The Picus Security Validation Platform
Picus SecurityReviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
218 reviews
from
and
External reviews are not included in the AWS star rating for the product.
My feedback on Picus
What do you like best about the product?
1.They are very good at providing instant support.
2.All team members are qualified and capable
3.They take feature requests seriously and are open to continuous improvement
2.All team members are qualified and capable
3.They take feature requests seriously and are open to continuous improvement
What do you dislike about the product?
There’s nothing negative to report, and their support is outstanding.
What problems is the product solving and how is that benefiting you?
Because Picus is an attack simulation tool, they have expertise in both application-level details and vendor solutions, so we’re able to receive support on a wide range of topics.
Vendor Specific Mitigations for Simulated Threats
What do you like best about the product?
I like the ease of deployment, the integrations and/ or implementation are easy, and the vendor-specific mitigations that it provides are great. I have frequently used the tool and done POCs for various customers, and in case I get stuck, the Customer support is impeccable.
What do you dislike about the product?
I have only worked on the SCV and APV modules, and they are truly great. Other modules I have not worked on so I may not be able to identify the dislikes
What problems is the product solving and how is that benefiting you?
Most of my customers depended on Red and Blue teamers for assessing the gaps, and it was also a manual process that took a long time and yielded low results.
I love the automation that Picus BAS provides and the continuous simulation process, where the in-house engineers can do the simulation and also learn at the same time.
I love the automation that Picus BAS provides and the continuous simulation process, where the in-house engineers can do the simulation and also learn at the same time.
Door Opener to Great Conversations
What do you like best about the product?
Value from the solution can be seen in couple of hours.
Vendor specific mitigation is pinpoint and useful.
Good price point.
Support is fast.
Vendor specific mitigation is pinpoint and useful.
Good price point.
Support is fast.
What do you dislike about the product?
Nothing yet, they are developing/fixing quite fast if there are any gaps.
What problems is the product solving and how is that benefiting you?
Fixing gaps in security controls on a daily basis.
Picus Security
What do you like best about the product?
With its continuous security validation through real-world attack simulations, Picus empowers security teams to identify and close gaps before adversaries can exploit them.
Its deep integration with the MITRE ATT&CK framework provides unmatched visibility into which tactics and techniques your defenses can or cannot detect — turning abstract threats into actionable insights.
Unlike many other platforms, Picus doesn’t just point out weaknesses — it goes further by offering remediation guidance and even ready-to-deploy detection content for SIEM, EDR, and firewall systems.
For SOC teams, this means faster time-to-response, improved detection engineering, and a measurable way to prove security efficacy.
Picus isn’t just a validation tool — it’s a strategic enabler for building resilient, threat-aware defense systems. Highly recommended for any organization that takes cyber readiness seriously.
Its deep integration with the MITRE ATT&CK framework provides unmatched visibility into which tactics and techniques your defenses can or cannot detect — turning abstract threats into actionable insights.
Unlike many other platforms, Picus doesn’t just point out weaknesses — it goes further by offering remediation guidance and even ready-to-deploy detection content for SIEM, EDR, and firewall systems.
For SOC teams, this means faster time-to-response, improved detection engineering, and a measurable way to prove security efficacy.
Picus isn’t just a validation tool — it’s a strategic enabler for building resilient, threat-aware defense systems. Highly recommended for any organization that takes cyber readiness seriously.
What do you dislike about the product?
While Picus Security is a powerful platform, there are a few considerations to keep in mind:
The licensing cost may be relatively high for small to mid-sized organizations.
As the number of integrated systems increases, the initial setup and configuration can become more complex and time-consuming — but it’s absolutely worth it.
That said, these limitations are generally manageable with proper planning and expert support.
The licensing cost may be relatively high for small to mid-sized organizations.
As the number of integrated systems increases, the initial setup and configuration can become more complex and time-consuming — but it’s absolutely worth it.
That said, these limitations are generally manageable with proper planning and expert support.
What problems is the product solving and how is that benefiting you?
One of the biggest challenges I faced was not knowing how effective our security controls really were — we had SIEM alerts, firewall rules, EDR agents in place, but no real way to validate if they would detect or block actual attacks.
Picus Security solved that problem.
By continously simulating real world threats, it helped me a lot by:
Idetifying gaps in our detection and prevention layers that I wasn't even aware of.
Gain quantifiable evidence of how secure/exposed actually we were.
Prioritize remediation efforts based on real attack techniques. No more dreaming and guessing, always head me to the right direction.
Fine tuning of SIEM rules and correlation logic with Pcius' ready to use detection content.
Justify security investments to leadership with concrete, visual results.
Long story short, Picus helped us turn our security posture from reactive to proactive.
Picus Security solved that problem.
By continously simulating real world threats, it helped me a lot by:
Idetifying gaps in our detection and prevention layers that I wasn't even aware of.
Gain quantifiable evidence of how secure/exposed actually we were.
