I have been using Wiz for approximately three years in my career. Our first use case is Cloud Security Posture Management. We needed that because we are a multi-cloud company. We have most of our infrastructure in AWS, but we also have some in Azure and some in GCP. So we needed a CSPM to cover all three environments.
External reviews
783 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Cloud security has unified multi-cloud visibility and simplifies vulnerability management
What is our primary use case?
What is most valuable?
The feature I appreciate most about Wiz as a CSPM is the vulnerability detection and misconfiguration identification. It helps us to ensure that we know if there are misconfigured cloud workloads and what those are, as well as if there are vulnerabilities. That is one of the key value adds for us.
What we have done is create a tool that is not just a security tool but is actually used by other teams. We have created dashboards for other teams, for product teams who are developing code. They can see their assets, or our cloud team or other teams that own different assets can view their own team's vulnerabilities and misconfigurations through per-team dashboards.
For us, the value add when considering Wiz is that I would rather consolidate under fewer tools to get to a platform. This allows for alerts, administration, and dashboards to all be under one platform, simplifying the environment. It makes operations easier and ultimately enhances our ability to use the platform more effectively.
What needs improvement?
Wiz allows us to consolidate tools, particularly in vulnerability management. We used to use a technology called Tenable to do our vulnerability scans, not just on-prem but in the cloud, and we replaced Tenable with Wiz's capabilities as well as the capabilities of an endpoint protection technology we use called CrowdStrike.
Regarding scalability, we have connected to all our cloud accounts and have never had any capacity or performance issues, so scalability really has not been a topic of conversation for us because we have never had any issues.
I have contacted customer support for Wiz. They are aware of our discussions about it. We have talked about it during our quarterly business reviews.
What do I think about the stability of the solution?
I have never seen any instability with Wiz, such as lagging, crashing, or downtime.
What do I think about the scalability of the solution?
We have connected to all our cloud accounts and have never had any capacity or performance issues, so scalability really has not been a topic of conversation for us because we have never had any issues.
How are customer service and support?
I have contacted customer support for Wiz. They are aware of our discussions about it. We have talked about it during our quarterly business reviews.
I am a few steps removed from the details about the support quality and speed, but my impression through the team and talking with the account team directly is that when we raise issues, they are addressed thoughtfully, professionally, and quickly. I do not think there have been any lingering support issues we have had. We have also surfaced feature requests or changes, and they have implemented those and rolled those out within a few weeks. Wiz does a good job of listening to the feedback of their customers and using that to help shape the platform.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have not used any alternatives to Wiz. Wiz was our choice; although we evaluated different technologies when we were looking for a CSPM, we went with Wiz, so we went from nothing to Wiz.
How was the initial setup?
The initial deployment of Wiz was easy from my point of view. Essentially, once we connected Wiz to our AWS account, all the data starts to flow in and telemetry on our cloud assets, any vulnerabilities, and misconfigurations. So the dashboards light up with red, yellow, and green indicators. After deciding to go with Wiz, our proof of concept ended up becoming our production implementation, and we just expanded Wiz to more accounts, then to Azure and GCP. So it was very easy.
What about the implementation team?
I do not know exactly how long it took to fully deploy to a working condition because it has been so long ago, but I will say that getting the visibility was in a matter of weeks to connect the accounts, probably within a week. Then it was a few months to build some of the dashboards and operationalize what we were seeing.
What other advice do I have?
Feature-wise, I cannot tell you that it is a bit expensive compared to its peers, but I do think the premium is worth it. One of the things that Wiz has done well is that there are no agents for the CSPM, at least from what we are doing. It is very easy to roll out, easy to configure, maintain, and generally it does what it says it does with few issues. We had more overhead and more issues with other competing CSPM platforms.
From the team standpoint, I do not think Wiz requires much maintenance on our end because it is all cloud-based and Wiz does a great job of providing almost weekly updates. The ongoing maintenance itself of Wiz is low. We do have integrations which require some care and feeding. We have an integration with ServiceNow, but Wiz's ServiceNow integration is not the best. I have been told there have been issues getting the data out of Wiz and plugged into ServiceNow effectively, so that has taken a little bit more attention.
