My company has not integrated the product with any other tools. We have just started exploring the product, which we mainly use for Azure-based tools and for detecting vulnerabilities. Actually, one of my other teams in my company has good experience with the tool. I am in the first stage of exploring Wiz. The tool is very powerful in nature. It is easy to use the tool. I recommend the tool to others since it is a user-friendly product. I have started using the product for any AI-based projects. I am trying to switch over from exchange to security platforms. I will recommend the tool to other people. It is good to use. I can recommend the tool to anyone. I have not yet started using the AI features in the tool. I rate the tool an eight out of ten.
The tool can be used for all customers who don't have a security structure or security team inside because the platform is very easy to use. It is a very useful tool for developer teams that can use the platform without having security knowledge, and the platform helps the developer of code applications. The tool adapts to a use case in which there is a SOC team because of the rich data that the SOC can correlate and manage. I recommend the tool to companies that use cloud products. Wiz can be integrated with other customer platforms because it enriches information and makes inaction very valuable in terms of security. I rate the tool as an eight out of ten.
Wiz's scanning and detection capabilities can identify vulnerabilities potentially affecting the cloud or exposure. It's not solely focused on database issues. It performs various tasks effectively. The categorization is excellent, the dashboards are informative, and the reporting features are robust. Additionally, you can create highly customizable reports. Everything works using a CI/CD pipeline, which is very good because every DevOps engineer can manage it by simply creating some code around the message request. Wiz works fine and is fully compliant with CI/CD. The workflow and the tasks align with industry standards. We can configure any compliance framework for checking with Wiz. For example, you can select frameworks such as GDPR, AWS Fundamentals, and CI/CD. You can configure the tool based on the recommendations provided by these frameworks. If your company has specific requirements, like allowing an 8-character password while the state requires 12 characters, you can customize the settings accordingly. Wiz will then assess compliance based on these customized parameters, and if everything meets the set criteria, it will confirm that you are compliant. You have everything in one dashboard. The dashboard and reports are quite literally perfect. Since everything is in one dashboard, you can customize the reports to show only the columns you want to see. For example, you can exclude low-risk items so you don't get notifications about low-risk issues that do not impact your compliance status. Wiz has some AI features for consolidation, but it's not customizable. What VMware offers is similar, but there's not much to choose between. You either have a batch compliance agreement, or you don't. Wiz's framework complies with requirements, or it doesn't. It's a vulnerability management tool similar to Kangaroo but with better AI documentation features. You can ask questions about how to do something, and the AI will provide the relevant information. This feature is built into the system. Overall, I rate the solution a ten out of ten.
AWS Cloud Security Engineer at a tech services company with 51-200 employees
Real User
Top 20
2024-04-15T14:10:00Z
Apr 15, 2024
We use Wiz to enhance our cloud security, and as a result, the number of vulnerabilities has gone down. We have integrated Jira authentication with Wiz to create tickets. We have set up rules in Wiz that generate tickets for misconfigurations. These tickets are sent to the respective departments that own the accounts with the identified vulnerabilities and misconfigurations. Our security team pushes these tickets to the relevant teams, enhancing security. Integration and deployment are relatively easy. However, we have encountered some incidents with Wiz in the past. As Wiz mentioned, some policies included in the connectors were flagging our production EBS in AWS. Maintenance is very easy. I recommend Wiz for its simplicity, comprehensive findings, and impressive security graph. It provides excellent visibility, threat detection, and data classification rules. Additionally, Wiz offers more control compared to Prisma and other third-party tools. Overall, I rate the solution at eight-point five out of ten.
SOC Manager at a real estate/law firm with 1,001-5,000 employees
Real User
Top 10
2024-02-21T08:44:36Z
Feb 21, 2024
You can choose to use Wiz if you're not looking for a container deduction and response or Kubernetes security. The solution is deployed on AWS Azure and a private cloud in our organization. The solution's compliance reporting capabilities increased the score of our security scorecard. Overall, I rate the solution an eight out of ten.
I rate Wiz nine out of 10. Before implementing Wiz, you should have all the information about your cloud environment in hand. It's straightforward once you get started. The challenge is getting connected to the environment. It will be difficult if you don't have the keys to the environment. Make sure you have a list of all your tenants for AWS, Azure, GCP, etc., so you don't miss anything. You're always going to have a lot of alerts in this business, but Wiz has the flexibility to tailor your controls to your company's specific needs. That will reduce the amount of alerts.
