Wiz vs XM Cyber comparison

Wiz and XM Cyber are both solutions in the Vulnerability Management category. Wiz is ranked #3 with an average rating of 9.0, while XM Cyber is ranked #29 with an average rating of 8.0. Additionally, 100% of Wiz users are willing to recommend the solution, compared to 100% of XM Cyber users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 9, 2024

XM Cyber and Wiz compete in the cybersecurity tools category. Wiz appears to have the upper hand due to its superior features related to cloud security and real-time risk assessment.

Features: XM Cyber integrates advanced threat detection and lateral movement simulation, along with proactive threat prevention. Wiz incorporates robust cloud security features with real-time risk assessment and offers comprehensive visibility across environments.

Room for Improvement: XM Cyber could improve its cloud-native capabilities, enhance user interface intuitiveness, and provide more analytics-driven insights. Wiz may benefit from expanding its hybrid environment support, streamlining feature access, and offering more competitive pricing tiers.

Ease of Deployment and Customer Service: XM Cyber enables an efficient deployment process with responsive support suitable for hybrid setups. Wiz facilitates streamlined deployment for cloud-native applications, backed by knowledgeable customer service to aid in cloud transformations.

Pricing and ROI: XM Cyber offers a competitive pricing model with tangible ROI through effective risk mitigation. Wiz, requiring a higher initial investment, justifies costs with its comprehensive security suite providing increased ROI for cloud-centric security investments. Pricing specifics are not detailed for either tool.

To learn more, read our detailed Wiz vs. XM Cyber Report (Updated: January 2025).

Buyer's Guide

Wiz vs. XM Cyber

January 2025

Download the complete report

Helped 832,138 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Zafran Security

Featured Reviews

Use Zafran Security?

Share your opinion

Pietro Villivà

Business Line Manager at S2E

Useful for security assessment and maintaining correct security posture

The tool keeps improving on a weekly basis. Wiz enters into a lot of partnerships with other technologies. I don't have any idea about the improvements needed in the tool at the moment. For me, Wiz is a very complete product, but it is not the perfect one. Other technologies are better for our customers' specific use cases. A possible way to grow the tool is by introducing new functionality or features. In the future, the tool can introduce an on-prem infrastructure or platform. Not having an on-prem version can be an obstacle for customers who have a large workload in an on-prem environment. The onboarding can be done in five minutes or five to ten minutes. Then, there is the configuration, and it depends on the type of the use case of the customer. There is a customer that has simple use cases for whom the onboarding can be done in four to eight hours a day. If there are some customers with a lot of use cases and a lot of different cloud providers, more time is needed. In general, we don't need more than five days to deploy the tool, even in the case of a very complex architecture and hybrid cloud environment. To deploy the tool, we need to have access to the account of the customer, and Wiz is a stuff that we need to make with the customer. We do the onboarding together. The customer creates the correct authorization in the cloud platform and gives us the key to connect to the platform, and then the platform connector starts and begins to collect information.

Read full review

HolgerHeimann

Ffounder at It.sec

Reliable with no false-positives and helpful support

There's a lot of improvement possible, however, most of it is in the details. I personally like the concept, as it's pretty straightforward and the product is not trying to overload functionality. It's a clean and straightforward approach. You know what you get. Most of the improvements are detail improvements. They're pretty open to future requests as well, so we send them a lot of suggestions. For example, at the moment, they have something called Battleground. That's a visualization of the network, and it's a visualization of the attack paths that are possible. The program uses so-called scenarios, and we say, "Okay, I'm watching traffic for maybe 24 hours," and then you get a result for that scenario, what happens in that time with what the attack paths are, et cetera. The result of the same scenario yesterday or tomorrow may be different as something might change. In that, one of the things I'm currently missing, which is on the list to be added, is some kind of diff visualization. For example, showing a two-screen split of activity. On the left side of the screen, that's how it was yesterday; on the right side, that's how it is today; and here are the differences. We'd like to see a cheaper price.

