provides visibility into our business integrations in the cloud environment. We have a multi-cloud environment, and the tool provides a visual representation of misconfigurations, including the risks associated with combinations of multiple misconfigurations. Additionally, we use the solution to track resources provisioned in the cloud for compliance with our organization's baseline controls. Wiz is deployed as a SaaS.

Wiz helped us reduce blind spots in our risk detection capabilities; the older tools we previously used did not offer the same level of visibility and capability. The solution can validate exposures, which we can then communicate to the application team, allowing the developers to configure their applications to be more secure.  

We use Wiz for cloud security posture management and related services, such as visibility, inventory, risk management, patch management, and framework maturity.

We saw benefits from day one. Wiz gives us greater visibility into S3 buckets and sensitive data that may be exposed or compromised. For example, it might show us buckets that are public but should not be or immediate areas where patching should be applied.

Wiz enabled us to consolidate tools into a single pane of glass. That sped up our meantime to respond. The single pane of glass helps our security teams identify zero-day threats and vulnerabilities to tackle first. Wiz has been a game-changer for us.

It's one of our core security tools for preventing breaches in our organization. Since we're a 100 percent cloud environment, Wiz is critical to our security toolset. 

Wiz helped to reduce blind spots in our risk detection capabilities. Their dashboard has pre-populated queries for zero-day threats that take the guesswork out of building a query. Everything's simple, understandable, and pre-populated for you to customize. It offers visibility into the vulnerability and what you must do to resolve it. 

I could take care of threats immediately and confirm to the executives that zero-day threats are prevalent in the industry for other organizations. It handles the security operations, governance, and risk compliance aspects of the cloud in a single solution.

Wiz also helped us avoid building a large team. We can use the team we have and scale the tool as needed because it provides visibility to multiple teams. Fewer people are needed to operate Wiz.