What do you like best about the product?

Wiz is a step ahead of competitors. The overview is comprehensive.

What do you dislike about the product?

The UI can get a bit difficult to navigate

What problems is the product solving and how is that benefiting you?

Staying on top of security loopholes. Being up to date with CVEs being involved in the infrastructure

What do you like best about the product?

Features are well written (code), good support, growth speed is amazing, low rate of false positives.

What do you dislike about the product?

Complexity, sometimes its hard to understand.
Also maturity level.

What problems is the product solving and how is that benefiting you?

Helps watching the cloud resources and manage the risks in it.

What do you like best about the product?

I really enjoy using Wiz because it allows me to quickly see where we are at risk in our Cloud environment. The dashboard feature that shows a count of how many issues were created/resolved day to day is really helpful. I think the UI is very intuitive and vast. It feels like if I ever need to do something in Wiz it's just a matter of reading documentation or asking for help in a ticket and finding it. I think the best thing about Wiz for me is the remediations, the fact that you can copy paste a peice of code thats already pre-written is so valuable. It saves a lot of time trying to to do research and figure out how to solve an issue. It helps too that the descriptions of the issues are pretty in depth and easy to understand. I consistently have to explain these issues to our devs and being able to read and understand exactly what the issue is, is really valuable to me.

What do you dislike about the product?

The down sides of using Wiz would be for 1 the SOAR capabilities are all external. With Rapid7's Insight CloudSec we were able to make automations that would take actions in our environment. It seems with Wiz if we want to do anything outside of Slack notifications we'll have to use a paid platform like Blinkops, Torq, or Tines. It'd be nice to see more native automation in Wiz, a Role that can stop instances, update Cloudformation configurations, enable logging on S3 buckets when they're created, etc.

What problems is the product solving and how is that benefiting you?

The problem that Wiz is solving for my company is in Cloud Compliance. We are currently in the process of preparing for an ISO 27001 audit, and being able to see what resources we have in our environment that are non-compliant is really helpful. I think it's also great at surfacing issues that wouldn't be inherently seen, I am mainly talking about the Toxic combinations that get correlated in the platform.

What do you like best about the product?

Wiz is incredibly intuitive and provides very detailed context.It is 100% agentless and works like a charm. With little cloud skill you can deploy the product in minutes and have 100% visibility of your (multi) cloud environment in less than 24hr.

What do you dislike about the product?

There is no such dislike, however there is scope of omprovement. It's prone to some false possitive.

What problems is the product solving and how is that benefiting you?

Wiz helping us quickly detect vulnerabilities without configuring external scans or deploying agents across clouds and workloads, also we got the sugesstions on how we can remove these vulnerbilities. It's been benifiting us to reduce the turn around time for critical and hight vulnerbilities.

What do you like best about the product?

Wiz provides teams of all size visibility and helps identify gaps in their cloud infrastructure. They excel at many things and are always working with their customers to find countless other areas to bring value in. Wiz really is as flexible of a tool as there is and only limited by the knowledge and ability of your team to leverage the functionality.

Besides it's obvious functionality as a CSPM, Wiz enables teams customizability that fit in with their Security mission - whatever that may be. It's a very low maintenaince tool that gives teams the time back to focus on the priorities that matter. It's an easy sell to any organization - it meets all the requirements you could have any with almost no compute overhead and reliability - the tool scales with your org at an instant.

Wiz also provides some of the best customer service in the industry and is extremely competitive in terms of pricing.

What do you dislike about the product?

Wiz often times will release new features that are intended on being "tested" - this can mean that if you don't understand what the value or use case is, they can feel not "production" ready. Some orgs can be turned off by this, but for an org with proper technical resources you'll be able to provide feedback to Wiz to help shape the feature(s) to what you really need.

What problems is the product solving and how is that benefiting you?

Wiz solves a multiple of problems - primarily as our Cloud vulnerability scanning solution, but also provides visibility into our overall posture and tracks our compliance adherance making audits that make faster.

What do you like best about the product?

It's pretty user friendly, everything is clickable and easy to understand

What do you dislike about the product?

