WIZ Cloud Infrastructure Security Platform

What do you like best about the product?

No Product in cloud security can match Wiz capabilities. Wiz Dashboard, Wiz Findings, Wiz DSPM. Wiz data classification. Everything is awesome

What do you dislike about the product?

Pricing and Customer Support. Nothing in India

What problems is the product solving and how is that benefiting you?

A central bird’s-eye view of the entire clustered infrastructure. The contextual analysis helps with prioritization decisions, and it lets me map an issue across related components, from code to cloud.

What do you like best about the product?

I really like the user interface of Wiz; it's really good and clean, making it easy for anyone to understand and navigate, even if they haven't used it before. The AI tool is also really good and helps us a lot. Setting up Wiz was really easy for us, and the Wiz team really supported us.

What do you dislike about the product?

fetching data from wiz is slow client library need to improve

What problems is the product solving and how is that benefiting you?

Wiz helps solve cloud security risks and compliance issues. Its user interface is clean, intuitive, and easy to navigate, even for new users, and the AI tool is notably effective in aiding us.

What do you like best about the product?

1.integration and implementation is easy and straightforward.
2.Insights, investigation, and remediation are straightforward to understand and easy to execute.

What do you dislike about the product?

Sometimes there’s just too much information displayed on the screen, which can feel a bit overwhelming.

What problems is the product solving and how is that benefiting you?

1. Vulnerability detection.
2. PCI and SOC2 compliance.
3. CI/CD pipeline issues.
4. Container-related issues.
5. EOL issues.

What do you like best about the product?

I find Wiz extremely valuable as it provides an all-round view of our cloud components across different platforms. The Security Graph is very helpful, especially when I need to look up a cloud account or a resource, as it makes the process super easy. Connecting Wiz to other tools via API is quite helpful to extract data. Wiz offers better coverage compared to our previous tool, and its APIs are easy to use. Although the initial setup wasn't easy due to multiple connectors, the Wiz team was really helpful throughout the process.

What do you dislike about the product?

The API has limitations, like I cannot pull more than 10,000 events which in some cases becomes tedious. If I have an aggressive Graph QL Query, the event count becomes too high, so pulling out that data using APIs does not help when the count is above 10,000 events. So I have to break down my queries to not reach the count. It was not easy because there are multiple connectors but the Wiz team is really helpful.

What problems is the product solving and how is that benefiting you?

Wiz provides an all-round view of our Cloud components across platforms, making it easy to look up accounts and resources. The Security Graph is super helpful, and connecting via API is beneficial for data extraction.

I mostly work with a lot of AI use cases and some data governance use cases where we are focusing on the data because data can reside anywhere in the cloud. It is not limited to some storage. We do have a variety of services where data can reside and it is very crucial to identify those sensitive data and label them. When data is exfiltrated from one resource to another resource, we have to make sure that the DLP policies are fulfilled or enforced.

I have found that Wiz covers all the stages of the software development life cycle. It covers application or code security, DevOps security, and runtime security. It is a full-fledged CNAPP solution. All the areas within the development and the deployment side are covered.

The impact of consolidation on my ability to prioritize critical risks in the cloud environment is all about the correlation and how the technology works at the back end. It picks the data from different sources and correlates and identifies the high-priority risk. It provides visibility, meaning the risk score about the resource where we need to focus on.

Wiz does reduce alert fatigue for our customers, but alert fatigue is the main concern for every organization. If you don't have the proper workflow for each incident, it also depends upon the implementation and the workflow that you have decided. Sometimes it is a very big concern and a big headache for the customer because it finds a lot of findings that could be false positives. We have to fine-tune those alerts as per the infrastructure design. Sometimes some findings could be false positives, so we have to assess all these findings and we have to make sure that all policies are relevant for the environment.

The second point is basically the remediation steps. Sometimes it creates a burden or headache for the customer because the remediation of those kinds of findings are difficult. It may need a dedicated team who can get involved and fix them. Ownership and accountability is the main concern. We have to collaborate with different teams and make them understand the impact of that finding. The workflow also depends upon whether automation should be there. Automation is not for all findings, but for where we can do some kind of alerts where we can do the automation. For example, with IAM, those guys having the extra privilege, we can decide the workflow and we can remediate. But somewhere the service is running, we cannot immediately remediate those findings because it involves a lot of impact. First, we have to analyze each alert and what kind of impact it could be, then based on that, we have to plan whether it will be manual or through automation.

Wiz is currently allowing us to consolidate everything, the findings, the visibility of your environment, and everything is there.

