Sold by: Wiz
Deployed on AWS
Free Trial
Vendor Insights
AWS Free Tier
Wiz provides an entirely new approach to cloud security that for the first time identifies the actual risks hidden in your cloud infrastructure.
4.7
Overview
Wiz performs a deep assessment of your entire cloud and then correlates a vast number of security signals to trace the real infiltration vectors that attackers can use to break in. Wiz also gives you the tools to bring your DevOps and development teams into the process to fix these risks, creating a culture of security in your cloud operations that results in a stronger, more secure cloud. For more information visit: https://www.wiz.io
*Wiz provides custom pricing for customers via Private Offer. Please contact marketplace@wiz.io for a better understanding of our pricing model and products.
Highlights
- Covers every resource across your full cloud stack, multi-cloud environment using a 100% API approach that deploys in minutes.
- Models overlapping cloud policies, configurations, and compensating controls that interact in ways that are often unpredictable to calculate their end result.
- Maps all of the issues in your cloud together in a single graph database, revealing which of them combined pose the greatest risk.
Details
Sold by
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Trust Center
Access real-time vendor security and compliance information through their Trust Center powered by Drata. Review certifications and security standards before purchase.
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(8)
ISO27001
SOC2
AWS Security Specialization
GDPR
PCIDSS
PCIDSS
FedRAMP
HIPAA
Pricing
Free trial
Try this product free according to the free trial terms set by the vendor.
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Wiz Essential | Protect 100 cloud workloads | $24,000.00 |
Wiz Advanced | Protect 100 cloud workloads | $38,000.00 |
Wiz Sensor | 100 Wiz Sensors. Add-on for Wiz Advanced | $28,000.00 |
Wiz Code | 100 Wiz Code Licenses. Add-on for Wiz Cloud | $58,500.00 |
Wiz Defend | Ingest 300 GBs of logs per month. Add-on for Wiz Advanced | $18,000.00 |
Vendor refund policy
Please contact us at info@wiz.io
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Support
Vendor support
Wiz provides custom pricing for customers via Private Offer. Please contact marketplace@wiz.io for a better understanding of our pricing model and products. tel:+01-240.823.5670
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
Top
10
In Application Development, Continuous Integration and Continuous Delivery, Security
Top
10
In Vulnerability and Patch Management, Data Governance
Top
25
In Observability, Software Development
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Cloud Infrastructure Scanning
"Performs comprehensive assessment across entire cloud infrastructure using 100% API-based approach with rapid deployment"
Risk Correlation Mechanism
"Correlates multiple security signals to trace potential infiltration vectors and identify complex attack paths"
Multi-Cloud Support
"Provides unified security coverage across diverse cloud environments and resource types"
Policy Interaction Modeling
"Analyzes overlapping cloud policies, configurations, and compensating controls to predict complex security interactions"
Graph-Based Visualization
"Generates comprehensive cloud security mapping using graph database to reveal interconnected security issues and risk relationships"
Attack Surface Management
Aggregates comprehensive attack surface visibility across hybrid environments with external attack surface scans to build a dynamic, 360-degree view
Cloud Security
Provides code-to-cloud protection for cloud-native applications with seamless CI/CD pipeline integration and real-time, agentless risk assessment
Threat Intelligence
Delivers high-fidelity, actionable threat intelligence sourced from proprietary threat and vulnerability research with community-driven tools
Vulnerability Management
Offers complete visibility across on-premise and remote endpoints to identify, communicate, and remediate vulnerabilities and misconfigurations
Security Automation
Enables acceleration and streamlining of time-intensive processes through customizable workflows and plugins without requiring coding expertise
Cloud Security Posture Management
Agentless CNAPP with comprehensive asset inventory, graph explorer, and security configuration scanning
Threat Detection Engine
AI-powered real-time protection for cloud workloads, servers, VMs, and containers across multi-cloud environments
Infrastructure as Code Scanning
Automated scanning of infrastructure configurations for security vulnerabilities and misconfigurations
Cloud Object Storage Protection
AI-powered malware detection for cloud storage platforms with millisecond scanning and automated remediation actions
AI Model Security
Security monitoring and protection for AI models and pipelines deployed on cloud AI services with advanced threat detection capabilities
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
No security profile
No security profile
Standard contract
No
No
No
Customer reviews
Consulting
Clear Results and Tailored Guidance with Effortless Configuration
Reviewed on Dec 12, 2025
Review provided by G2
What do you like best about the product?
The results are clear, accurate, and prioritized. The remediation guidance is clear, concise, and can be tailored to the specific resource. And the configuration/setup as well as integration points, was simple and broad without being overly permissive. The company vision is ambitious and they deliver. The support team is extremely available and has not seen the usual turnover.
What do you dislike about the product?