Sr. Manager AVP - Vuln Management and Threat Intelligence at a computer software company with 201-500 employees
Real User
Top 20
2023-03-17T00:04:00Z
Mar 17, 2023
I give Wiz a nine out of ten. If Wiz can figure out the remediation workflow, I would put the solution close to a ten out of ten. Although we are not able to consolidate tools with Wiz yet, the solution is getting there. It is on Wiz's roadmap. We will deprecate our SaaS and SCA offerings once Wiz rolls that ability out by the end of the year. Very rarely do people truly conduct a thorough proof of concept. Analysts from Gartner or Forrester may not fully understand individual environments, as each one is unique. To get a better understanding, we need to compare side-by-side, setting up Prisma, Aqua, and Wiz. It will become clear how Wiz is a leader in the space, both from a technical standpoint and from a high-level view. Additionally, other solutions often lack up-to-date documentation, whereas Wiz takes documentation seriously and has excellent documents and revisions. Furthermore, Wiz's portal is user-friendly and prioritizes risk, making it stand out from its competitors. With any solution, we want to conduct a health check. We schedule health checks with Wiz every six months to ensure the solution is well maintained.
Senior Information Security Engineer at a financial services firm with 1,001-5,000 employees
Real User
Top 20
2023-03-15T20:04:00Z
Mar 15, 2023
I rate Wiz a nine out of ten. I recommend evaluating it with a full POC, but be prepared to set up connectors and go through the entire process. You'll know if you like the tool within a month. Try it if you have the budget. If you're concerned about getting too many alerts from multiple solutions, I would say it depends on what you can consolidate. Not everything can be consolidated into Wiz. At the same time, Wiz mainly reports actual issues, and there isn't a lot of noise or false positives. Wiz will detect specific resources that might be exposing ports to the internet and trigger an issue on that. But that's by design. In some cases, you might have network resources that a firewall needs to have exposed to the internet in that way. Wiz has accounted for everything, so you can configure it to ignore particular issues for a given resource. They've implemented a few ways to work around issues you don't want to address so you can clear from the interface and get people to focus on what's important.
Chief Information Security Officer (CISO) at a outsourcing company with 501-1,000 employees
Real User
Top 20
2023-02-23T23:36:00Z
Feb 23, 2023
I rate Wiz a ten out of ten. Take a look at competitors and make your opinion. At the same time, most people choose Wiz because of its ease of use, support, and return on investment. Those are the main reasons we selected and stayed with them.
Director Information Security at a computer software company with 501-1,000 employees
Real User
Top 10
2022-12-22T21:05:00Z
Dec 22, 2022
The biggest thing is understanding the hows of where your integration points are going to be. To someone who is looking at buying Wiz but is concerned that they already have a bunch of products that give them a lot of alerts, I would say that from an alert perspective, we haven't had a whole lot of issues related to alert fatigue from the system. We were very calculated in the implementation in terms of the things that we're seeing just for that reason. One of the things is that there could be areas where there might be overlaps in alerting. So, you can look at potentially consolidating those systems down into this single platform. Depending upon how you're doing some of the logging, alerts, and change detections in the environments, you can consolidate things like your vulnerability scanning. I would rate it an eight out of ten.
CyberSecurity Sr Manager at a retailer with 10,001+ employees
Real User
Top 20
2022-12-01T21:56:00Z
Dec 1, 2022
Initially, there was unplanned work when our cloud owners saw the risks in their environments. But because we were prioritizing what needed to be fixed first, they were able to utilize existing staff resources to address those vulnerabilities. We were not just trying to patch or fix something that might be low risk. Rather, we were always trying to identify where our critical issues were and address those first. If you're looking at Wiz but are concerned that your existing products already give you a lot of alerts, I would ask about your journey to the cloud and what you're focusing on. Are you mainly focusing on what I call CVEs and patching? Or are you looking into other areas like compliance and identity and access management pieces? If you are, then Wiz is definitely the right choice. It has to be driven based on that journey to the cloud. Visibility, once deployed, is one thing, and visibility prior to deployment is another thing. You should have a good understanding of what your requirements are and where you see the value of addressing any type of risk that is introduced into your environment. Understand what is important to you. Are you more focused on the CSPM features that are available through Wiz? Are you more focused on cloud infrastructure entitlements that are available through Wiz? Are you looking to remove existing agents that could create overlap, and how does that fit into your roadmap? Understanding your requirements for the type of information that you want to see out of the tool is going to be critical to understanding your use cases, and how your community is engaged with those use cases, regardless of how easy the tool is to integrate. Those are factors that are going to be vital to your success.
