Our primary use case is related to using Wiz as a cloud-native application protection platform. We are currently in the midst of onboarding resources and streamlining the integration of Wiz.
External reviews
715 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Wiz CNAPP
What do you like best about the product?
Wiz has allowed us to quickly gain understanding of new environments and helped uplift changes to secure our environments rapidly.
What do you dislike about the product?
Data should be offloaded to a SIEM, as the rentention period is very short.
What problems is the product solving and how is that benefiting you?
Effective threat detection in IAAS platforms.
One of the best tools i'v eused
What do you like best about the product?
Wiz provides clear visibility into cloud risks without unnecessary noise. It simplifies vulnerability prioritization, making it easy for my team to focus on critical issues first. The UI is intuitive, and its proactive approach aligns with my focus on staying ahead of threats
What I appreciate most about Wiz is its ability to contextualize vulnerabilities across cloud assets. The risk-based prioritization saves us hours of triage, and the single-pane view ensures my team can respond efficiently without hopping between tools
The development pipeline at Wiz is something I really appreciate. New features are delivered rapidly and often just appear on the platform, rather than being pushed back to 'next quarter' repeatedly. This agility makes a noticeable difference in keeping up with evolving security needs.
What I appreciate most about Wiz is its ability to contextualize vulnerabilities across cloud assets. The risk-based prioritization saves us hours of triage, and the single-pane view ensures my team can respond efficiently without hopping between tools
The development pipeline at Wiz is something I really appreciate. New features are delivered rapidly and often just appear on the platform, rather than being pushed back to 'next quarter' repeatedly. This agility makes a noticeable difference in keeping up with evolving security needs.
What do you dislike about the product?
There’s nothing I actively dislike about the Wiz platform. However, I do wish Wiz would expand into the SSPM space, as I believe it would complement their existing offerings well. That said, it’s not a major drawback that this feature isn’t available yet
What problems is the product solving and how is that benefiting you?
Wiz is helping us tackle sprawling cloud infrastructure by providing clear visibility into misconfigurations, externally exposed assets, and vulnerabilities across our environments. It allows us to quickly identify and remediate risks that could otherwise be missed, ensuring our cloud posture remains secure and compliant. This level of insight and prioritization significantly reduces the time and effort needed to manage cloud security at scale
Streamlined cloud security integration with a powerful cloud-native application protection platform
What is our primary use case?
How has it helped my organization?
It has been user-friendly, and most of the integrations and configurations are straightforward.
What is most valuable?
Wiz is a very powerful product technologically. Our requirement is related to the CNAPP solution, which is a cloud-native application protection platform. It is user-friendly, and most of the integrations and configurations are straightforward.
What needs improvement?
I have not measured certain abilities on a scale yet. The ultimate value depends on the requirements of your organization.
For how long have I used the solution?
We are still in the midst of implementing Wiz. As such, we are still analyzing its behavior.
What do I think about the stability of the solution?
We are still analyzing its behavior as we are in the midst of the implementation.
How are customer service and support?
We still get support for at least a month by default after implementing any tool. As of now, everything is good.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
In the past, I worked with Check Point, specifically their firewall product and RaaS VeeTrail subproducts. I no longer use Check Point products as I switched my domain from network security to application security and cloud security.
How was the initial setup?
Since we are still in the midst of implementing the new solutions within our environment, it is a work in progress.
What about the implementation team?
We are currently onboarding resources and working to streamline the implementation of Wiz.
What's my experience with pricing, setup cost, and licensing?
This feedback is not based on much experience yet, as we have only conducted POV or POC.
Which other solutions did I evaluate?
We compared Wiz with other products, such as Orca and other industry standard solutions.
What other advice do I have?
I do not want my name or my organization's name to be reflected in any of the feedback provided.
I'd rate the solution eight out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Wiz - Incredibly Useful for a Comprehensive View of your cloud environment
What do you like best about the product?
