The Picus Security Validation Platform
Picus SecurityReviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
220 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Picus is a excellent platform that covers a wide range of attack and highly accurate simulations.
What do you like best about the product?
The platform is well-developed, offering a highly accurate attack simulations across many modules. We really like the clear, traceable actions and detailed simulation steps, which provide a good insights. The vendor-specific mitigation recommendations are really helpful. Our customers' feedback from POCs has been positive, consistently highlighting their satisfaction with the platform and its ease of use including the Integration.
What do you dislike about the product?
A minor point mentioned is that sometime we are not always informed when documentation in the knowledge base is updated. So, It is hard for us to know wheter the newer Document is update and fix the issue or not.
What problems is the product solving and how is that benefiting you?
Customer they've encountered issues where their existing security tools, while generally good, sometimes don't seem to operate at their full potential. And they also want to know if their organization can effectively handle new and emerging threats or not. Using Picus helps them answer these questions exceptionally well. Picus allow us to simulate the emerging threat, and deep drive in to which technique that the attack may uses to take control of the machine. Each phase of the simulation is very clear of how each action happen on the endpoint machine.
From Security Theater to Operational Cyber Truth – Picus Makes the Difference
What do you like best about the product?
What makes Picus Security stand out is its ability to continuously validate an organization's cyber defense posture in real-world conditions. The platform provides a proactive and measurable approach to threat simulation, helping us to identify configuration gaps, evaluate detection capabilities, and prioritize mitigation actions across both IT and OT environments.
Picus seamlessly integrates with our existing Cyber ecosystem, providing actionable insights rather than generic scoring. Its Attack Path Validation and Security Control Validation modules have drastically improved our CYBER FUSION CENTER -CROCvisibility into exposure and control effectiveness.
Moreover, the dashboard is intuitive and the ability to generate executive-level reports that translate technical risks into business impact is a major plus when communicating with leadership and board-level stakeholders.
Picus seamlessly integrates with our existing Cyber ecosystem, providing actionable insights rather than generic scoring. Its Attack Path Validation and Security Control Validation modules have drastically improved our CYBER FUSION CENTER -CROCvisibility into exposure and control effectiveness.
Moreover, the dashboard is intuitive and the ability to generate executive-level reports that translate technical risks into business impact is a major plus when communicating with leadership and board-level stakeholders.
What do you dislike about the product?
While the platform offers great technical depth, there is room for improvement in the customization of reporting templates and API flexibility for large-scale automation use cases.
That said, the Picus team is highly responsive, and we have already seen improvements in these areas through roadmap updates.
That said, the Picus team is highly responsive, and we have already seen improvements in these areas through roadmap updates.
What problems is the product solving and how is that benefiting you?
Picus Security is solving a fundamental challenge: how to continuously validate the effectiveness of our security controls and translate technical risk into actionable business insights.
Traditional cybersecurity programs often rely on static assessments and assumptions. Picus shifts this paradigm by enabling continuous security validation through automated Breach and Attack Simulations (BAS) and Attack Path Validation. This approach ensures that our defenses are not only in place but actually working — 24/7.
Thanks to Picus, we’ve been able to:
Quantify exposure and security gaps across our environment .
Prioritize remediation actions based on real threat scenarios rather than theoretical CVEs.
Optimize our detection rules and SIEM content, reducing false positives and improving mean time to detect/respond.
Justify investments in security controls with real data, which has strengthened our communication with business stakeholders and supported more informed budget allocation.
The strategic benefit is clear: Picus helps move our cybersecurity from a reactive to an antifragile, intelligence-driven posture — improving both operational readiness and executive confidence in our cyber risk management program.
Traditional cybersecurity programs often rely on static assessments and assumptions. Picus shifts this paradigm by enabling continuous security validation through automated Breach and Attack Simulations (BAS) and Attack Path Validation. This approach ensures that our defenses are not only in place but actually working — 24/7.
Thanks to Picus, we’ve been able to:
Quantify exposure and security gaps across our environment .
Prioritize remediation actions based on real threat scenarios rather than theoretical CVEs.
Optimize our detection rules and SIEM content, reducing false positives and improving mean time to detect/respond.
Justify investments in security controls with real data, which has strengthened our communication with business stakeholders and supported more informed budget allocation.
The strategic benefit is clear: Picus helps move our cybersecurity from a reactive to an antifragile, intelligence-driven posture — improving both operational readiness and executive confidence in our cyber risk management program.