Read full review

See which vendors are best for you

Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.

See recommendations

832,138 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Retailer

13%

Computer Software Company

11%

Financial Services Firm

Comms Service Provider

Computer Software Company

15%

Financial Services Firm

15%

Manufacturing Company

Government

Computer Software Company

15%

Financial Services Firm

14%

Manufacturing Company

10%

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

Ask a question

Earn 20 points

What do you like most about Wiz?

With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment.

See all answers

What is your experience regarding pricing and costs for Wiz?

This feedback is not based on much experience yet, as we have only conducted POV or POC.

See all answers

What needs improvement with Wiz?

I have not measured certain abilities on a scale yet. The ultimate value depends on the requirements of your organiza...

See all answers

What do you like most about XM Cyber?

The platform's most valuable feature is attack simulation.

See all answers

What is your experience regarding pricing and costs for XM Cyber?

We have to pay standard licensing fees. There are no additional costs. It is an expensive product. I rate the pricing...

See all answers

What needs improvement with XM Cyber?

XM Cyber could identify all areas of vulnerability. They could expand the identification span for different areas.

See all answers

Comparisons

Dazz.io vs Zafran Security

Compared 55% of the time

ServiceNow Security Operations vs Zafran Security

Compared 23% of the time

Vulcan Cyber vs Zafran Security

Compared 23% of the time

More Zafran Security Competitors

Prisma Cloud by Palo Alto Networks vs Wiz

Compared 15% of the time

Orca Security vs Wiz

Compared 8% of the time

Microsoft Defender for Cloud vs Wiz

Compared 8% of the time

Snyk vs Wiz

Compared 5% of the time

CrowdStrike Falcon Cloud Security vs Wiz

Compared 5% of the time

More Wiz Competitors

Pentera vs XM Cyber

Compared 26% of the time

Cymulate vs XM Cyber

Compared 15% of the time

SafeBreach vs XM Cyber

Compared 10% of the time

Tenable Security Center vs XM Cyber

Compared 6% of the time

Qualys VMDR vs XM Cyber

Compared 6% of the time

More XM Cyber Competitors

Product Reports

Buyer's Guide

Vulnerability Management

February 2025

Download Zafran Security product report

Buyer's Guide

Wiz

January 2025

Download Wiz product report

Buyer's Guide

Cymulate vs. XM Cyber

January 2025

Download XM Cyber product report

Overview

Zafran Security's Threat Exposure Management Platform innovatively manages threats by leveraging existing security tools, proving 90% of critical vulnerabilities are non-exploitable while rapidly addressing those that pose real risks.

Zafran Security offers a unique operating model for threat management by normalizing vulnerability signals across hybrid cloud enterprises. By integrating these signals with specific IT context details, such as asset risk and defensive configurations, Zafran Security precisely prioritizes and mitigates exploitable exposures without dependency on patch cycles. This approach empowers security teams to manage risks effectively, offering immediate risk reduction and allowing other teams time to address root causes.

What are the valuable features?

Threat Prioritization: Identifies most exploitable vulnerabilities based on IT context.
Risk Reduction: Decreases immediate threats without relying on patch windows.
Tool Integration: Works with existing security tools for seamless operation.

What ROI should users look for?

Improved Efficiency: Fast risk management allows focus on crucial vulnerabilities.
Cost Savings: Reduces impact of potential security breaches.
Resource Optimization: Frees up cross-functional teams for strategic tasks.

Zafran Security is particularly valuable in industries utilizing hybrid cloud environments, where managing vulnerabilities efficiently is crucial. By integrating with existing tools, it streamlines the security workflow and bolsters threat management capabilities.

Zafran Security

Wiz is a highly efficient solution for data security posture management (DSPM), with a 100% API-based approach that provides quick connectivity and comprehensive scans of platform configurations and workloads. The solution allows companies to automatically correlate sensitive data with relevant cloud context, such as public exposure, user identities, entitlements, and vulnerabilities.This integration enables them to understand data accessibility, configuration, usage, and movement within their internal environments.

