The Picus Security Validation Platform
Picus SecurityReviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
218 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Like a cyber blade against the firewall: Picus!
What do you like best about the product?
What I love most is how Picus treats cybersecurity not as a task, but as a living ecosystem. Checking the dashboard in the morning feels like taking an X-ray of our infrastructure. The simulations don't just mimic attacks — they become the threat, aligning with real-world APT tactics so accurately it’s almost poetic. It's not just validation — it's a wake-up call for those who still trust passive SIEM alerts. Picus acts like the Red Team agent your SOC never knew it needed, constantly challenging your confidence in your defenses.
What do you dislike about the product?
Picus sometimes gives you too much visibility. It’s like being the only person in the control room who knows the asteroid is coming — you have all the data, but triage becomes the real skill. The platform is so fast in adopting the latest attack techniques that it can leave your slower legacy systems gasping for breath, creating a strange temporal gap between detection and correlation. It doesn’t break things — it just exposes how broken they already were.
What problems is the product solving and how is that benefiting you?
Picus helps us break the illusion of security by validating our defenses continuously — not quarterly, not yearly, but right now. It solves the biggest lie in cybersecurity: "We’re secure because we haven’t been breached." Instead, Picus shows us where the castle walls are already crumbling, using real-world attack methods from today’s headlines. It replaces theoretical risk scoring with practical, empirical evidence. It’s not just helping us pass audits — it’s helping us deserve to pass them.
An Effective and Practical Solution to Increase Cyber Resilience
What do you like best about the product?
My favorite aspect of Picus is its ability to continuously test our security controls using up-to-date attack scenarios taken from the real world. Vulnerabilities are clearly revealed through MITRE ATT&CK-based analyses, and we can clearly see where each security control falls short. The interface is simple, easy to use, and the results of the simulations are supported by comprehensible reports.
What do you dislike about the product?
Especially in multi-layered network structures, sensor installations and simulation deployment can be a bit complex initially. Additionally, the pricing of the product may be high for small-scale organizations.
What problems is the product solving and how is that benefiting you?
Picus Security allows us to continuously test how effective our security controls are. Seeing how systems like IDS/IPS, EDR, and firewalls actually perform against threats has enabled us to go beyond compliance on paper. Especially with MITRE ATT&CK-based simulations, we can detect internal vulnerabilities early and take preventive actions in a timely manner. This way, we have both strengthened our security posture and established a more robust defense line against regulations.
The most beneficial cybersecurity solution you can get for your money
What do you like best about the product?
What I appreciate most about Picus Security is its ability to continuously and automatically test the effectiveness of security controls. With up-to-date threat simulations, we can see how well our defenses are performing. It can also make vendor-specific recommendations when improvements are needed in our defenses. Also threat library is always up-to-date. I think you get the most out of your money.
What do you dislike about the product?
Following the attack simulations from the interface can be challenging for a first-time Picus user, but after a while, you get used to the solution as you use it.
What problems is the product solving and how is that benefiting you?
Picus allows us to instantly test the effectiveness of our security controls. Through attack simulations, it uncovers vulnerabilities we may not be aware of. Picus solves business problems such as the inability to measure the effectiveness of security investments, the late detection of security vulnerabilities, and being caught unprepared for threats. It is particularly beneficial for regulatory compliance and providing management with measurable security data.
Picus Review
What do you like best about the product?
Picus Security excels because it provides an automated way to test and strengthen your organization’s security posture in real time. The platform simulates a broad range of real-world cyber threats across your network, helping you pinpoint weaknesses before attackers can exploit them. What sets Picus apart is that it doesn’t just identify gapsit also offers clear, actionable mitigation steps specific to your existing tools, so remediating issues is practical and efficient. Its automation features save time by allowing you to quickly update detection rules and security configurations. The reporting is intuitive and executive-friendly, making it easy for both technical teams and business leaders to understand the value and impact of security improvements. In summary, Picus Security stands out for its proactive, automated threat validation, easy-to-follow recommendations, and its ability to help teams work smarter, not harder, in improving cyber resilience.
What do you dislike about the product?
While Picus Security is a strong platform for automated threat simulation and security validation, some users find its interface a bit complex initially and wish for more detailed, customizable reporting. Additionally, the tool may not cover every scenario perfectly, and automatic fixes aren’t available for all identified issues. There can also be challenges in pinpointing which exact security controls succeed or fail without further manual review. Despite these points, users appreciate its core value for proactively identifying security gaps and providing actionable recommendations.
What problems is the product solving and how is that benefiting you?
By automatically simulating real-world attacks, it helps you spot weaknesses before attackers do. This means fewer blind spots and more confidence in your defenses. Instead of just pointing out what’s wrong, Picus tells you how to fix it. This saves time and makes remediation practical, not theoretical. The system automates repetitive testing and some remediation tasks, so your team can focus on high-value work rather than manual checking or guesswork. It distills results into easy-to-understand visuals and metrics, making it simpler to communicate risk and improvements to leaders and stakeholders
Picus
What do you like best about the product?
Cloud management is very successful. We can score our different locations separately. We are developing our security improvements according to MITRE ATT&CK.
What do you dislike about the product?
Overall, we are happy with the product. There is nothing we don't like about it.
What problems is the product solving and how is that benefiting you?
It allows us to take proactive measures against general and sectoral cyber risks. It significantly supports our security development process.
Reliability, high performance, easy access
What do you like best about the product?
It's important that it's in a cloud environment and easily accessible. From a security perspective, we can easily assess the security policies in our work environment with picus security.
What do you dislike about the product?
There is no feature I don't like at the moment
What problems is the product solving and how is that benefiting you?
We receive support when there are problems with the simulations we run at our institution. The support provided resolves the problem.
Picus Security
What do you like best about the product?
security rules and updates are working properly
What do you dislike about the product?
There is no problem.We continue to use it.
What problems is the product solving and how is that benefiting you?
Provides ease of use in different locations.
A good product for security operations and detecting security problems
What do you like best about the product?
detecting security produtcs abilities and capabilities
What do you dislike about the product?
the reports takes for a log time to open
What problems is the product solving and how is that benefiting you?
testing block and detect capabilities of security products like anti virus and edr's. I am able to see security level and defending rates of the products
Senior security incident management specialist
What do you like best about the product?
Picus's user interface is simple and intuitive. Creating test scenarios, analyzing results, and taking action are all easy. Even users with little technical knowledge can easily use it.
What do you dislike about the product?
Not all features come with on-prem solutions.
All attack senarios start with same parent process name (picus.exe)
All attack senarios start with same parent process name (picus.exe)
What problems is the product solving and how is that benefiting you?
It helped to increase the low detection and blocking scores in firewalls (IDS and IPs) and endpoint security products.
Great for continuous security testing
What do you like best about the product?
What I like about Picus Security is its ability to provide continuous, automated breach and attack simulations that help us easily identify and remediate security gaps, ensuring we are prepared to up to date threats
What do you dislike about the product?
İnitial setup is hard to align with organization specific environments.
What problems is the product solving and how is that benefiting you?
It helps identify gaps with real world scenarios , before attackers can exploit them, enabling faster remediation, improving overall security , and ensuring that security products are delivering the intended protection.
showing 91 - 100