WIZ Cloud Infrastructure Security Platform

I mostly work with a lot of AI use cases and some data governance use cases where we are focusing on the data because data can reside anywhere in the cloud. It is not limited to some storage. We do have a variety of services where data can reside and it is very crucial to identify those sensitive data and label them. When data is exfiltrated from one resource to another resource, we have to make sure that the DLP policies are fulfilled or enforced.

I have found that Wiz covers all the stages of the software development life cycle. It covers application or code security, DevOps security, and runtime security. It is a full-fledged CNAPP solution. All the areas within the development and the deployment side are covered.

The impact of consolidation on my ability to prioritize critical risks in the cloud environment is all about the correlation and how the technology works at the back end. It picks the data from different sources and correlates and identifies the high-priority risk. It provides visibility, meaning the risk score about the resource where we need to focus on.

Wiz does reduce alert fatigue for our customers, but alert fatigue is the main concern for every organization. If you don't have the proper workflow for each incident, it also depends upon the implementation and the workflow that you have decided. Sometimes it is a very big concern and a big headache for the customer because it finds a lot of findings that could be false positives. We have to fine-tune those alerts as per the infrastructure design. Sometimes some findings could be false positives, so we have to assess all these findings and we have to make sure that all policies are relevant for the environment.

The second point is basically the remediation steps. Sometimes it creates a burden or headache for the customer because the remediation of those kinds of findings are difficult. It may need a dedicated team who can get involved and fix them. Ownership and accountability is the main concern. We have to collaborate with different teams and make them understand the impact of that finding. The workflow also depends upon whether automation should be there. Automation is not for all findings, but for where we can do some kind of alerts where we can do the automation. For example, with IAM, those guys having the extra privilege, we can decide the workflow and we can remediate. But somewhere the service is running, we cannot immediately remediate those findings because it involves a lot of impact. First, we have to analyze each alert and what kind of impact it could be, then based on that, we have to plan whether it will be manual or through automation.

Wiz is currently allowing us to consolidate everything, the findings, the visibility of your environment, and everything is there.

Wiz Code is also covering your secrets and your vulnerabilities inside the IAC. It also provides us the SCA, Software Composition Analysis, and also provides an SBOM report that helps developers to look at the security standpoint while creating or writing any code. There are a lot of other things it is providing, but these are the major things.

Regarding Wiz Defend, the runtime protection, we do have the agent or sensor on the endpoint where it can defend in real time. There are two approaches. Detection is the one capability and protection is the second capability. At some stage, it only provides us the visibility, and at some stage, it also defends the attack.

I find AI security posture management very important in cloud security strategy. Nowadays, every organization is using different kinds of models or enhancing their applications. While they are using the models or they are calling through APIs, maybe sometimes they are using models inside their environment, sometimes they are just buying the APIs for any third-party model. While we are buying any APIs for their application or to integrate the LLM model into their application, it is crucial that we should have the visibility. Whoever kind of prompts the end user is triggering and what kind of data in or out is happening. Such kind of sensitive information may be traversing inside our network. The visibility of these things should be there so that preventive control can be implemented.

I believe Wiz could be improved or enhanced by acknowledging that nowadays a lot of technology is coming. Every solution is now doing the integration at the backend. They are trying to cover more areas in terms of cybersecurity. Definitely, every solution is growing as per the market demand. We can see a couple of more things coming soon, and every technology or technology owner is working behind the scenes. The purpose is basically the baseline foundation. If you talk about the CIA triad, that should be covered properly and everyone is doing the same thing.

I would like Wiz to push backend integration more, but not that much because license and procurement happen through a different team.

I have been working with Wiz for the last three months, during which I deployed this Wiz solution for one of the clients.

The stability and reliability of Wiz are good. I don't feel any issues. It is good because whenever they are planning any activity, they generally inform us prior to implementation.

Regarding the scalability of Wiz, it is good. I don't see or feel any kind of issue on the scalability or the performance. Every solution is running behind most probably on the Kubernetes services, they are using multiple containers and the pods behind those services. In terms of scalability, I don't feel any issues. It totally depends upon the license, how much license you procured. Based on that you can onboard or you can consume those licenses. Even if you go beyond that, you don't see any kind of challenges. It is pretty much good, not limited to Wiz but for all solutions I'm talking about. They are providing 99.99 kind of SLA. I don't see and feel such kind of issues in the past.

I communicate with the technical support at some times when we feel that the technology is not working as expected. The outcome that we suppose is not getting as expected, so we generally raise a ticket with the provider. They assist as they regularly do.

I have found that Wiz covers all the stages of the software development life cycle. It covers your application or code security, also covers DevOps security, and also finally covers the runtime security. It is a full-fledged CNAPP solution. All the areas within the development and the deployment side are covered.