Maybe to have more flexibilities, like, to make every filtering I want to create a ticket

What problems is the product solving and how is that benefiting you?

It gives a pretty wide view on all cloud security resources

What do you like best about the product?

Key benefits and features of Wiz that make it a valuable tool for cloud security posture management:
1. Agentless architecture: Wiz does not require any agents or additional software to be installed on cloud instances, which makes it lightweight and easy to deploy. This reduces the attack surface and minimizes the risk of unwanted alterations to the environment.
2. Continuous monitoring: Wiz continuously monitors cloud environments for security vulnerabilities, providing real-time alerts and recommendations for improvement. This helps organizations stay ahead of potential threats and maintain a robust security posture.
3. Compliance checking: Wiz supports various compliance frameworks, such as PCI DSS, HIPAA/HITECH, and GDPR, and provides detailed reports on compliance status. This helps organizations ensure they are meeting regulatory requirements and avoiding costly penalties.
4. Integration with other tools: Wiz integrates with popular cloud providers like AWS, Azure, and Google Cloud, as well as with other security tools and systems, such as SIEMs and incident response platforms. This allows organizations to leverage existing investments in security infrastructure and enhance their overall security posture.
5. Ease of use: Wiz offers an intuitive interface that makes it easy for users to understand and address security vulnerabilities. This reduces the need for extensive training or technical expertise, making it accessible to a wider range of users.
6. Cost-effective: Wiz provides a cost-effective solution compared to traditional security tools that require agents or additional software installations. This can help organizations save time and resources while improving their overall security posture.
7. Scalability: Wiz is designed to handle large-scale cloud environments, making it an ideal choice for organizations with complex and dynamic cloud infrastructures.
8. Advanced analytics: Wiz provides advanced analytics capabilities that enable organizations to identify emerging threats and improve their security posture over time. This includes anomaly detection, predictive analytics, and customizable reports.
9. Enhanced visibility: Wiz provides detailed visibility into cloud environments, allowing organizations to identify potential security risks and take proactive measures to address them. This includes monitoring of cloud resources, network traffic, and user behavior.

What do you dislike about the product?

While Wiz is a powerful tool for automating security and compliance processes in the cloud, there are some potential downsides or areas where it may not be as helpful as expected. Here are some of the least helpful aspects of Wiz:
1. Dependence on cloud providers: Wiz is built around the major cloud providers like AWS, Azure, and GCP. While this makes it easy to integrate with these platforms, organizations using other cloud providers or on-premises environments may find Wiz less useful.
2. Limited integration with other tools: While Wiz integrates with some other security and compliance tools, its integration capabilities are limited compared to other automation tools. This can make it difficult for organizations to integrate Wiz with their existing toolset.
3. Steep learning curve: While Wiz provides a user-friendly interface, the sheer amount of features and capabilities can make it challenging for new users to learn and master the tool. This can be especially true for organizations without dedicated security or compliance teams.
4. Cost: Its paid tiers can be expensive, especially for larger organizations. This can be a barrier for some organizations looking to implement Wiz's features.
5. Limited visibility into cloud resources: Wiz relies on the cloud provider's APIs to gather data about cloud resources. However, these APIs may not provide complete visibility into all cloud resources, particularly those that are not natively supported by the cloud provider. This can limit Wiz's ability to detect and monitor certain types of resources.
6. Dependence on accurate data: Wiz relies on accurate and up-to-date data to make informed recommendations and provide effective security and compliance management. However, if the data is incomplete, outdated, or inaccurate, Wiz's recommendations may not be reliable.
7. Limited support for non-cloud environments: While Wiz is primarily designed for cloud environments, its capabilities may be limited when applied to on-premises environments or other types of infrastructure.
8. Potential for false positives: Like any security tool, Wiz may generate false positives, which can lead to unnecessary work and fatigue for security teams. This can also undermine the credibility of the tool in the eyes of security decision-makers.

What problems is the product solving and how is that benefiting you?