*User Interface: Wiz is a complex tool with many features, the user interface is exceptionally well put together considering the amount of data and features it must glue together
*Breadth and Accuracy: Wiz is able to tie together disparate cloud presences in a complete way, allowing for easy querying across multiple environments
*Rapid Development: Wiz evolves quickly and new features appear rapidly
*Help Center: AI and up-to-date documentation are incredibly userful
*Integrations and Automations: The ability to tie event triggered automations to a myriad of systems out-of-the-box is extremely helpful.
*Flexibility: The ability to both see the logic and create/modify/suppress any check in the system is incredibly powerful.
*Breadth and Accuracy: Wiz is able to tie together disparate cloud presences in a complete way, allowing for easy querying across multiple environments
*Rapid Development: Wiz evolves quickly and new features appear rapidly
*Help Center: AI and up-to-date documentation are incredibly userful
*Integrations and Automations: The ability to tie event triggered automations to a myriad of systems out-of-the-box is extremely helpful.
*Flexibility: The ability to both see the logic and create/modify/suppress any check in the system is incredibly powerful.
What do you dislike about the product?
*Cost: Wiz is expensive
*Licensing: Wiz moves rapidly, and sometimes features are shifted between licenses, meaning a feature in preview could be moved to a different license once GA'd, which has occasionally caused confusion and caught us off guard
*Licensing: Wiz moves rapidly, and sometimes features are shifted between licenses, meaning a feature in preview could be moved to a different license once GA'd, which has occasionally caused confusion and caught us off guard
What problems is the product solving and how is that benefiting you?
Finding cloud configuration issues, vulnerabilities, and allowing us to shift left into the developer's IDE and the CI/CD build system.
A cloud security tool for everyone, from developers to CISOs
What do you like best about the product?
Above all, the simple integration into the cloud platforms is very convenient. Wiz is cloud agnostic and is therefore a very good fit for us.
Wiz also has a very good overview and allows you to drill down across different levels. This makes it very pleasant to use and is very informative. The evaluation from a finding to an issue supports prioritization enormously and helps us as an organization to focus on the essential issues. Wiz is also very fast at displaying emerging threats in the platform and showing the risks to our resources. A big plus from the SOC / CISO perspective.
The ability to organize cloud resources in projects, which in turn can be controlled granularly via RBAC and provided with dedicated integrations, makes Wiz a tool that we have been able to introduce very well throughout the entire IT organization.
The support from Wiz is good and fast. We receive quick feedback and good support on our tickets.
The further development of the platform should be emphasized. The features that Wiz had when we introduced it were already great and in the 2 years Wiz has developed enormously. So fast that we can't keep up with introducing these features in the organization.
I am delighted to have found a security tool in Wiz that is not only useful for the security departments, but also helps the IT teams and is used and appreciated by them. Wiz has brought the maturity of our cloud forward.
Wiz also has a very good overview and allows you to drill down across different levels. This makes it very pleasant to use and is very informative. The evaluation from a finding to an issue supports prioritization enormously and helps us as an organization to focus on the essential issues. Wiz is also very fast at displaying emerging threats in the platform and showing the risks to our resources. A big plus from the SOC / CISO perspective.
The ability to organize cloud resources in projects, which in turn can be controlled granularly via RBAC and provided with dedicated integrations, makes Wiz a tool that we have been able to introduce very well throughout the entire IT organization.
The support from Wiz is good and fast. We receive quick feedback and good support on our tickets.
The further development of the platform should be emphasized. The features that Wiz had when we introduced it were already great and in the 2 years Wiz has developed enormously. So fast that we can't keep up with introducing these features in the organization.
I am delighted to have found a security tool in Wiz that is not only useful for the security departments, but also helps the IT teams and is used and appreciated by them. Wiz has brought the maturity of our cloud forward.
What do you dislike about the product?
Wiz is a little weak when it comes to reporting functions for management. The dashboard functions are basically good and clear, but more suited to techies. So far, we have not been able to create any reports for management without exporting and otherwise preparing data. If there were more options here in the future, that would be another plus for Wiz.
The data export options are limited, and it is difficult to export data for very large cloud environments.
The data export options are limited, and it is difficult to export data for very large cloud environments.