My impression of Wiz Runtime Sensor is quite good. Runtime, as I already mentioned, in the runtime sensor, we are basically deploying the sensor on the endpoint. It could be your EC2 instance, the virtual machine, container, and the Lambda function as well. It detects and blocks in real time and blocks the attack in real time. It is really convenient. Sometimes zero-day vulnerability is not possible in agentless scanning. When I say agentless scanning, we don't have a sensor on the device. But while we are putting the sensor, we have these kinds of visibility and it protects or helps us with zero-day attacks as well. That is really helpful for the organization.

On the ability side of Wiz regarding its ability to achieve zero criticals in its issue queues, there is no doubt. But it also depends upon the use case as well. We have a limited use case for the recent deployment, it is all about the deployment. But as a part of product maturity, we can leverage or we can explore more things.

While deploying any controls, there are a lot of prerequisites and readiness for that. We have to collaborate with different teams. It could be the network team, generally the network team, the cloud team, and the infrastructure team, where we have to explain the use case of that particular control, why we are putting it, and what is the requirement. Once we have a good understanding about the infrastructure and about the technologies, we generally deploy the solution phase-wise. In phase one, we just target one or two test environments where we can provide some ROI against those accounts and resources. Down the line, we are covering in phases, more accounts and resources. That is how the approach we are currently following, and generally every organization is doing the same thing.

Most of the customers prefer a hybrid environment, not limited to the on-prem or cloud. Everyone is using a hybrid environment nowadays. It could be Azure, AWS, and sometimes on-prem. But the capability that the solution is providing is very limited to the on-prem environment. They more focus on the cloud environment first and are limited to the endpoint protection if I talk about the runtime monitoring. The rest of the things cover the cloud environment only, the identity and the access part.

To get the full potential of Wiz, it is good and good for the cloud environment and the hybrid cloud environment. Some part of it is covering the on-prem as well.

I would rate this product a 9 out of 10 based on its comprehensive coverage and capabilities.

Hybrid Cloud

Amazon Web Services (AWS)

As a customer, I use Wiz  myself, but because I work for the Commonwealth Bank, it could be a partner with Wiz . I don't have insight into this tool as it is a very large organization and was already in place before I joined, with other people having set it up, so I don't have that background.

So far, I am scanning for vulnerabilities in packages and dependencies. I use Wiz Code  a bit.

What I like most about Wiz is that it is similar to other tools. Wiz has integrated with industry standards, such as security protocols and policies like Open OWASP and several others, based on my security standards for scanning packages, finding vulnerabilities, and providing fix versions based on its search and information retrieval.

I think it is at a good price and gives analysis while working well with other testing or pen testing tools that other security teams use to scan software to ensure it aligns with security requirements. Wiz helps because other tools, based on what they detect, usually reflect those fixes or remediations in other tools as well. Wiz gives a very good insight into how secure your software and code are.

Wiz is quite good at consolidating the scanning results.

Wiz is agentless, which is a plus, but the runtime and real-time detection could be limited, as it is not its strength. I could not give details on how limited it is. Its price could be high compared to others, and I feel it is expensive.

I have been using Wiz for one and a half years.

I would give stability a nine because I did not see significant instability.

I feel scalability is good, and I can give it a nine. We have many pipelines running Wiz scanning, and I have not seen Wiz pending or taking too long, which is a good thing.

I rate support from Wiz an eight.

Regarding installation, I just joined and used it, which might not be my area to comment on whether it is easy or difficult.

I see possible ROI with Wiz, but as I mentioned, I am not at that level of use. I just researched Wiz prices, and I got a feeling about it.

I do not have in-depth knowledge to give a detailed pros and cons analysis of Wiz compared to products such as OWASP, SonarQube , or Snyk . However, when comparing Wiz to Dynatrace  or Snyk , I see they focus on different areas. Dynatrace  focuses on code quality scanning, and Snyk may have more focus on security. Wiz scans artifacts or dependency packages, which is a bit different from SonarQube , as SonarQube scans code. However, Wiz is able to scan code and also manage the artifactory, dependencies, and their versions. This is quite similar to JFrog X-ray scanning.

Wiz Code  impacts the development workflow similar to SonarQube. Wiz Code can detect coding quality issues or coding conventions and those kinds of problems. Nowadays, we leverage AI tools for development. As a developer, I probably use AI for initial code, and in most cases, I just review and integrate, with the AI generating code programming. Wiz Code or SonarQube scans those codes and then gives a report. If we instruct the AI or do proper prompting, they usually give very good code that can pass the scanning.

AI security is definitely very important for our security strategy.

AI security posture management is important because if you use an AI tool, you need to protect your data. As a commercial company or even a government organization, you do not want to leak sensitive data such as PII or other organization-related data to the AI, especially in uncontrolled environments. When we use AI tools at the Commonwealth Bank itself, we are only allowed to use internal AI, which means it has many regulations in place, including guardrails, and the deployment environment looks at both input and output, ensuring that data does not go to the internet. This protects organization-level data and filters unnecessary inputs and outputs.