Prioritize remediation efforts based on real attack techniques. No more dreaming and guessing, always head me to the right direction.
Fine tuning of SIEM rules and correlation logic with Pcius' ready to use detection content.
Justify security investments to leadership with concrete, visual results.
Long story short, Picus helped us turn our security posture from reactive to proactive.
A Smart Way to Understand and Disrupt Attack Paths
What do you like best about the product?
What I love most about Picus Security is how effortlessly it brings real attack scenarios to life, turning complex threats into clear, actionable insights that help us feel more in control of our security daily. Their customer support is exceptional—always responsive, knowledgeable, and committed to helping us succeed.
What do you dislike about the product?
While Picus Security delivers great value overall, there are occasional areas, such as advanced configurations for specific scenarios, where we’d love to see even more flexibility. That said, the team is always receptive to feedback and continuously improves the platform.
What problems is the product solving and how is that benefiting you?
Picus Security helps us enhance and partially automate our penetration testing processes. Instead of relying solely on periodic manual tests, we now have continuous visibility into potential attack paths and control weaknesses. This not only saves time and resources but also helps us stay one step ahead by identifying risks before they can be exploited.
I am using it to validate our security posture.
What do you like best about the product?
What I like best about Picus Security is its ability to simulate real-world cyber threats in a controlled environment, helping us identify and remediate security gaps proactively. The platform is intuitive and provides clear, actionable insights rather than just raw data. Its Attack Simulation and Security Validation capabilities allow us to continuously test the effectiveness of our existing security controls. Picus also keeps pace with the latest threat intelligence, ensuring our defense posture remains relevant. The integrations with SIEM, EDR, and firewalls are seamless and enhance our overall visibility. The reporting features are clear, executive-friendly, and technically detailed. It helps bridge the gap between red and blue teams. Overall, Picus gives us confidence in our security readiness through continuous validation.
What do you dislike about the product?
One area for improvement in Picus Security is the customization flexibility for certain simulations—some advanced users may find it limiting. The initial setup and integration with complex environments can take time and may require support.
What problems is the product solving and how is that benefiting you?
Picus Security helps us continuously validate the effectiveness of our security controls by simulating real-world cyberattacks. This proactive approach closes visibility gaps and ensures that our defensive tools like firewalls, EDRs, and SIEMs are functioning as expected. It also reduces our response time by identifying misconfigurations or underperforming rules before an actual attack occurs. By automating these tests, Picus saves our team valuable time and effort compared to manual red teaming. It provides measurable metrics for security posture, which supports compliance and reporting needs. Overall, it helps us move from reactive to proactive defense, increasing confidence in our cybersecurity readiness.
User friendly dashboard
What do you like best about the product?
Showing up vulnerabilities, simulating cyber attack
What do you dislike about the product?
It should contain and simulate more vulneratibilities.
What problems is the product solving and how is that benefiting you?
It's helping to prevent cyber attack happening.
Unmatched in breach and attack simulation
What do you like best about the product?
Picus offers a wide range of up-to-date attack scenarios, is easy to use, and integrates smoothly with our existing tools, saving us time and effort.
What do you dislike about the product?
Initial setup can require guidance, and the number of features may feel overwhelming at first, but the learning curve is manageable.
What problems is the product solving and how is that benefiting you?
Picus Security helps us identify gaps in our security controls by simulating real-world attacks, which we couldn't easily do before. It provides actionable insights and saves valuable time by automating validation tasks. Thanks to Picus, we can continuously measure and improve our security posture with confidence.
A powerful and intuitive platform for continuous security validation
What do you like best about the product?
Picus Security provides an easy-to-use and highly effective platform for simulating real-world cyberattacks in a safe environment.The report feature is very good. As a consultant, it has helped me demonstrate value to clients by improving their security posture proactively.
What do you dislike about the product?
While the platform is feature-rich and reliable, I believe the dashboard could offer a bit more customization in visualizations for different user roles. Additionally, initial setup documentation can be slightly more detailed for complex enterprise environments.
What problems is the product solving and how is that benefiting you?
It helps to see vulnerabilty of our environment.
Reliable and Effective Security Control Validation Platform
What do you like best about the product?
What I like best about Picus Security is its ability to continuously validate security controls using real-world attack scenarios, which provides us with clear, actionable insights to strengthen our defenses. The platform is user-friendly, making it easy to set up and run simulations without requiring extensive tuning. Integration with existing security tools is straightforward, and the support team is highly responsive and knowledgeable, ensuring a smooth experience throughout. Picus helps us stay proactive in improving our security posture with minimal operational overhead.
What do you dislike about the product?
When performing web application attacks in SCV, additional network-level configurations are sometimes required, which can slow down initial setup and testing.
What problems is the product solving and how is that benefiting you?
Picus Security simplifies Red Team and Blue Team operations by automating attack simulations and continuously validating defenses, enabling both teams to work more efficiently and effectively.
showing 181 - 190