1. Protecting sensitive information: With Wiz, you can easily identify and classify sensitive information within your organization, such as intellectual property, customer data, or financial information. This helps ensure that only authorized personnel have access to this information, reducing the risk of data breaches or leaks.
2. Managing access to confidential data: Wiz allows you to control access to sensitive information based on user roles, permissions, and other factors. This ensures that only authorized personnel can access the information they need to do their jobs, while restricting access to unauthorized users.
3. Ensuring compliance with regulations: Many organizations are subject to various cyber security and data privacy regulations, such as GDPR, HIPAA, or PCI DSS. Wiz helps ensure that you are meeting these requirements by providing visibility into your organization's information management practices and helping you identify areas for improvement.
4. Reducing the risk of insider threats: With Wiz, you can monitor and analyze user behavior to detect potential insider threats, such as employees or contractors accessing sensitive information without authorization. This helps reduce the risk of data breaches caused by unauthorized access or malicious activity within your organization.
5. Improving incident response times: In the event of a data breach or other security incident, Wiz can help you quickly identify and contain the issue, reducing the impact on your business operations. This is especially important in regulated industries where swift action is required to minimize legal and reputational risks.
6. Enhancing board-level oversight: By providing real-time visibility into information management practices across the organization, Wiz can help board members and other senior executives better understand and oversee cyber security and data privacy risks. This enables more effective risk management and strategic decision-making.
7. Supporting business continuity planning: In the event of a disaster or major security incident, Wiz can help you quickly identify and isolate affected systems, services, or data, minimizing the impact on your business operations. This supports more effective business continuity planning and crisis management.
8. Facilitating third-party risk management: With Wiz, you can better evaluate and manage risks associated with third-party vendors, service providers, or other external partners. This helps ensure that these partners are meeting your cyber security and data privacy standards, reducing the risk of breaches or other security incidents.
9. Optimizing information management processes: Wiz can help you identify areas for improvement in your information management processes, such as data quality, accuracy, or access controls. By optimizing these processes, you can reduce the risk of security incidents and improve overall business efficiency.
10. Supporting digital transformation initiatives: As organizations undergo digital transformation, Wiz can help ensure that sensitive information is properly protected and managed throughout the entire lifecycle, from creation to deletion or archiving. This supports more effective risk management and helps you achieve your strategic objectives.

What do you like best about the product?

The ease of implementation combined with the depth of details provides an incredible single pane of glass that we can measure our security posture.

What do you dislike about the product?

We have been a customer for less than a year and at this point there have not been any significant dislikes with the platform.

What problems is the product solving and how is that benefiting you?

We have a significant cloud footprint, and we wanted the ability to see the enterprise view in a single place - without the need for agents or significant level of effort.

What do you like best about the product?

1. An agentless tool
2. Quick to deploy through API
3.Offers platform for Threat Center to catchup with latest threats.
4. Supports multi cloud for both CSPM and vulnerability management
5.Cheap solution if both CSPM and CWPP used together.

What do you dislike about the product?

1.Still many CVEs are present with missing solutions.
2. Adding custom rules for CSPM is not easy as compare to Dome9.
3.No way to generate consolidated report of all OS hardening . You have to go OS wise .
4.Many benchmark policies are still not matured .
5. Solution not available for on-Prem environments.

What problems is the product solving and how is that benefiting you?

1. Offering one platform for both CSPM and CWPP.
2. Cheap as compared to other 3rd party solutions.
3.ease of creating cutom queries.
4.Threat Centers offers free of cost solution to keep up with outside threat alerts.

What do you like best about the product?

Wiz is a very easy and simple to set-up CNAPP that allows people to have a centralized, easy to use and intuitive platform for all the Cloud security needs.

It has a wide range of graphs and dashboards, that you can also customize to satisfy your needs.

It also has a lot of security frameworks and complicance systems so that you can check all aspects of your infraestructure.

For a small team like mine, it is very simple and fast to check the highest priority issues and remediate them, as the issues shown in Wiz also provide information and interconnection within all the resources.

What do you dislike about the product?

Despite scans being run automatically often enough, a manual scan trigger would be greatly appreciated, specially when looking for a real-time fixes and threats.

What problems is the product solving and how is that benefiting you?

Finding all the security threats and presenting them in a very clear and concise way, with different priorities, so that I can focus on fixing the most urgent and important ones and have a way to determine their root cause.