For Wiz Runtime Sensor, I am not quite familiar with it, but I know that this tool is meant to find dynamic analysis at runtime. I probably have little practice with another tool called OWASP ZAP.

I think the alert fatigue from Wiz is quite similar at the same level as the other scanning tools. If it detects any critical or high vulnerabilities, it alerts you. You can set up alerts based on your standards or rules to send alerts. With alerts based on findings, it allows you to set alerts on multiple domains such as vulnerabilities. For example, you might have critical CVEs on an EC2  instance and send an alert. It could also be scanning identity risks and possibly security exposures such as secrets exposure. Wiz covers a lot, including data exposure and attack paths. In alerting, it gives very clear information such as severity, affected resources, risks, and possibly an attack path description explaining how an attacker might use that vulnerability. Wiz includes such information based on severity, affected resources, attack paths, risk descriptions, and possibly remediation guidance.

If I summarize everything about Wiz, it deserves an eight in general.

Amazon Web Services (AWS)

My main use case for Wiz  is that it identifies misconfigurations within the cloud services and misconfiguration within the Kubernetes  platform. We also detect vulnerabilities within the runtime from the containers. Once we have those findings in place, we run a cron job within the GitLab  pipeline wherein it pulls all vulnerabilities and misconfigurations and then creates tickets to the respective teams through Jira  or through ServiceNow . Everything is totally automated. A Python function has been created which pulls all the vulnerabilities, performs data enrichment to identify the ownership, and then assigns the SLA and the SLA breach timeline, based on which it is then posted to the respective groups.

The best features Wiz offers in my experience are the collective findings that you get to see for each resource, which is called something as issues. It combines all findings, whether it is exposed to the internet, whether it has misconfigurations, whether there is encryption in place, or whether there is an IAM  issue in place. You get to see all findings for a particular resource in one view, which Prisma or some other tool was not offering at this moment. Wiz is also offering ASPM at a service management level, KSPM, and AI security.

Wiz has positively impacted my organization because with the consequence model, as and when the consequence model triggers, every team goes ahead and mitigates the findings to ensure that it is not escalated to the CEO level. The automation is helping us to drive our platform to be more secure.

I choose eight out of ten because there is always room for improvement. Possibly I am not able to identify it, but definitely there would be some room for improvement. Nothing is perfect in terms of security.

We are in the process of getting to zero-day vulnerabilities.

I have been using Wiz  for the past two years, enabling CSPM and CWP mainly, but as of now we have also started with KSPM, which is Kubernetes  security posture management and data security posture management as well in my current company.

Wiz is stable in my experience.

Wiz's scalability is good as of now because the attributes we need in terms of identifying vulnerabilities is pretty good compared to Prisma.

Customer support is good. They are really helpful, but it is only the management who gets to interact with the sales team.

Positive

We did evaluate CrowdStrike, Tenable One, and Prisma Cortex .

We create dashboards with the automation, so all the findings being pulled from Wiz are enriched first, and then we store all those findings with the SLA metrics into a Grafana  dashboard.

I have seen a return on investment with Wiz, specifically in that we need fewer employees.

I would advise others looking into using Wiz to definitely compare it with all the other tools that are in the market. Wiz is one of the finest tools that I have used so far, and it gives visibility to all the services based resources, which other tools do not give. It also helps to create custom policies based on Rego, which is one of the easiest solutions that anyone can develop. I give this product a rating of eight out of ten and would definitely recommend Wiz.

Public Cloud

Amazon Web Services (AWS)

What do you like best about the product?

The UI is amazing, and it's only the tip of the iceberg: the graph-query engine underneath is super powerful. There's a bit of a learning curve here, but the AI tool is a big help with this part.

Plus, the documentation is excellent and the team are very customer focused.

What do you dislike about the product?

The colors of the new logo 😁
The PoV was a stressful process, it's a rather unique approach to buying a software solution IME.

What problems is the product solving and how is that benefiting you?

Wiz gives structure and prioritization to our cloud security efforts. No more worrying about every CVE, we can focus on the few that really matter !

What do you like best about the product?

Very easy to deploy and quick to start delivering value. It provides excellent visibility across a wide range of security risks and surfaces vulnerabilities that might otherwise go unnoticed. The remediation guidance, particularly the GenAI step-by-step explanations, is genuinely useful for helping teams understand and fix issues rather than just identifying them.

What do you dislike about the product?

Some capabilities are consumption-based, so it is important to understand how certain features could affect cost. That said, it is straightforward to control or limit additional spend if needed.

What problems is the product solving and how is that benefiting you?

Wiz provides us with a consolidated view of security risks across our cloud estate and code base. It has improved our visibility, helped us uncover issues we hadn’t previously detected, and made it easier for teams to prioritise and remediate vulnerabilities. Overall, it’s having a positive impact on our security posture.