What problems is the product solving and how is that benefiting you?
Wiz gives us a central overview of cloud assets, their configuration, findings in the assets, how they are related to each other and what risks are associated with them. This helps us to prioritize problems and harden the cloud. There are also threat detection and forensic features. With Wiz, we can manage the security of our cloud from a single tool.
Enhanced security profiling and predictive analysis in diverse industries
What is our primary use case?
We are a partner and develop Wiz opportunities here in Brazil and Latin America. We already have some customers using Wiz as a DSPM platform. We use it in various industries, like retail, where it is used for security profiling and predictive analysis to identify risks. There is also a global industrial company using Wiz, but I cannot disclose its name.
How has it helped my organization?
The platform offers granularity in visibility, which is essential for understanding our risks and threats. We implement a maturity report to provide our customers with a cloud maturity idea using Wiz to identify and suggest actions to enhance their environment's resilience and availability.
What is most valuable?
The granularity of visibility that the platform provides is the most valuable aspect. It shows all details of our sources, which helps in understanding the risks and threats within the system. Additionally, the platform's integration capabilities allow us to see various operational systems through Wiz.
What needs improvement?
In Brazil, the cost is a significant issue due to the currency exchange rate. Wiz is not a cheap solution, and it is hard to prove cost efficiency to customers. While it improves security and maturity, reducing costs is challenging due to it being expensive.
How are customer service and support?
WIZ does not have local support in Brazil. However, Century Data has an engineering team who support the initial calls with a local Knowledge base.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We previously used SentinelOne, which is XDR and protects servers or workstations but does not offer Wiz's DSPM capabilities.
How was the initial setup?
Customers have told us that Wiz is easier to implement than Orca. Both technologies are agentless, but Wiz is simpler to deploy.
What was our ROI?
The local cost of Wiz in Brazil is high, making it difficult to achieve a significant return on investment. While it enhances security and maturity, the high cost in Brazil makes it challenging to demonstrate cost reduction.
What's my experience with pricing, setup cost, and licensing?
The cost depends on workload, features, and modules, and it is not inexpensive. Other technologies, like Orca, a competitor, are also expensive.
Which other solutions did I evaluate?
I did evaluate Orca previously.
What other advice do I have?
I recommend Wiz for customers who need more maturity in their operations. It provides extensive visibility and granularity, essential for managing security and operational risks.
I'd rate the solution ten out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Great user experience and coverage
What do you like best about the product?
Wiz provides complete visibility of our cloud environments. It replaces so many other one off solutions and gives us confidence on the security of our environment. Some other tools are super noisy, but Wiz includes more context about the actual risk of the issue while factoring in different sources of data.
Their vulnerability management product has become really great and easy to use. It is very easy to prioirtize different applications, and generating SBOM of your environment is useful as well. The runtime validation of dependencies gives extra peace of mind. This was super helpful in our compliance journey.
I also like their cloud events management solution, it was very easy to set up with both AWS and Azure and it comes with many canned threat detection alerts (you can also create your own).
Overall, super easy to set up and get complete visibility of your environments. No agents to deploy.
Requesting new features and other small updates to the platform is easy and their support team is responsive. Any issue that I've reported is resolved shortly after.
Their vulnerability management product has become really great and easy to use. It is very easy to prioirtize different applications, and generating SBOM of your environment is useful as well. The runtime validation of dependencies gives extra peace of mind. This was super helpful in our compliance journey.
I also like their cloud events management solution, it was very easy to set up with both AWS and Azure and it comes with many canned threat detection alerts (you can also create your own).
Overall, super easy to set up and get complete visibility of your environments. No agents to deploy.
Requesting new features and other small updates to the platform is easy and their support team is responsive. Any issue that I've reported is resolved shortly after.
What do you dislike about the product?
Email reports could be improved, rather than just sending out csv files.
I don't have any other complaints.
I don't have any other complaints.
What problems is the product solving and how is that benefiting you?
Discovery and management of security issues, compliance reporting, malicious event detection
Advanced security insights and comprehensive risk visibility across multi-cloud environments
What is our primary use case?
