Try our new research platform with insights from 80,000+ expert users

Microsoft Defender Vulnerability Management vs Wiz comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Zafran Security
Sponsored
Ranking in Vulnerability Management
17th
Average Rating
9.6
Reviews Sentiment
7.8
Number of Reviews
6
Ranking in other categories
Continuous Threat Exposure Management (CTEM) (1st)
Microsoft Defender Vulnerab...
Ranking in Vulnerability Management
12th
Average Rating
8.0
Reviews Sentiment
6.9
Number of Reviews
15
Ranking in other categories
Advanced Threat Protection (ATP) (16th), Microsoft Security Suite (20th), Risk-Based Vulnerability Management (5th)
Wiz
Ranking in Vulnerability Management
2nd
Average Rating
9.0
Reviews Sentiment
7.0
Number of Reviews
26
Ranking in other categories
Container Security (2nd), Cloud Workload Protection Platforms (CWPP) (2nd), Cloud Security Posture Management (CSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (1st), Data Security Posture Management (DSPM) (1st), Compliance Management (1st), Cloud Detection and Response (CDR) (1st)
 

Mindshare comparison

As of October 2025, in the Vulnerability Management category, the mindshare of Zafran Security is 1.0%, up from 0.1% compared to the previous year. The mindshare of Microsoft Defender Vulnerability Management is 2.7%, down from 2.8% compared to the previous year. The mindshare of Wiz is 10.5%, down from 11.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Market Share Distribution
ProductMarket Share (%)
Wiz10.5%
Microsoft Defender Vulnerability Management2.7%
Zafran Security1.0%
Other85.8%
Vulnerability Management
 

Featured Reviews

Israel Cavazos Landini - PeerSpot reviewer
Weekly insights and risk analysis facilitate informed security decisions
I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.
NaySan @ Suraj Verma - PeerSpot reviewer
Provides actionable vulnerability insights and recommendations with notable efficiency
They may need to improve the portal refresh rate for Microsoft Defender Vulnerability Management because it takes time for recommendations to disappear after mitigation; sometimes, it takes one week, when it should ideally take only one to two hours. Overall, everything is good with Microsoft Defender Vulnerability Management, but the portal refresh rate can take up to seven days in some cases and three or four days in others to reflect changes.
MatthewSnyder - PeerSpot reviewer
Accelerates decision making and reduces alert fatigue with smart event consolidation
I believe they are on the right path. However, Wiz has a unique way of identifying issues. As part of its growth and maturity, I'm noticing that it is taking an approach where it not only detects problems but also provides solutions to fix them. This expansion into a more comprehensive ecosystem allows it to become a 360-degree product. Instead of just continuously pointing out findings and detections, it starts to integrate with existing solutions, reducing the cycle of repeated issues. We can learn from these mistakes, and ideally, they will only occur once, allowing us to address them effectively. I appreciate the continued growth in this partnership, as it aims to reduce the number of findings over time by tackling the root of the problem. One significant area for improvement would be increasing automation. While they excel at identifying issues, we need assistance in minimizing the human hours required for tasks. Ideally, the process would become more automated, allowing us to quickly respond with steps such as: we found an issue, reached out, and fixed it immediately. In cybersecurity, if it takes several hours to address a concern and a human attacker is present, that delay can lead to severe consequences. We need more immediate measures in our response strategies.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We saw benefits from Zafran Security almost immediately after deploying it."
"We are able to see the real risk of a vulnerability on our environment with our security tools."
"Zafran has become an indispensable tool in our cybersecurity arsenal."
"Overall, we have seen about eighty-seven percent reduction of the number of vulnerabilities that require urgency to remediate, specifically the number of criticals."
"Zafran is an excellent tool."
"The most valuable aspect is the kind of assessment results I get, and the recommendations provided in Microsoft products really help in taking care of the resources."
"The product’s most valuable features are compliance, recommendations, and inventories."
"Microsoft Defender Vulnerability Management provides regular advisories and recommendations that help improve our security posture."
"Microsoft Defender Vulnerability Management is a good product, and I believe it deserves a positive recommendation."
"Microsoft Defender Vulnerability Management is versatile and assesses vulnerabilities, providing detailed information on CVEs, their categories, and exploit statuses."
"The integration with SIEM is the best, specifically the native integration with Microsoft SIEM."
"The recommendations, scores, and steps to remediate actions are highly useful."
"A valuable feature is the ease of management and integration with Microsoft products."
"Wiz offers greater visibility and more in-depth findings in terms of configuration, misconfiguration, and vulnerabilities."
"Wiz has significantly reduced alert fatigue in our organization by grouping together elements that form toxic combinations, allowing us to quickly identify and remediate critical issues instead of chasing isolated alerts from multiple tools."
"The tool's most valuable feature is its attack path analysis."
"Wiz has helped my organization by allowing us to analyze the critical issues and providing the best way to mitigate these issues with step-by-step guidance."
"Wiz saves time by validating a network misconfiguration by not only looking at the cloud asset configuration but also by testing if a port that is stated to be open is actually open."
"A valuable feature is that Wiz helps in identifying vulnerabilities."
"The most valuable feature of Wiz is that it keeps information up to date without needing to perform scans or schedule maintenance windows. It provides a fresh snapshot of our vulnerability metrics."
"Our most important features are those around entitlement, external exposure, vulnerabilities, and container security."
 