Wiz's Security Graph delivers automated alerts whenever risks emerge, allowing teams to prioritize and address the most critical issues before they escalate into breaches. Furthermore, Wiz ensures rapid and agentless visibility into critical data across various repositories, enabling organizations to easily determine the location of their data assets.

Wiz Features

Wiz provides various features in the following categories:

Agentless Scanning: The solution can scan every layer of a cloud environment without requiring agents, managing the entire process and providing comprehensive visibility.
Workflow Integration: Users can create customized workflows within Wiz to identify and assign actions based on urgency, integrating them with ticketing systems for quick and efficient remediation.
Vulnerability Management: Wiz's vulnerability management modules provide detailed analytics and visibility across cloud systems, streamlining the manual process of vulnerability discovery. The automated attack path analysis helps identify risks and trace potential points of exposure, allowing users to understand and mitigate them effectively and proactively.
CSPM (Cloud Security Posture Management): Wiz's CSPM module offers instant visibility into high-level risks to an enterprise’s cloud environment, covering all accounts without the need for agents.
Out-of-the-Box Reporting and Custom Queries: The service supports comprehensive reporting with asset context, allowing users to perform complex custom queries on the solution’s user-friendly interface.
Automation Roles and Dashboards: The solution facilitates automation by providing essential roles and dedicated dashboards that enable teams to understand security information quickly, even those with limited expertise.
Contextual Risk Evaluation: The service contextualizes the various components contributing to an issue, providing a risk evaluation framework that helps prioritize remediation efforts.
Security Graph and Visibility: Wiz's security graph offers visibility across the entire organization, even with multiple accounts, enabling users to understand their environment and assets effectively.

The Benefits of Wiz

Wiz offers the following benefits:

Comprehensive agentless scanning
Effective identification and mitigation of vulnerabilities
Streamlined vulnerability management
Robust reporting capabilities and customizable queries
Enhanced automation and role-based access control
Prioritized risk evaluation for efficient remediation
Security posture across multiple accounts

Reviews from Real Users

Kamran Siddique, VP Information Security at boxed.com, remarks his company has seen a ROI while using Wiz, as it simplifies the process by integrating multiple useful tools into one solution.

According to a Senior Security Architect at Deliveroo, Wiz has given their company a fresh approach to vulnerability management, as Wiz's native integrations are extremely useful and paramount to the operational success of their platform.

Get a demo | Wiz

Wiz

XM Cyber is a leading hybrid cloud security company that’s changing the way innovative organizations approach cyber risk. Our attack path management platform continuously uncovers hidden attack paths to your critical assets across cloud and on-prem environments, so you can cut them off at key junctures and eradicate risk with a fraction of the effort. This overcomes the big disconnect that security teams experience when they’re presented with endless alerts, yet can’t see which exposures impact risk the most, how they come together to be exploited by an attacker, or how to efficiently eliminate them. This approach is a complete game-changer, which is why some of the world’s largest, most complex organizations choose XM Cyber to help eradicate risk. Founded by top executives from the Israeli cyber intelligence community, XM Cyber has offices in North America, Europe, and Israel.

XM Cyber

Sample Customers

Information Not Available

Wiz is the fastest growing software company ever - $100M ARR in 18 months: Wiz becomes the fastest-growing software company ever | Wiz Blog Discover why companies, including Salesforce, Morgan Stanley, Fox, and Bridgewater choose Wiz as their cloud security partner. Read their success stories here: Customers | Wiz

Hamburg Port Authority, Plymouth Rock Corporation

Buyer's Guide

Wiz vs. XM Cyber

January 2025

Free Report: Wiz vs. XM Cyber

Find out what your peers are saying about Wiz vs. XM Cyber and other solutions. Updated: January 2025.

DOWNLOAD NOW

832,138 professionals have used our research since 2012.

See our Wiz vs. XM Cyber report.

See our list of best Vulnerability Management vendors and best Cloud Security Posture Management (CSPM) vendors.

We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.