Wiz Code is also covering your secrets and your vulnerabilities inside the IAC. It also provides us the SCA, Software Composition Analysis, and also provides an SBOM report that helps developers to look at the security standpoint while creating or writing any code. There are a lot of other things it is providing, but these are the major things.

Regarding Wiz Defend, the runtime protection, we do have the agent or sensor on the endpoint where it can defend in real time. There are two approaches. Detection is the one capability and protection is the second capability. At some stage, it only provides us the visibility, and at some stage, it also defends the attack.

I find AI security posture management very important in cloud security strategy. Nowadays, every organization is using different kinds of models or enhancing their applications. While they are using the models or they are calling through APIs, maybe sometimes they are using models inside their environment, sometimes they are just buying the APIs for any third-party model. While we are buying any APIs for their application or to integrate the LLM model into their application, it is crucial that we should have the visibility. Whoever kind of prompts the end user is triggering and what kind of data in or out is happening. Such kind of sensitive information may be traversing inside our network. The visibility of these things should be there so that preventive control can be implemented.

I believe Wiz could be improved or enhanced by acknowledging that nowadays a lot of technology is coming. Every solution is now doing the integration at the backend. They are trying to cover more areas in terms of cybersecurity. Definitely, every solution is growing as per the market demand. We can see a couple of more things coming soon, and every technology or technology owner is working behind the scenes. The purpose is basically the baseline foundation. If you talk about the CIA triad, that should be covered properly and everyone is doing the same thing.

I would like Wiz to push backend integration more, but not that much because license and procurement happen through a different team.

I have been working with Wiz for the last three months, during which I deployed this Wiz solution for one of the clients.

The stability and reliability of Wiz are good. I don't feel any issues. It is good because whenever they are planning any activity, they generally inform us prior to implementation.

Regarding the scalability of Wiz, it is good. I don't see or feel any kind of issue on the scalability or the performance. Every solution is running behind most probably on the Kubernetes services, they are using multiple containers and the pods behind those services. In terms of scalability, I don't feel any issues. It totally depends upon the license, how much license you procured. Based on that you can onboard or you can consume those licenses. Even if you go beyond that, you don't see any kind of challenges. It is pretty much good, not limited to Wiz but for all solutions I'm talking about. They are providing 99.99 kind of SLA. I don't see and feel such kind of issues in the past.

I communicate with the technical support at some times when we feel that the technology is not working as expected. The outcome that we suppose is not getting as expected, so we generally raise a ticket with the provider. They assist as they regularly do.

I have found that Wiz covers all the stages of the software development life cycle. It covers your application or code security, also covers DevOps security, and also finally covers the runtime security. It is a full-fledged CNAPP solution. All the areas within the development and the deployment side are covered.

My impression of Wiz Runtime Sensor is quite good. Runtime, as I already mentioned, in the runtime sensor, we are basically deploying the sensor on the endpoint. It could be your EC2 instance, the virtual machine, container, and the Lambda function as well. It detects and blocks in real time and blocks the attack in real time. It is really convenient. Sometimes zero-day vulnerability is not possible in agentless scanning. When I say agentless scanning, we don't have a sensor on the device. But while we are putting the sensor, we have these kinds of visibility and it protects or helps us with zero-day attacks as well. That is really helpful for the organization.

On the ability side of Wiz regarding its ability to achieve zero criticals in its issue queues, there is no doubt. But it also depends upon the use case as well. We have a limited use case for the recent deployment, it is all about the deployment. But as a part of product maturity, we can leverage or we can explore more things.

While deploying any controls, there are a lot of prerequisites and readiness for that. We have to collaborate with different teams. It could be the network team, generally the network team, the cloud team, and the infrastructure team, where we have to explain the use case of that particular control, why we are putting it, and what is the requirement. Once we have a good understanding about the infrastructure and about the technologies, we generally deploy the solution phase-wise. In phase one, we just target one or two test environments where we can provide some ROI against those accounts and resources. Down the line, we are covering in phases, more accounts and resources. That is how the approach we are currently following, and generally every organization is doing the same thing.

Most of the customers prefer a hybrid environment, not limited to the on-prem or cloud. Everyone is using a hybrid environment nowadays. It could be Azure, AWS, and sometimes on-prem. But the capability that the solution is providing is very limited to the on-prem environment. They more focus on the cloud environment first and are limited to the endpoint protection if I talk about the runtime monitoring. The rest of the things cover the cloud environment only, the identity and the access part.

To get the full potential of Wiz, it is good and good for the cloud environment and the hybrid cloud environment. Some part of it is covering the on-prem as well.

I would rate this product a 9 out of 10 based on its comprehensive coverage and capabilities.

Hybrid Cloud

Amazon Web Services (AWS)