The interface is not always intuitive, and updates are pushed very frequently often breaking documentation links and changing processes with little to no notice.
What problems is the product solving and how is that benefiting you?
Wiz is giving us a clear picture of what we have in our environments and how secure our applications are. When we need to assure compliance, either for clients or for certification, its findings are reliable and present without additional effort. And when cloud/app events and incidents inevitably happen, we can swarm and resolve the underlying risks much quicker than before.
Rishabh G.
Outstanding Cloud Visibility Platform
Reviewed on Dec 11, 2025
Review provided by G2
What do you like best about the product?
It is a really great SAAS paltform giving complete visibility of your cloud environment
What do you dislike about the product?
can be a bit complex to understand in the beginning
What problems is the product solving and how is that benefiting you?
It provides us with comprehensive visibility into our cloud environment.
Health, Wellness and Fitness
Effortless Remediation Steps Make It a Standout
Reviewed on Dec 09, 2025
Review provided by G2
What do you like best about the product?
The remediation steps are actually actionable - not just 'fix this' but showing you exactly how. Also, the multi-cloud coverage means I'm not juggling different tools for our various portfolio companies' infrastructure.
What do you dislike about the product?
Takes a bit to learn their UX language, but once you get it, it makes sense. Sometimes the alert noise can be high until you tune it properly.
What problems is the product solving and how is that benefiting you?
We're dealing with patient health data, so any cloud misconfiguration could mean a HIPAA breach. Wiz catches stuff like exposed S3 buckets or overly permissive access before it becomes a problem. The continuous monitoring means I'm not constantly manually checking if PHI is actually protected. Also makes compliance audits way easier - I can actually show what controls we have in place instead of just saying 'trust me, it's secure.
MohammedYasin
Cloud security has improved and detects vulnerabilities across multi-account environments
Reviewed on Dec 09, 2025
Review from a verified AWS customer
What is our primary use case?
Wiz serves as our enterprise tool for securing our cloud platform. We use AWS as our cloud platform and have Wiz integrated across multiple accounts for IT, engineering, and other departments. Within IT itself, we have different environments including development, production, and stage accounts. In every account, we have Wiz integrated and use policies based on the environment. For example, the dev environment has a less secure policy while production has a high-security policy. Technically, we use Wiz for securing our cloud platform.
What is most valuable?
The best feature of Wiz is the ability to detect any security violations across multi-cloud platforms and the ability to integrate for creating security incidents and vulnerability incidents. It works very well for scanning the environment, detecting vulnerabilities, and reporting them based on our requirements. It can generate reports via email or create ServiceNow incidents. It has helped me identify threats more easily. When it comes to the Kubernetes cluster, we do not have any other option for detecting vulnerabilities. This is the only way we observe our Kubernetes clusters to determine whether they are secured or not. Regarding speed, I cannot compare it with other solutions, but so far, we are happy with the way it works.
Wiz has improved our business in many ways. While I do not know in numbers how it has helped the business gain more profit, as a technical expert and part of our IT architect team, I would say Wiz has helped tremendously to secure our cloud platform. There were many security vulnerabilities existing before we implemented this solution that were not at all in our attention because there was nothing to scan and report what was wrong. After implementing Wiz, it has helped significantly. There was a program for implementing high-security measures in our environment, and Wiz has contributed substantially to that program.
What needs improvement?
I feel there is a delay in detection, though I am uncertain whether this is due to our implementation disadvantage. Wiz can detect all the issues, threats, and security vulnerabilities, but the delay may be due to the time taken for running a scan because we have a 24-hour scan cycle. When I checked with the team, there was no on-demand scanning possibility. We still see improvement scopes in this area. It does the work, but we are not seeing the changes very fast. Once you get a threat and fix it, to see that fix reflected in Wiz, you have to wait 24 hours. That is something I am not happy with.
One improvement that I am looking for in Wiz is the capability for on-demand scanning. That should be available. Second, we should be able to see the fixes faster. Once a threat is detected and we apply the fix, we want to see that result updated in the dashboard or portal as soon as possible. If Wiz can detect it faster and update it in the portal, that would be beneficial.
For how long have I used the solution?
I have been using Wiz for more than two years, approximately two years and four months.
What do I think about the stability of the solution?
Regarding stability, it is stable. I would rate it nine out of ten.
What do I think about the scalability of the solution?
Regarding scalability, I would also rate it nine out of ten.
How are customer service and support?
I would rate the technical support of Wiz eight out of ten on a scale from one to ten, with ten being the best.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
When comparing Wiz with other software, I did not use any other software similar to Wiz for the same purpose. A similar tool was Qualys, but we used Qualys for a different use case. We used it for vulnerability scanning of our servers, not end-user devices. For securing or detecting threats from cloud accounts, I do not have any other tool that I am aware of. Qualys is another vulnerability management tool, but the use cases are different, so I do not have the expertise to compare.