We are working on achieving zero criticals in our issue queues with Wiz. It has helped us gain visibility into our critical issues, but we still have a few dozen left to work through. A lot of that actually has to do with some older infrastructure and workloads that applications use. So we have some application migrations in the works, but we have not quite got to the zero critical status.
I would rate this review as a 9 overall.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
A Force Multiplier for Lean Security Teams
What do you like best about the product?
The agentless installation at Suki was incredibly smooth. We were able to get 100% visibility across our cloud environment immediately without the friction of deploying agents. The dashboards are truly world-class; they don't just show data, they tell a story.
The biggest upside is the prioritization. Instead of a flat list of thousands of alerts, Wiz uses its Security Graph to identify 'toxic combinations'—helping us focus on the 1% of issues that actually pose a reachable risk. Lastly, the support team is exceptional. They are highly responsive and act more like partners than a standard help desk.
The biggest upside is the prioritization. Instead of a flat list of thousands of alerts, Wiz uses its Security Graph to identify 'toxic combinations'—helping us focus on the 1% of issues that actually pose a reachable risk. Lastly, the support team is exceptional. They are highly responsive and act more like partners than a standard help desk.
What do you dislike about the product?
While the visibility is unmatched, the sheer volume of data can lead to initial alert fatigue. The platform is so comprehensive that it requires significant tuning to ensure developers aren't overwhelmed by non-critical findings.
There is also a slight workflow gap for developers. While Wiz is great at identifying the problem, the transition from 'finding an issue' to 'fixing it' still requires manual effort. Navigating the Security Graph can be a bit of a learning curve for non-security users who just want to know exactly what code to change.
There is also a slight workflow gap for developers. While Wiz is great at identifying the problem, the transition from 'finding an issue' to 'fixing it' still requires manual effort. Navigating the Security Graph can be a bit of a learning curve for non-security users who just want to know exactly what code to change.
What problems is the product solving and how is that benefiting you?
We have a very lean security team. Before Wiz, we were drowning in noisy, low-context alerts. Wiz has solved this by automating the prioritization of issues.
For Security: It acts as a force multiplier. Our current security engineers can manage a complex cloud footprint that would typically require a much larger team.
For Developers and SRE: We’ve given them their time back. We no longer bother them with irrelevant vulnerabilities; we only surface the "reachable" risks that actually matter. This has improved our developer and SRE velocity and built a culture of trust between security and engineering.
For Security: It acts as a force multiplier. Our current security engineers can manage a complex cloud footprint that would typically require a much larger team.
For Developers and SRE: We’ve given them their time back. We no longer bother them with irrelevant vulnerabilities; we only surface the "reachable" risks that actually matter. This has improved our developer and SRE velocity and built a culture of trust between security and engineering.
Improved our security posture thanks to comprehensive visibility
What is our primary use case?
We are delighted to have Wiz Cloud revealing our cloud security posture across our development, QA and production systems for both Azure and AWS. We share access to the results widely with our technical staff. It's great that Wiz permits unlimited user accounts. Our professional services and support can use Wiz to demonstrate to individual customers the security posture of the systems we are hosting for them.
Mika, the built-in AI, is easy to use. The query creation is intuitive.
How has it helped my organization?
The attack surface findings initially revealed numerous vulnerable systems. Upon investigation we learned that 100% of them were stale DNS entries. We deleted those but this gave us confidence that our security posture is better than the general industry. If we were to have a vulnerable system, we're confident that Wiz will quickly surface the finding.
What is most valuable?
To someone who is looking at buying Wiz but concerned they already have too many products that give them a lot of alerts, the overview dashboard does a great job of raising the issues that matter. It intelligently filters the signal from the noise. Interns on our team were immediately as productive with Wiz as experienced security experts.
Wiz allowed us to cancel two other tools with noticeably superior results.
What needs improvement?
Our Technical Account Manager set up weekly meetings, but we have switched it to monthly. We dove into self-training with Wiz Academy so there wasn't much value for us in the meetings. Anytime we need something, we open a support ticket and they are responsive.
