Sign in
Sign in
or
Create a new account
Agent Mode
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

The Picus Security Validation Platform

Picus Security

Reviews from AWS customer

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

218 reviews
from and

External reviews are not included in the AWS star rating for the product.

    cem o.

Review of Picus

  • July 28, 2025
  • Review provided by G2

What do you like best about the product?
Aattack Path Validation was great and it helped us to see some vulnearabilities.
What do you dislike about the product?
The least helpful aspect is the complexity of the user interface for new users. It can be overwhelming without prior knowledge of BAS concepts.
What problems is the product solving and how is that benefiting you?
Picus Security helps us validate the effectiveness of our security controls by simulating real-world cyberattacks. Instead of waiting for an actual breach, we can proactively identify and fix gaps in our defenses. This improves our incident response time and strengthens our overall security posture.

    Government Relations

Picus

  • July 28, 2025
  • Review provided by G2

What do you like best about the product?
Dashboards are very user friendly. UI/UX systems seem to be well developed.
What do you dislike about the product?
Installation process is a little bit complicated. The Linux environment is hard to use for Microsoft Windows administrators.
What problems is the product solving and how is that benefiting you?
Itidentifies and fixes errors in the configuration files of security products, detects overlooked insecure settings, and provides recommendations for remediation.

    Onur E.

Picus is a benefical product for validate own security posture

  • July 28, 2025
  • Review provided by G2

What do you like best about the product?
Picus Security’s proactive breach and attack simulation (BAS) platform is a game-changer. It continuously validates security controls by simulating real-world threats, giving us actionable insights to close gaps before attackers exploit them. The automated red teaming and detailed mitigation guidance save us countless hours—turning vulnerability management from reactive to strategic.
What do you dislike about the product?
The licensing standard may change from time to time and may be complex.
What problems is the product solving and how is that benefiting you?
: We couldn't verify if our security tools (EDR, firewall, SIEM) would actually stop modern attacks

    Government Administration

From Visibility to Assurance: Why Picus SCV Became Essential to Our Security Program

  • July 28, 2025
  • Review provided by G2

What do you like best about the product?
What I value most about Picus SCV is its ability to provide continuous, automated validation of our security controls in a real-world context. The platform simulates up-to-date attack techniques—from malware delivery to lateral movement—across the entire MITRE ATT&CK framework, allowing us to verify whether our existing controls detect, prevent, or miss them entirely.

The dashboards and reporting are incredibly intuitive, offering actionable insights that help prioritize remediation based on real security gaps, not theoretical vulnerabilities. Its integration with our SIEM and EDR platforms has also streamlined our detection engineering process significantly.

Most importantly, Picus doesn’t just show us what’s wrong—it empowers us to fix it with mitigation content and detection rule suggestions tailored to our environment. This has turned our purple teaming into a continuous, measurable process.
What do you dislike about the product?
While Picus SCV is an extremely valuable platform, there are a few areas where improvement would further enhance its usability. The initial setup and tuning—especially for large and segmented environments—can be time-consuming, and may require more hands-on guidance than expected.

Additionally, while the mitigation and detection suggestions are helpful, their integration into certain third-party tools sometimes needs manual adjustments, especially when working with custom rule sets or less-common SIEM/EDR solutions.

In on-prem environments, testing WAF rules typically requires creating a dedicated policy and running all tests through that single policy. I've heard that this limitation has been addressed in newer versions, but the update hasn't been made available for on-prem deployments yet.
What problems is the product solving and how is that benefiting you?
Picus Security addresses one of the most critical gaps in cybersecurity: the disconnect between having security controls in place and knowing whether they actually work as expected against real-world threats.

Before Picus, we relied heavily on reactive analysis, assumptions, and post-incident reviews to assess the effectiveness of our security tools. Picus changed that by allowing us to continuously and proactively validate our defenses through automated threat simulations mapped to the MITRE ATT&CK framework.

    Ömer E.

Proactive Cyber Defense in Action: My Experience with Picus Security

  • July 28, 2025
  • Review provided by G2

What do you like best about the product?
What I really like about Picus Security is that it feels like having a smart teammate constantly testing our defenses for us. It doesn’t just tell you what’s wrong — it actually shows you how real attacks would happen and helps fix things before problems arise. It’s straightforward, easy to use, and gives you peace of mind knowing you’re one step ahead of the bad guys.
What do you dislike about the product?
One thing I find a bit frustrating about Picus Security is that the initial setup can be somewhat complex and time-consuming, especially if you don’t have much prior experience with similar tools. Also, sometimes the volume of data and alerts can feel overwhelming at first. However, once you get used to it, the platform becomes much easier to manage and the insights it provides are really valuable.
What problems is the product solving and how is that benefiting you?
Picus Security addresses the challenge of continuously validating and improving an organization’s security posture against evolving cyber threats. By simulating real-world attacks in a controlled environment, it identifies gaps in our defenses that traditional security tools might miss. This proactive approach allows us to prioritize remediation efforts effectively, reduce risks, and ensure compliance with security standards. For me, this means our security team can focus on actual vulnerabilities rather than guesswork, ultimately strengthening our overall defense strategy.