We use Wiz to monitor cloud security across Azure, Oracle OCI, and Google GCP cloud environments. With Wiz implementation we aim to eliminate the security team from security findings communication and triage and allow development, cloud and infrastructure teams direct access to security configuration findings - saving time for everyone involved.
The client has around over 2000 workloads in Azure, and more than 200 in Oracle OCI, as well as small cloud presence in Google GCP.
For the initial deployment, we aim to enable good visibility across all cloud platforms (width), as well as across different levels of visibility (depth) by employing CSPM, CIEM, DSPM, EASM, CDR and other capabilities offered by Wiz.
Going forward, we plan to implement cloud forensics feature, as well as integrate it into our CI/CD pipelines and code repositories for preventative capabilities.
How has it helped my organization?
The integration is still in its early stages, and I will continue to update this report as we move forward. That being said, everything has been excellent so far!
Wiz helped to detect multiple virtual machines in Azure and Oracle OCI cloud environments that had problems, including crypto-miners and malware. Furthermore, Google GCP usage in the company was discovered by Wiz, which the other two CNAPP tools we've tested have missed.
We also discovered credentials stored on the disk of a virtual machine in the test/dev environment, which could potentially provide access to parts of other cloud environments if compromised (allow lateral movement).
We can confidently say that we now see the full picture of risk across our cloud environments, including internet-exposed, vulnerable (unpatched) and misconfigured cloud assets, as well as sensitive data stored in those cloud assets.
We're currently going through the process of user onboarding to enable time savings for security team and streamline the time to take action to remediate the findings.
What is most valuable?
The time savings and the many moments of "if I was building a CNAPP, this is how I would do it" were where Wiz had already implemented what I wished for. Wiz also saves time by validating a network misconfiguration by not only looking at the cloud asset configuration but also by testing if a port that is stated to be open is actually open.
The Wiz product team recognises that the world doesn't revolve around Cyber Security teams. This is evident in their emphasis on providing clear and simple remediation advice and offering explanations of the alerts, making it easy for non-security team members to understand what’s happening and why. This was one of the key criteria why Wiz has been selected over the competitors.
My favourite is the EASM/External Exposure view and overall package - full risk visibility. It allows us to prioritize, and I mean truly prioritize, what should be addressed first. We can now see cloud workloads exposed to the internet in case of critical vulnerabilities, and if these workloads hold or can access sensitive data, we can act fast and patch these workloads first, and therefore reduce our overall risk exposure time.
Another favourite feature is the ability to give feedback and quickly raise a support case, as well as the comment option for each finding in Wiz web portal. It enables simple, yet effective collaboration between security, cloud, infrastructure and development teams.
What needs improvement?
It's too early to tell what can really be improved. However, we noticed some capabilities that were lacking, specifically ignoring some false-positive Issue findings. The good news - with the latest update, this has been resolved.
The built-in reports have room for improvement, especially the executive summary reports. However, this is compensated by the excellent Dashboards available in Wiz web portal.
Overall, nothing is majorly lacking, and so far, all issues we encountered have been addressed with a few outstanding ones that are pending for a feature release.
For how long have I used the solution?
I have been using this solution since June 2024.
With two main cloud platforms fully onboarded, the integration project is still ongoing.
What do I think about the stability of the solution?
The solution is very stable. We observed a case where some of the newly introduced built-in policies caused minor discrepancies in the alert count, but the Wiz support team promptly resolved the issue.
What do I think about the scalability of the solution?
So far, so good! No issues were observed in scalability.
How are customer service and support?
Support is excellent. We had 10 to 15 TAC cases open; most are addressed, and few that remain open have updates and a clear path towards resolution.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Previously, I used Check Point's CloudGuard (while it was still called Dome9), Prisma Cloud by Palo Alto Networks, and Microsoft's Defender for Cloud (since 2020, when it was still called Azure Security Center). I have also tested Orca Security CNAPP solution in a PoC setting for about a month.
How was the initial setup?