For how long have I used the solution?
We acquired Wiz Cloud in September, 4 months ago.
What do I think about the stability of the solution?
As for stability, we have seen some issues where our results changed radically from one day to the next, but we had not made radical changes, so we opened a case with support. It didn't cause us any downtime.
What do I think about the scalability of the solution?
Scalability is not an issue for us because we have a constant load. It quickly took on our substantially large workload.
How are customer service and support?
I have contacted Wiz technical support frequently.
The support is excellent. We contact via an in-application portal. We can see the support cases we personally open, and also the cases that other people have opened from our company. I appreciate that feature. Generally, support gets back to us within a few days with a good answer. There was one fellow in particular who has been knocking it out of the park. He is a great support person to deal with. We are happy with the support experience.
If I were to put Wiz support on a scale from one to ten, I would give them a ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Wiz distinguished itself immediately in the PoC, surfacing important issues that were entirely missed by both the products we were already using and other CNAPP's that we tested. We dropped both products.
For configuration management we had been using another product that we were happy with that was much cheaper, but it did not do any of the other things Wiz does. We also had what was formerly a leading CNAPP that was priced similar to Wiz, but the support and upgrades declined rapidly. In head to head comparison Wiz stood out as the superior solution.
How was the initial setup?
The initial deployment of Wiz was super easy. It only took a few hours, so we were getting results the next day. There are still a few minor settings that Wiz scripts don't handle so we have to manually apply and then we will be fully deployed.
What about the implementation team?
What was our ROI?
Quickly identified around $40K in unneeded annual expenses that we were able to drop.
What's my experience with pricing, setup cost, and licensing?
Wiz is expensive, but it offers good value for the money.
What other advice do I have?
I feel confident that we are learning of the issues that matter. I rate Wiz nine out of ten.
Exceptional Cloud Visibility and Effortless Integration
What do you like best about the product?
Wiz provides exceptional visibility across cloud environments, making it easy to identify misconfigurations, vulnerabilities, and compliance gaps in real time. The platform’s agentless architecture is a huge advantage it deploys quickly without impacting performance. The dashboard is intuitive, and the contextual risk prioritisation helps security teams focus on what truly matters. Integration with existing workflows is seamless, which saves time and reduces complexity.
What do you dislike about the product?
While Wiz is powerful, the pricing can be a barrier for smaller organisations. Some advanced features require additional configuration, which can be time-consuming for teams without dedicated cloud security expertise. The alert volume can feel overwhelming at first, and tuning policies to reduce noise takes effort. Reporting capabilities, although good, could benefit from more customisation options for executive-level summaries.
What problems is the product solving and how is that benefiting you?
Faster incident triage , earlier identity‑risk detection, lightweight audit readiness via scheduled reports, and better threat‑led prioritisation all of which reduce operational overhead while strengthening our cloud security posture.
Cloud security Swiss army knife
What do you like best about the product?
In-depth cloud asset configuration visibility, code-to-cloud capabilities, vulnerability management, ITSM tool integration, trends and reporting dashboards.
What do you dislike about the product?
Menus are sometimes cluttered, findings can get overwhelming and you would need good prioritization procedures, naming conventions are a bit difficult to explain to security auditors looking for overall vulnerabilities in a system (between findings and issues)
What problems is the product solving and how is that benefiting you?
Cloud vulnerability management
Comprehensive, Actionable Security Insights Made Simple
What do you like best about the product?
Wiz offers comprehensive, agentless visibility and excels at turning complex data into clear, actionable, and prioritized security insights.
What do you dislike about the product?
I appreciate everything about Wiz and the range of capabilities it offers.
What problems is the product solving and how is that benefiting you?
The issues that Wiz addresses—such as removing security blind spots, automating the correlation of threats, and delivering actionable insights—help make the entire technology ecosystem more secure. When the cloud environment is safer, it results in higher-quality and more secure information being accessible to users everywhere. This, in turn, directly supports my ability to offer reliable and accurate answers.