    Erdem E.

Always Aware, Always in Control

  • July 28, 2025
  • Review provided by G2

What do you like best about the product?
The best thing about Picus is how it takes care of automated scans while keeping everything visible. Even if we overlook or forget a change in our security setup, Picus is quick to spot it and guide us to improve our defenses.
What do you dislike about the product?
Sometimes, running certain scans or tests requires adding exceptions. Getting past 'Not Tested' statuses often depends on the involvement of knowledgeable system administrators who understand the environment and give the necessary support.
What problems is the product solving and how is that benefiting you?
Picus helps us stay ahead by showing us exactly where our defenses might fail—before attackers get the chance to exploit them. It’s like having a constant reality check on whether our security tools are actually doing their job. This not only saves us time but gives us peace of mind.

    Vinay S.

Raising the Bar in Threat Simulation – A Review of Picus Security

  • July 28, 2025
  • Review provided by G2

What do you like best about the product?
The ease of deployment, seamless integration and scheduling simulations are some of the features that make picus easy to use. Exceptional help from technical team increases ease with deployment and solving issues in customers environment. Flexible pricing model.
What do you dislike about the product?
Detailed technical report is something that few customers find it difficult to read and analyze.
What problems is the product solving and how is that benefiting you?
Picus is helping organization for getting better visibility into their security controls and strengthen detection analytics with the help of BAS. It's APV module helps to identify internal security gaps in Active Directory. It helps identify what vulnerability of an attack surface can be exploited and need to be patched first. With the help to SCV and ASV module this visibility can be gained.

    İhsan A.

A Game-Changer for Proactive Cyber Defense

  • July 28, 2025
  • Review provided by G2

What do you like best about the product?
Continuous, Automated Validation of Security Controls: Move beyond periodic snapshots to real-time, ongoing defense testing.

Actionable Remediation Guidance: Get precise, practical advice on how to fix identified security gaps.

Extensive & Up-to-Date Threat Library: Simulate the latest real-world attacks, aligned with MITRE ATT&CK.

Validate Security ROI: Prove the effectiveness of your existing security investments with concrete data.

Boost Team Efficiency: Automate testing to free up your security team for more strategic tasks.
What do you dislike about the product?
I believe licensing can be more flexible.
What problems is the product solving and how is that benefiting you?
Picus Security tackles key cybersecurity challenges by continuously and automatically testing for unknown security gaps and remediating them. It simplifies prioritization for security teams, demonstrates the true effectiveness of security investments, and automates manual testing processes to save time. This makes organizations significantly more resilient against cyberattacks.

    Evren K.

Enabling Our Clients to Validate and Maximize Their Security Stack with Picus

  • July 28, 2025
  • Review provided by G2

What do you like best about the product?
What we value most about Picus Security is its ability to continuously validate security controls with real-world threat simulations aligned to the MITRE ATT&CK framework. Picus is highly integrable, easy to deploy, and incredibly effective in demonstrating tangible risk reduction. The platform enhances our joint value proposition by enabling us to help clients measure, improve, and prove the effectiveness of their existing security investments. Their team is also very collaborative and responsive, making co-selling and joint implementations smooth and impactful.
What do you dislike about the product?
Picus offers a robust and comprehensive platform, some of our clients have expressed a desire for more flexible and customizable reporting options, especially for executive-level dashboards.
What problems is the product solving and how is that benefiting you?
Picus is helping us and our clients address the critical challenge of validating whether existing security controls are truly effective against real-world threats. Many organizations struggle to measure their security posture beyond theoretical configurations or compliance checklists. Picus enables continuous, automated validation across multiple vectors — reducing uncertainty, accelerating threat readiness, and improving detection engineering. As a partner, it enhances our service offerings, shortens assessment cycles, and helps us deliver measurable, actionable insights to clients.

    Umur D.

Picus Security provides a safe and guiding working experience to its customers

  • July 28, 2025
  • Review provided by G2

What do you like best about the product?
Encouraged me to find all the missing points on my applications and how to deal with them
What do you dislike about the product?
I am pleased to use Picus Security. Because Picus Security has many solutions for my application
What problems is the product solving and how is that benefiting you?
Encouraged me to find all the missing points on my applications and how to deal with them. Its related with msiing points on cyber security and network

showing 161 - 170