Friendly interface, successful product, great support
What do you like best about the product?
I like the way of using gui- which is so easy to use/has understandable menu's. With Fast/non-problematic integrations. Threats are always up to date almost daily basis and dynamic threat scheduling feature discards the need of the frequent care. After implementing the system correctly, you only need follow up the reports and take actions afterwise.
The other thing that i like about picus security is customer support. I don't remember anytime that i waited more than 1-2 hours for a response from picus, and support engineers are really skilled about the product. If any bug or some problem appears which r&d should take care; this procedure also are so fast comparing the other vendor's support teams.
We can ask for a new feature via the portal and somebody from Picus always returns our input.
The other thing that i like about picus security is customer support. I don't remember anytime that i waited more than 1-2 hours for a response from picus, and support engineers are really skilled about the product. If any bug or some problem appears which r&d should take care; this procedure also are so fast comparing the other vendor's support teams.
We can ask for a new feature via the portal and somebody from Picus always returns our input.
What do you dislike about the product?
On prems systems may have new features a bit late than cloud systems.
Integrations are working well after you configured correctly but while trying to first time implementing; fail logs are not so clear to troubleshoot the issue.
Integrations are working well after you configured correctly but while trying to first time implementing; fail logs are not so clear to troubleshoot the issue.
What problems is the product solving and how is that benefiting you?
I am consultant, not the product admin so answer is not clear for me.
Easy to use and vendor specific mitigation very helpfull
What do you like best about the product?
Easy to use and vendor specific mitigation very helpfull
What do you dislike about the product?
Vendors which give mitigation number can increase
What problems is the product solving and how is that benefiting you?
We can identified our security gaps.
Able to integrate with majority of market cybersecurity solutions
What do you like best about the product?
Picus Security SCV has able to supports the integration with majority of market cybersecurity solutions to perform security assessment.
What do you dislike about the product?
The solution training, it lack of post sales training in its Picus Academy portal.
What problems is the product solving and how is that benefiting you?
It helps me to validate my security control and address the security gap in this dynamic environment.
A Unique Experience for Cyber Security
What do you like best about the product?
It quickly becomes apparent that the product is significantly superior compared to similar competitors. It is far above its peers.
Its functionality, admin-friendly design, stability, and the many features that competitors lack make it truly unique
Its functionality, admin-friendly design, stability, and the many features that competitors lack make it truly unique
What do you dislike about the product?
The product needs to hold more organizational and vendor-partner meetings and expand its advertising efforts.
What problems is the product solving and how is that benefiting you?
It implements Red-Team applications in the field of Cyber Security in an up-to-date and stable manner on my behalf.
A useful and well-designed software. User-friendly and practical.
What do you like best about the product?
User-friendly and practical.It behaves like an attacker, allowing malicious files to be uploaded during the process, and then removes those files after the test — these are well-designed features.Integrations are done very quickly and easily, and their technical consultancy is excellent.
What do you dislike about the product?
The tests conducted have not fully embraced the principles of white-box and black-box testing. I would have preferred them to be effective in both approaches.
What problems is the product solving and how is that benefiting you?
We can identify configuration errors made in the environment. In addition, it helps me analyze the movements of a hacker group and use the products I have to ensure maximum security.
The Gold Standard in Security Validation
What do you like best about the product?
What I like best about Picus Security is that it has completely transformed the way we measure and strengthen our cyber defenses. The platform delivers exceptionally realistic and constantly updated attack simulations, ensuring we are always prepared for the latest threats.
Its intuitive, beautifully designed interface makes running simulations, reviewing insights, and implementing improvements effortless — even for complex environments. The reporting is world-class, providing clear, actionable intelligence that not only improves our security posture but also impresses management and simplifies compliance audits.
Most importantly, Picus empowers us to move from a reactive stance to a truly proactive, intelligence-driven security strategy, giving us unmatched confidence in our ability to defend against evolving cyber threats. Simply put, it’s one of the most impactful security solutions we have ever implemented.
Its intuitive, beautifully designed interface makes running simulations, reviewing insights, and implementing improvements effortless — even for complex environments. The reporting is world-class, providing clear, actionable intelligence that not only improves our security posture but also impresses management and simplifies compliance audits.
Most importantly, Picus empowers us to move from a reactive stance to a truly proactive, intelligence-driven security strategy, giving us unmatched confidence in our ability to defend against evolving cyber threats. Simply put, it’s one of the most impactful security solutions we have ever implemented.