Wiz: A Comprehensive Cloud Security Visibility Platform
What do you like best about the product?
A clear map of all interconnected resources, illustrating how an attack could propagate. This capability is missing in AWS Security Hub and is a key strength of Wiz
What do you dislike about the product?
One drawback is that the platform has a learning curve. It takes some time to fully understand the interface and make the most of all the features
What problems is the product solving and how is that benefiting you?
Wiz centralizes our AWS configuration data, enabling rapid identification of misconfigurations such as overly permissive security groups and outdated Lambda runtimes. Its dashboards save significant time by providing a clear view of priorities and risk levels.
Clear Results and Tailored Guidance with Effortless Configuration
What do you like best about the product?
The results are clear, accurate, and prioritized. The remediation guidance is clear, concise, and can be tailored to the specific resource. And the configuration/setup as well as integration points, was simple and broad without being overly permissive. The company vision is ambitious and they deliver. The support team is extremely available and has not seen the usual turnover.
What do you dislike about the product?
The interface is not always intuitive, and updates are pushed very frequently often breaking documentation links and changing processes with little to no notice.
What problems is the product solving and how is that benefiting you?
Wiz is giving us a clear picture of what we have in our environments and how secure our applications are. When we need to assure compliance, either for clients or for certification, its findings are reliable and present without additional effort. And when cloud/app events and incidents inevitably happen, we can swarm and resolve the underlying risks much quicker than before.
Outstanding Cloud Visibility Platform
What do you like best about the product?
It is a really great SAAS paltform giving complete visibility of your cloud environment
What do you dislike about the product?
can be a bit complex to understand in the beginning
What problems is the product solving and how is that benefiting you?
It provides us with comprehensive visibility into our cloud environment.
Democratizing Security Through Attack Path Visualization
What do you like best about the product?
The attack path visualization feature allows engineers to grasp and prioritize genuine risks, rather than relying solely on abstract CVSS scores. The platform provides clear explanations of risks, which helps secure engineer buy-in and encourages independent remediation. This has led to real security democratization, easing the burden on security leadership and reducing bottlenecks.
What do you dislike about the product?
The input validation for connector credentials is weak, which creates unnecessary friction when first integrating with the cloud. Additionally, the user experience is clearly designed with enterprises in mind, resulting in a steep learning curve that can be challenging for smaller teams.
What problems is the product solving and how is that benefiting you?
Benefits of Implementing Wiz
Background
In our company, I was the sole person with specialized security expertise. As the business expanded and our product offerings grew, the attack surface increased, and security audits began to take up a significant portion of my time. This made it difficult for me to concentrate on my primary responsibilities as CTO.
Previous Challenges
To tackle this, I aimed to make security a shared responsibility throughout the organization. However, with tools from other vendors, although we could track security issues as inventory items, we were unable to give our engineers the autonomy to proactively resolve these issues themselves.
Results from Wiz Implementation
Wiz stands out by offering thorough attack path visualization with Wiz Security Graph, clear explanations of the risks associated with each issue, and practical remediation guidance.
Thanks to these features, our engineering teams are now able to independently resolve most security issues. Consequently, we have improved our overall security posture and greatly reduced the amount of time I personally need to dedicate to security operations.
Background
In our company, I was the sole person with specialized security expertise. As the business expanded and our product offerings grew, the attack surface increased, and security audits began to take up a significant portion of my time. This made it difficult for me to concentrate on my primary responsibilities as CTO.
Previous Challenges
To tackle this, I aimed to make security a shared responsibility throughout the organization. However, with tools from other vendors, although we could track security issues as inventory items, we were unable to give our engineers the autonomy to proactively resolve these issues themselves.
Results from Wiz Implementation
Wiz stands out by offering thorough attack path visualization with Wiz Security Graph, clear explanations of the risks associated with each issue, and practical remediation guidance.
Thanks to these features, our engineering teams are now able to independently resolve most security issues. Consequently, we have improved our overall security posture and greatly reduced the amount of time I personally need to dedicate to security operations.
showing 21 - 30