Wiz is a highly efficient solution for data security posture management (DSPM), with a 100% API-based approach that provides quick connectivity and comprehensive scans of platform configurations and workloads. The solution allows companies to automatically correlate sensitive data with relevant cloud context, such as public exposure, user identities, entitlements, and vulnerabilities.This integration enables them to understand data accessibility, configuration, usage, and movement within...
My company has not integrated the product with any other tools. We have just started exploring the product, which we mainly use for Azure-based tools and for detecting vulnerabilities. Actually, one of my other teams in my company has good experience with the tool. I am in the first stage of exploring Wiz. The tool is very powerful in nature. It is easy to use the tool. I recommend the tool to others since it is a user-friendly product. I have started using the product for any AI-based projects. I am trying to switch over from exchange to security platforms. I will recommend the tool to other people. It is good to use. I can recommend the tool to anyone. I have not yet started using the AI features in the tool. I rate the tool an eight out of ten.
The tool can be used for all customers who don't have a security structure or security team inside because the platform is very easy to use. It is a very useful tool for developer teams that can use the platform without having security knowledge, and the platform helps the developer of code applications. The tool adapts to a use case in which there is a SOC team because of the rich data that the SOC can correlate and manage. I recommend the tool to companies that use cloud products. Wiz can be integrated with other customer platforms because it enriches information and makes inaction very valuable in terms of security. I rate the tool as an eight out of ten.
I'd recommend Wiz, especially if reporting improvements are made. I rate Wiz an episode ght out of ten primarily due to reporting challenges.
Wiz's scanning and detection capabilities can identify vulnerabilities potentially affecting the cloud or exposure. It's not solely focused on database issues. It performs various tasks effectively. The categorization is excellent, the dashboards are informative, and the reporting features are robust. Additionally, you can create highly customizable reports. Everything works using a CI/CD pipeline, which is very good because every DevOps engineer can manage it by simply creating some code around the message request. Wiz works fine and is fully compliant with CI/CD. The workflow and the tasks align with industry standards. We can configure any compliance framework for checking with Wiz. For example, you can select frameworks such as GDPR, AWS Fundamentals, and CI/CD. You can configure the tool based on the recommendations provided by these frameworks. If your company has specific requirements, like allowing an 8-character password while the state requires 12 characters, you can customize the settings accordingly. Wiz will then assess compliance based on these customized parameters, and if everything meets the set criteria, it will confirm that you are compliant. You have everything in one dashboard. The dashboard and reports are quite literally perfect. Since everything is in one dashboard, you can customize the reports to show only the columns you want to see. For example, you can exclude low-risk items so you don't get notifications about low-risk issues that do not impact your compliance status. Wiz has some AI features for consolidation, but it's not customizable. What VMware offers is similar, but there's not much to choose between. You either have a batch compliance agreement, or you don't. Wiz's framework complies with requirements, or it doesn't. It's a vulnerability management tool similar to Kangaroo but with better AI documentation features. You can ask questions about how to do something, and the AI will provide the relevant information. This feature is built into the system. Overall, I rate the solution a ten out of ten.
We use Wiz to enhance our cloud security, and as a result, the number of vulnerabilities has gone down. We have integrated Jira authentication with Wiz to create tickets. We have set up rules in Wiz that generate tickets for misconfigurations. These tickets are sent to the respective departments that own the accounts with the identified vulnerabilities and misconfigurations. Our security team pushes these tickets to the relevant teams, enhancing security. Integration and deployment are relatively easy. However, we have encountered some incidents with Wiz in the past. As Wiz mentioned, some policies included in the connectors were flagging our production EBS in AWS. Maintenance is very easy. I recommend Wiz for its simplicity, comprehensive findings, and impressive security graph. It provides excellent visibility, threat detection, and data classification rules. Additionally, Wiz offers more control compared to Prisma and other third-party tools. Overall, I rate the solution at eight-point five out of ten.
You can choose to use Wiz if you're not looking for a container deduction and response or Kubernetes security. The solution is deployed on AWS Azure and a private cloud in our organization. The solution's compliance reporting capabilities increased the score of our security scorecard. Overall, I rate the solution an eight out of ten.
