The Picus Security Validation Platform
Picus SecurityReviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
210 reviews
from
External reviews are not included in the AWS star rating for the product.
Proactive and Practical Security Validation That Truly Delivers
What do you like best about the product?
What I like best about Picus Security is how it combines comprehensive threat simulations with actionable insights. The platform makes it possible to continuously validate whether our defenses—from endpoint solutions to firewalls and SIEM—are actually effective against the latest threats. The frequent updates and breadth of the threat library keep everything relevant, and the integrations with existing tools make adoption seamless. Whether in a large enterprise environment or a smaller team setup, Picus helps transform cybersecurity from reactive to proactive, saving time and strengthening overall resilience.
What do you dislike about the product?
There isn’t much to dislike. If I had to mention one thing, it’s that the reporting side could be more customizable for specific compliance frameworks or executive-level summaries. That said, the level of detail is excellent for technical teams, and the support team is very responsive in helping us work around these needs.
What problems is the product solving and how is that benefiting you?
Picus helps us see if the tools we already use, like firewalls and EDR, actually stop real attacks. Before, we mostly relied on vendor dashboards and assumptions, but now we get clear results from real simulations. This way we can spot gaps or misconfigurations early and fix them before they become a problem. It saves us time, gives us confidence in our defenses, and helps us focus on the areas that really matter.
picus security review
What do you like best about the product?
Our institution has great support for its security infrastructure.
What do you dislike about the product?
Picus uses too much of our email capacity.
What problems is the product solving and how is that benefiting you?
provides defense against attacks on the institution.
predicts risks.
predicts risks.
The impact of picus on my daily security practices
What do you like best about the product?
Picus keeps us up to date with the latest threats. The continuous validation gives me confidence that our systems are well-protected.
What do you dislike about the product?
The reports are very detailed, but occasionally they can be overwhelming for non-technical users.
What problems is the product solving and how is that benefiting you?
Picus bridges the gap between detection and response by showing us where we are weak. This gives us actionable insights to stay secure
Finally, we can answer the question: How secure are we?
What do you like best about the product?
With its products, Picus Security enables us and our clients to objectively test cybersecurity systems and maximize their effectiveness. It also allows us to assess the level of security we have achieved and to justify past and future investments.
What do you dislike about the product?
Any solution can be improved, and Picus Security’s products are no exception. However, in recent years, the vendor has successfully enhanced the capabilities of its products and services, promptly addressing the ever-changing needs of the cybersecurity landscape.
What problems is the product solving and how is that benefiting you?
Keeping cybersecurity defense systems under constant testing and control is, in itself, essential to maintaining high levels of security. However, one of the most distinctive and valuable features of Picus Security is its ability to provide objective measurements of the level of protection achieved. In other words, it enables organizations to answer the question 'How secure are we?'—a question often posed by non-technical managers to CISOs. Picus makes it possible to respond with 'Executive' reports and metrics that are easy to understand even for non-specialists, thereby supporting the justification of past investments as well as those to be planned in future budgets
Picus Security: Strengthening Security Posture Through Proactive Attack Simulation
What do you like best about the product?
Picus Security excels in continuous security validation by simulating real-world attack scenarios in a controlled and automated way. This allows organizations to proactively identify vulnerabilities and gaps in defenses before attackers can exploit them. I particularly appreciate:
Actionable insights: It doesn’t just highlight weaknesses; it provides clear guidance on how to remediate them.
Integration flexibility: Works well with existing security tools (SIEM, EDR, firewalls) to enhance overall security posture.
Actionable insights: It doesn’t just highlight weaknesses; it provides clear guidance on how to remediate them.
Integration flexibility: Works well with existing security tools (SIEM, EDR, firewalls) to enhance overall security posture.
What do you dislike about the product?
While Picus Security is powerful, there are a few areas that could be improved:
Learning curve: New users may find the platform’s interface and features slightly complex at first, especially without prior experience in security validation.
Resource requirements: Running continuous attack simulations can consume noticeable system and network resources, which may need planning in larger environments.
Learning curve: New users may find the platform’s interface and features slightly complex at first, especially without prior experience in security validation.
Resource requirements: Running continuous attack simulations can consume noticeable system and network resources, which may need planning in larger environments.
What problems is the product solving and how is that benefiting you?
Picus Security addresses a critical challenge in cybersecurity: the gap between security controls and real-world threats. Many organizations deploy firewalls, SIEMs, and endpoint protections but lack continuous validation to ensure these controls are effective against the latest attack techniques.
Picus Security solves this by:
Simulating real-world attacks continuously, identifying weak points in defenses before attackers can exploit them.
Providing actionable remediation guidance, which helps security teams prioritize fixes efficiently.
Validating security investments, ensuring that existing tools like EDR, firewalls, and intrusion detection systems are properly configured and effective.
Reducing risk of breaches, by proactively uncovering vulnerabilities that could lead to data loss, downtime, or compliance issues.
Picus Security solves this by:
Simulating real-world attacks continuously, identifying weak points in defenses before attackers can exploit them.
Providing actionable remediation guidance, which helps security teams prioritize fixes efficiently.
Validating security investments, ensuring that existing tools like EDR, firewalls, and intrusion detection systems are properly configured and effective.