Cons

"I think the ability to have some enhanced reporting capabilities is something they can improve on, as they have good reports but we have asked for some specific reporting enhancements."
"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvements."
"The product is not stable; it is very resource-intensive, consuming a lot of memory and CPU, which makes it slow."
"The constant changes in the product configuration or the console setup can sometimes be challenging."
"It is expensive."
"The technical support takes too much time to resolve tickets."
"There should be risk scoring added to Microsoft Defender Vulnerability Management; specifically, they call it quantification of the risk."
"The worst aspect is the refresh rate of the dashboard. A vulnerability I patch within 15 minutes takes 24 additional hours for an update."
"We have experienced some logging issues, including a few hours of downtime initially. Despite this, I would rate the overall stability as an eight."
"Integration can be improved."
"As the tool is a good fit for small and medium-sized businesses, the solution should focus on making the product suitable for large-scale businesses."
"One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging."
"The APIs are currently quite limited and not very mature, which makes integration with Splunk difficult."
"We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade... We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately."
"The only small pain point has been around some of the logging integrations. Some of the complexities of the script integrations aren't supported with some of the more automated infrastructure components. So, it's not as universal. For example, they have great support for cloud formation and other services, but if you're using another type of management utility or governance language for your infrastructure-as-code automation components, it becomes a little bit trickier to navigate that."
"The reporting isn't that great. They have executive summaries, but it's only a compliance report that maps all current issues to specific controls. Whether you look at one subscription or project, regardless of the size, you will get a multipage report on how the issues in that account map to that control. Our CSO isn't going to read through that. He won't filter that out or show that to his leadership and say, "Here's what we're doing." It isn't a helpful report. They're working on it, but it's a poor executive summary."
"We are still analyzing its behavior as we are in the midst of the implementation."
"We would like to see improvements to executive-level reporting and data reporting in general, which we understand is being rolled out to the platform."
 

Pricing and Cost Advice

Information not available
"The product’s pricing is medium."
"The tool is a bit costly."
"I rate the product's price a three on a scale of one to ten, where one is a low price, and ten is a high price."
"The licensing model follows a per-user per-month structure."
"The licensing costs are reasonable."
"The pricing is fair and comparable to their competitors. The cost seems to be going up, which is a concern. There are potential savings from consolidating tools, but we're uncertain how Wiz's pricing will change over time."
"Regarding pricing, it’s more than $100k because we have a very big infrastructure. Our environment supports around three thousand people, and we offer business-to-client financial services to around one million clients, so we rely heavily on Wiz."
"The pricing seems pretty simple. We don't have to do a lot of calculations to figure out what the components are. They do it by enabling specific features, either basics or advanced, which makes it easy to select."
"If one is cheap and ten is expensive, I rate the tool's price as a five out of ten."
"I wish the pricing was more transparent."
"Wiz is a moderately priced solution, where it is neither cheap nor costly."
"The cost of the other solutions is comparable to Wiz."
"The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
871,408 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
11%
Computer Software Company
9%
Manufacturing Company
8%
Government
6%
Financial Services Firm
12%
Computer Software Company
11%
Government
8%
Manufacturing Company
7%
Financial Services Firm
16%
Computer Software Company
14%
Manufacturing Company
10%
Healthcare Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise2
Large Enterprise5
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise6
Large Enterprise11
 

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?
Since we stood Zafran Security up in our private cloud, we handle the maintenance on our side. As we opted not to use...
What needs improvement with Zafran Security?
In terms of areas for improvement, Zafran Security is doing a really great job as a new and emerging company. Oftenti...
What is your primary use case for Zafran Security?
My use cases for Zafran Security revolve around two primary areas. One is around vulnerability management and priorit...
What is your experience regarding pricing and costs for Microsoft Defender Vulnerability Management?
I would rate the price as a three for us due to the partnership discounts. For non-partners, however, the cost could ...
What needs improvement with Microsoft Defender Vulnerability Management?
I have not thought about improvements for Microsoft Defender Vulnerability Management as of now, but this is typicall...
What do you like most about Wiz?
With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment.
What is your experience regarding pricing and costs for Wiz?
I don't know how much we pay, but I do know that Wiz charges a lot. However, they're offering a good product, so it m...
What needs improvement with Wiz?
It would be better if, when you get an alert type, you are able to view the regex or alert logic without having to di...
 

Overview

 

Sample Customers

Information Not Available
Information Not Available
Wiz is the fastest growing software company ever - $100M ARR in 18 months: Wiz becomes the fastest-growing software company ever | Wiz Blog  Discover why companies, including Salesforce, Morgan Stanley, Fox, and Bridgewater choose Wiz as their cloud security partner. Read their success stories here: Customers | Wiz
Find out what your peers are saying about Microsoft Defender Vulnerability Management vs. Wiz and other solutions. Updated: September 2025.
871,408 professionals have used our research since 2012.