The setup is straightforward. There were no issues with either cloud connector that I used (Azure, OCI and Kubernetes).
What about the implementation team?
I am a consultant working on this integration - HLD, LLD, integration itself, policy review/triage of findings, and user training/onboarding. The support team has been great! From sales to customer success - it has been a smooth ride.
What was our ROI?
The main ROI will be the time savings from not needing to write a basic remediation advisory for the dev team and then send/track it using email.
What's my experience with pricing, setup cost, and licensing?
The sizing script provided by Wiz is fairly accurate. The support team will help you accurately identify the licensing needs. We've done it, and it is spot-on.
Which other solutions did I evaluate?
We evaluated two other CNAPP solutions.
What other advice do I have?
So far, I really like the solution and the team supporting our integration.
While it's quite early for a full review, we already have the key parts functionality deployed, and I will be updating this review once the integration is finalized next year (code security for CI/CD, cloud incident response and forensics, and automation of preventative capabilities remains on our to-do list).
Disclaimer: I received a typical customer "swag" package (jumper, backpack, thermal cup) from Wiz, but I can confidently say it had no influence on the content of my review of the CNAPP solution.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
Impressive Experience and Rapid Deployment
What do you like best about the product?
We enaged with Wiz quite a while ago to run a proof of value within our orgninisation. Right from first contact we found all Wiz representitives to be professional, friendly & super passionate about the platform.
We have now fully deployed the platform and I am impressed with the ease of deployment and also the very short time it takes to begin gaining the value. The trickiest part for us is onboarding our operational teams, but Wiz do make it very easy to allow only relevent access to each operational team via a "projects" feature.
Its very early in our journey with the platform so time will tell if we continue to keep that value after the initial hump where we have more to remidiate. But given the speed at which the Wiz teams are releasing features the future of our partnership with Wiz looks very bright.
I'd also like to add that the Customer Support experiance with Wiz has been some of the best I have experianced. The support teams ares very quick to respond and have the skills needed to assist. Also worth mentioning is the Wiz documentation and included onboarding academy videos are very good.
We have now fully deployed the platform and I am impressed with the ease of deployment and also the very short time it takes to begin gaining the value. The trickiest part for us is onboarding our operational teams, but Wiz do make it very easy to allow only relevent access to each operational team via a "projects" feature.
Its very early in our journey with the platform so time will tell if we continue to keep that value after the initial hump where we have more to remidiate. But given the speed at which the Wiz teams are releasing features the future of our partnership with Wiz looks very bright.
I'd also like to add that the Customer Support experiance with Wiz has been some of the best I have experianced. The support teams ares very quick to respond and have the skills needed to assist. Also worth mentioning is the Wiz documentation and included onboarding academy videos are very good.
What do you dislike about the product?
Honestly so far there is nothing to dislike
What problems is the product solving and how is that benefiting you?
Before we deployed Wiz we struggled to put together data from our security tooling to provide priority of where our teams need to start. Wiz helps cut through that by providing clear attack paths.
Wiz is the cloud security tool that just keeps giving...
What do you like best about the product?
Wiz is the market leader and has been for years. This means they could just sit back and enjoy the profits of their labor. However, that is not their approach. We still have regular calls with our Wiz success team and they go over monthly new features. They add features that we need like we are their only customer. It is incredible how much R&D they have. From CSPM, to DSPM. etc. I usually prefer to have separate, best of breed tools for each of these but with Wiz, they have proven me wrong. They are able to integrate each of these critical security capabilities into a single framwork that helps us scan our configurations, data types, user access, etc all in one.
What do you dislike about the product?
There are always downsides to every tool. While I am not in the tool daily as much as the engineers, I do notice that the search and report/export features sometimes is confusing, due to the granular features. I would like to sometimes search via user or host name and you might be forced to use IP or vice versa. However, since they deploy GUI and feature updates on a monthly or more frequent basis, this will likely be resolved soon.
What problems is the product solving and how is that benefiting you?
I would have to purchase at least 3 separate solutions if I didn't use Wiz. A vuln scanner, CSPM and DSPM.
showing 61 - 70