I rate Wiz nine out of 10. Before implementing Wiz, you should have all the information about your cloud environment in hand. It's straightforward once you get started. The challenge is getting connected to the environment. It will be difficult if you don't have the keys to the environment. Make sure you have a list of all your tenants for AWS, Azure, GCP, etc., so you don't miss anything. You're always going to have a lot of alerts in this business, but Wiz has the flexibility to tailor your controls to your company's specific needs. That will reduce the amount of alerts.
I give Wiz a nine out of ten. If Wiz can figure out the remediation workflow, I would put the solution close to a ten out of ten. Although we are not able to consolidate tools with Wiz yet, the solution is getting there. It is on Wiz's roadmap. We will deprecate our SaaS and SCA offerings once Wiz rolls that ability out by the end of the year. Very rarely do people truly conduct a thorough proof of concept. Analysts from Gartner or Forrester may not fully understand individual environments, as each one is unique. To get a better understanding, we need to compare side-by-side, setting up Prisma, Aqua, and Wiz. It will become clear how Wiz is a leader in the space, both from a technical standpoint and from a high-level view. Additionally, other solutions often lack up-to-date documentation, whereas Wiz takes documentation seriously and has excellent documents and revisions. Furthermore, Wiz's portal is user-friendly and prioritizes risk, making it stand out from its competitors. With any solution, we want to conduct a health check. We schedule health checks with Wiz every six months to ensure the solution is well maintained.
I rate Wiz a nine out of ten. I recommend evaluating it with a full POC, but be prepared to set up connectors and go through the entire process. You'll know if you like the tool within a month. Try it if you have the budget. If you're concerned about getting too many alerts from multiple solutions, I would say it depends on what you can consolidate. Not everything can be consolidated into Wiz. At the same time, Wiz mainly reports actual issues, and there isn't a lot of noise or false positives. Wiz will detect specific resources that might be exposing ports to the internet and trigger an issue on that. But that's by design. In some cases, you might have network resources that a firewall needs to have exposed to the internet in that way. Wiz has accounted for everything, so you can configure it to ignore particular issues for a given resource. They've implemented a few ways to work around issues you don't want to address so you can clear from the interface and get people to focus on what's important.
I rate Wiz a ten out of ten. Take a look at competitors and make your opinion. At the same time, most people choose Wiz because of its ease of use, support, and return on investment. Those are the main reasons we selected and stayed with them.
The biggest thing is understanding the hows of where your integration points are going to be. To someone who is looking at buying Wiz but is concerned that they already have a bunch of products that give them a lot of alerts, I would say that from an alert perspective, we haven't had a whole lot of issues related to alert fatigue from the system. We were very calculated in the implementation in terms of the things that we're seeing just for that reason. One of the things is that there could be areas where there might be overlaps in alerting. So, you can look at potentially consolidating those systems down into this single platform. Depending upon how you're doing some of the logging, alerts, and change detections in the environments, you can consolidate things like your vulnerability scanning. I would rate it an eight out of ten.
Initially, there was unplanned work when our cloud owners saw the risks in their environments. But because we were prioritizing what needed to be fixed first, they were able to utilize existing staff resources to address those vulnerabilities. We were not just trying to patch or fix something that might be low risk. Rather, we were always trying to identify where our critical issues were and address those first. If you're looking at Wiz but are concerned that your existing products already give you a lot of alerts, I would ask about your journey to the cloud and what you're focusing on. Are you mainly focusing on what I call CVEs and patching? Or are you looking into other areas like compliance and identity and access management pieces? If you are, then Wiz is definitely the right choice. It has to be driven based on that journey to the cloud. Visibility, once deployed, is one thing, and visibility prior to deployment is another thing. You should have a good understanding of what your requirements are and where you see the value of addressing any type of risk that is introduced into your environment. Understand what is important to you. Are you more focused on the CSPM features that are available through Wiz? Are you more focused on cloud infrastructure entitlements that are available through Wiz? Are you looking to remove existing agents that could create overlap, and how does that fit into your roadmap? Understanding your requirements for the type of information that you want to see out of the tool is going to be critical to understanding your use cases, and how your community is engaged with those use cases, regardless of how easy the tool is to integrate. Those are factors that are going to be vital to your success.