What do you dislike about the product?
Honestly, there’s very little to dislike about Picus Security.
If I had to mention something, it would be that the platform offers so many capabilities and features that it can feel overwhelming at first. However, this is more a sign of its depth and power than a real drawback — and the excellent onboarding resources and responsive support team make the learning curve short and manageable.
If I had to mention something, it would be that the platform offers so many capabilities and features that it can feel overwhelming at first. However, this is more a sign of its depth and power than a real drawback — and the excellent onboarding resources and responsive support team make the learning curve short and manageable.
What problems is the product solving and how is that benefiting you?
Picus Security is addressing one of the most critical challenges in cybersecurity today — ensuring that security controls are actually effective against real-world threats. By continuously simulating cyberattacks in production environments, Picus helps identify gaps in prevention and detection capabilities before attackers can exploit them.
This proactive approach not only strengthens our security posture but also provides measurable insights that help us prioritize and optimize our defense strategies. The platform’s ease of use, comprehensive threat library, and detailed mitigation guidance make it a valuable tool for both red and blue teams.
Thanks to Picus, we can validate our security controls with confidence and respond to evolving threats much faster. It adds real, measurable value to our cybersecurity operations.
This proactive approach not only strengthens our security posture but also provides measurable insights that help us prioritize and optimize our defense strategies. The platform’s ease of use, comprehensive threat library, and detailed mitigation guidance make it a valuable tool for both red and blue teams.
Thanks to Picus, we can validate our security controls with confidence and respond to evolving threats much faster. It adds real, measurable value to our cybersecurity operations.
Picus Security is recommending for organizations that adopt a proactive approach to cybersecurity.
What do you like best about the product?
What I like best about Picus Security is its ability to continuously validate the effectiveness of security controls through automated, real-world attack simulations. The platform provides actionable insights by emulating the latest threat tactics, techniques, and procedures (TTPs) aligned with the MITRE ATT&CK framework. This allows security teams to identify coverage gaps, prioritize remediation efforts, and improve detection and response capabilities with measurable outcomes.
What do you dislike about the product?
While Picus Security offers exceptional value in continuous security validation, one area that could be improved is the customization flexibility for highly specific or niche attack scenarios.
What problems is the product solving and how is that benefiting you?
Identify and close detection and prevention gaps before attackers can exploit them
Improve the performance of our SIEM, EDR, and other security tools with clear, actionable insights
Justify security investments and prioritize remediation efforts with measurable metrics
Strengthen collaboration between red and blue teams (purple teaming) through shared visibility
Overall, Picus increases our confidence in our security posture and helps us move from reactive to proactive defense, which is a huge benefit in today’s fast-evolving threat landscape.
Improve the performance of our SIEM, EDR, and other security tools with clear, actionable insights
Justify security investments and prioritize remediation efforts with measurable metrics
Strengthen collaboration between red and blue teams (purple teaming) through shared visibility
Overall, Picus increases our confidence in our security posture and helps us move from reactive to proactive defense, which is a huge benefit in today’s fast-evolving threat landscape.
Hands-On Experience with Picus Security: A Practical Tool for Continuous Threat Validation
What do you like best about the product?
My favourite thing about Picus Security is how well it replicates actual cyberattacks in a safe setting, which enables me to spot weaknesses in detection and reaction. Its modules for Email Infiltration and Attack Path Validation (APV) are especially helpful for comprehending how threats might spread laterally throughout the network. Continuously validating and enhancing our defences was made simpler by the user-friendly dashboard, thorough reporting, and integration with SIEM platforms.
What do you dislike about the product?
Despite Picus Security's strength, I occasionally encountered delays in detection, particularly when integrating with SIEM platforms such as RSA NetWitness. Simulations can occasionally run for an excessive amount of time and take too long to start, which delays the evaluation process. According my experience.
What problems is the product solving and how is that benefiting you?
By mimicking actual cyberattacks, Picus Security assists in locating and verifying weaknesses in my company's security measures. It resolves the problem of gauging the efficacy of detection across security tools such as firewalls, EDRs, and SIEMs. It gives me insight into which threats are identified or overlooked by running simulations continuously, which helps me adjust rules, optimise configurations, and raise overall SOC readiness. This proactive approach helps reduce the risk of breaches and ensures better alignment with threat detection and response goals.
showing 141 - 150