How was the initial setup?
Deployment took approximately three months.
What about the implementation team?
From one to ten, with one being cheap and ten being expensive, I would rate the implementation cost a seven.
What was our ROI?
Wiz does require some maintenance.
What's my experience with pricing, setup cost, and licensing?
Wiz does require some maintenance.
Which other solutions did I evaluate?
My thoughts on the pricing of Wiz are that it is not cheap, but it is cost-efficient. From one to ten, with one being cheap and ten being expensive, I would rate it a seven.
What other advice do I have?
I would recommend Wiz to anyone. If anyone wants to secure their infrastructure, cloud environment, or Kubernetes cluster, I would strongly recommend Wiz as a tool because it is easy to use and user-friendly. It has tight integration with many tools out-of-the-box for sending alerts, creating emails, and creating incidents.
My advice to others looking to implement Wiz is that when you implement Wiz, if your hybrid environment is not managed properly, it will be difficult to implement. It is better to make some cleanup and ensure that the environment you are going to implement meets Wiz standards. If you do not take care of that and simply implement Wiz, you will encounter many issues being reported by the system. It is better to follow the prerequisite standards of your cloud account and then implement the solution. Otherwise, you will see many issues being reported.
Regarding whether Wiz has helped reduce alert fatigue, I do not have a definitive answer because we do not see that much decrease in the alerts. Initially, when we implemented Wiz, since we were not using any tool like that before, there were too many alerts. Because it was the first implementation, it started sending too many alerts. Later on, the alerts decreased, but this decrease was not because of Wiz itself. Rather, it was because we implemented security fixes wherever Wiz reported threats or vulnerabilities. That is how the number of alerts got reduced. I feel we can also customize the Wiz policy to reduce the number of alerts, but I am not at that level here, so I do not have that expertise.
My overall rating for this solution is eight out of ten.
Yohan B.
Outstanding Experience
Reviewed on Dec 09, 2025
Review provided by G2
What do you like best about the product?
As a tech lead security engineer, what I appreciate most about Wiz is its ability to prioritize what truly matters. The toxic-combination engine is exceptionally effective at surfacing real, exploitable risks rather than overwhelming the team with noise. This also empowers our engineering teams to use Wiz autonomously daily, i.e. they can quickly understand what needs to be fixed first, without relying on security for constant supervision. That independence has been a major productivity boost and reduces friction, while the security team still maintains oversight for high-risk scenarios the tool might not fully capture.
On top of that, the CNAPP platform is comprehensive, and require only a few amount of time to set up and integrate everything in our ecosystem. We leverage Wiz across our cloud infrastructure, workloads, and runtime using the Wiz Sensor, which performs reliably with minimal overhead. The security graph makes exploration intuitive and gives us the context we need to understand issues end-to-end.
The customer success team is also one of the best I’ve worked with, which is highly appreciated.
On top of that, the CNAPP platform is comprehensive, and require only a few amount of time to set up and integrate everything in our ecosystem. We leverage Wiz across our cloud infrastructure, workloads, and runtime using the Wiz Sensor, which performs reliably with minimal overhead. The security graph makes exploration intuitive and gives us the context we need to understand issues end-to-end.
The customer success team is also one of the best I’ve worked with, which is highly appreciated.
What do you dislike about the product?
Overall, the platform work very well, and there are no big drawbacks. However, there is one challenge around KPIs, metrics, and vulnerability tracking in autoscaling environments. Because resources scale in and out frequently, we often lose track of what was actually fixed by engineering versus what simply disappeared due to autoscaling events. Vulnerabilities may appear “closed” when the underlying resource is terminated, only to reappear when a new instance is spun up. But overall, you still can follow the big picture of your vulnerabilities.
What problems is the product solving and how is that benefiting you?
Wiz brings us clarity to the complexity of managing cloud security at scale. It consolidates visibility across cloud resources, workloads, and runtime into a single, coherent platform. The prioritization model ensures that both security and engineering teams stay focused on the risks that matter most, rather than sifting through thousands of low-impact findings.
It also enables engineering teams to take meaningful action independently, which greatly accelerates remediation and reduces operational overhead for the security team. At the same time, it doesn’t replace the need for dedicated security expertise, we still rely on our team to investigate nuanced, high-risk cases and validate critical exposures. But Wiz provides a rich layer of insight with almost no additional effort required from engineers, making the entire organization more efficient and more secure.
It also enables engineering teams to take meaningful action independently, which greatly accelerates remediation and reduces operational overhead for the security team. At the same time, it doesn’t replace the need for dedicated security expertise, we still rely on our team to investigate nuanced, high-risk cases and validate critical exposures. But Wiz provides a rich layer of insight with almost no additional effort required from engineers, making the entire organization more efficient and more secure.