Reducing risk of breaches, by proactively uncovering vulnerabilities that could lead to data loss, downtime, or compliance issues.
A Pioneer in Realistic Threat Simulation, Continuously Improving
What do you like best about the product?
he continuously updated MITRE ATT&CK–based threat library and realistic attack simulations stand out the most. They give us clear, actionable insights into security gaps and provide automated remediation guidance that we can implement immediately. The seamless integrations with our existing security tools mean we get faster, more accurate validation without disrupting daily operations.
What do you dislike about the product?
While the platform is highly effective, some of the advanced reporting options could be more customizable to match specific organizational requirements. Additionally, expanding the flexibility of test customization—such as fine-tuning attack parameters—would make the simulations even more aligned with real-world scenarios. These are not critical gaps, and it’s encouraging that the product team appears to be actively addressing them
What problems is the product solving and how is that benefiting you?
Picus Security helps us proactively identify and address security gaps before they can be exploited. By running continuous, realistic attack simulations mapped to the MITRE ATT&CK framework, it validates whether our existing security controls are working as intended. This reduces our reliance on reactive incident response and allows our SOC team to focus on prevention. The automated remediation guidance shortens the time needed to fix weaknesses, ultimately improving our overall security posture and reducing operational risk.
Leading company to the sector
What do you like best about the product?
I appreciate Picus Security for its ability to run realistic attack simulations and deliver precise, practical recommendations to strengthen our defenses.
What do you dislike about the product?
The only downside is that Picus Security provides so many insights that it keeps us constantly improving our defenses.
What problems is the product solving and how is that benefiting you?
Before using this solution, we struggled with fragmented workflows and inconsistent data reporting. Now, we have a centralized platform that improves team collaboration, reduces manual work, and provides real-time analytics. This has directly led to faster decision-making and improved efficiency.
Picus Security
What do you like best about the product?
I like Picus Security’s innovative approach to security validation, the collaborative and supportive team, and the opportunities to learn new technologies.
What do you dislike about the product?
The fast-paced environment can be challenging at times, and some projects have limited resources.
What problems is the product solving and how is that benefiting you?
Picus Security helps identify and address security gaps before they can be exploited, improving overall cyber resilience. This benefits me by ensuring a safer and more secure environment to work in and learn from.
Intuitive Interface, Up-to-Date Security, and Outstanding Post-Sales Support
What do you like best about the product?
The user interface is very intuitive and easy to use. In addition, the Security Control Validation module is constantly updated with the latest TTPs that are observed in the wild.
The post sales support is efficient as well, whereby there is quarterly update on the current product roadmap and follow up on any issue that the user encounter
The post sales support is efficient as well, whereby there is quarterly update on the current product roadmap and follow up on any issue that the user encounter
What do you dislike about the product?
There are some TTPs that are available in open source tool (e.g atomic red team) but not widely available in Picus SCV.
What problems is the product solving and how is that benefiting you?
Picus Security addresses a critical challenge faced by modern SOC teams: how to ensure that the security products they have invested in are truly performing as promised. For instance, a SIEM solution from Vendor X may claim to detect specific TTPs, or an EDR tool from Vendor Y may promise to prevent them. But who can actually verify these claims?
With the Picus Security Security Control Validation (SCV) module, SOC teams can efficiently validate such vendor promises, identify detection and prevention gaps, and take proactive measures to close them.
This capability is especially valuable to me in my role where I focus on assessing and enhancing the SOC team's detection quality.
With the Picus Security Security Control Validation (SCV) module, SOC teams can efficiently validate such vendor promises, identify detection and prevention gaps, and take proactive measures to close them.
This capability is especially valuable to me in my role where I focus on assessing and enhancing the SOC team's detection quality.
The Most Effective Way to Continuously Validate Our Cybersecurity Posture
What do you like best about the product?
Since we started using Picus Security, we've shifted from a passive monitoring approach to a proactive one. The platform's mitre attack-based attack simulations allow us to clearly see how prepared our environment is against real-world threats. It's been particularly useful in assessing the effectiveness of our existing security tools (like SIEM, EDR, IPS), identifying gaps, and taking action quickly.
The user interface is intuitive and easy to navigate—even for team members who aren't deeply technical.
The user interface is intuitive and easy to navigate—even for team members who aren't deeply technical.
What do you dislike about the product?
The reporting can sometimes be overly detailed, which makes it slightly challenging when preparing high-level summaries for management. Additionally, the integration of newly discovered threats into the platform can occasionally lag behind a bit.
What problems is the product solving and how is that benefiting you?
Picus Security solves the challenge of continuously validating the effectiveness of our security defenses. It allows us to simulate real-world attacks and test our systems, ensuring our tools (like firewalls, SIEM, and EDR) are performing as expected.
Benefits:
Proactive Approach: We can identify vulnerabilities before they are exploited.
Improved Confidence: Continuous testing boosts our trust in our security posture.
Faster Response: Issues are detected and addressed more quickly, minimizing risk.
Benefits:
Proactive Approach: We can identify vulnerabilities before they are exploited.
Improved Confidence: Continuous testing boosts our trust in our security posture.
Faster Response: Issues are detected and addressed more quickly, minimizing risk.
showing 1 - 10