The Picus Security Validation Platform
Picus SecurityReviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
218 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Great Tool to Validate
What do you like best about the product?
Helps me monitor my security controls like FW, WAF, IPS, EDR. No intervention needed. all is fully automatic. And uniquely provide vendor based mitigations which makes life much easier.
What do you dislike about the product?
None. There is nothing I can complain about Picus.
What problems is the product solving and how is that benefiting you?
Picus lets me monitor the security gaps continuously and help me mitigate them quickly.
Streamlined Security Validation with Actionable Intelligence
What do you like best about the product?
Rather than relying solely on traditional monitoring tools, Picus provides meaningful metrics that reflect real-world attack scenarios. This approach gives our clients a much clearer picture of our actual defensive capabilities and helps us focus our efforts where they matter most.
What do you dislike about the product?
While Picus Security delivers strong core functionality, there are areas where the platform could better accommodate the unique needs of managed service providers. The current feature set is primarily designed for direct enterprise use, which sometimes requires us to develop workarounds or supplement with additional tools to fully meet our clients' diverse requirements and our operational workflows.
What problems is the product solving and how is that benefiting you?
Picus helps us mobilize our clients' internal teams for remediation efforts. Rather than delivering complex technical reports that sit on shelves, the platform's clear, actionable guidance enables us to work collaboratively with client teams to implement fixes.
Hands-On with Picus BAS: Turning Simulations into Real Resilience
What do you like best about the product?
I recently had the chance to use Picus’ BAS technology, and I was genuinely impressed. It continuously validates security controls with real-world attack simulations, helping organizations identify gaps, respond faster, and boost resilience.
It’s a smart, proactive way to make sure security investments truly deliver value — and I’m really glad I got to experience it firsthand.
It’s a smart, proactive way to make sure security investments truly deliver value — and I’m really glad I got to experience it firsthand.
What do you dislike about the product?
I don’t really have any negative points to mention — in fact, one of the most crucial strengths of Picus BAS is its constant threat scenario updates. This ensures simulations stay realistic and relevant, delivering resilience in a practical, ongoing way.
It also helps create true “muscle memory” for any SOC team, preparing them to detect and respond to real-world attacks with confidence.
It also helps create true “muscle memory” for any SOC team, preparing them to detect and respond to real-world attacks with confidence.
What problems is the product solving and how is that benefiting you?
BAS technology helps us truly practice Cyber Security, strengthening our resilience in a tangible way. It gives us transparency and visibility to focus on what matters most, allowing us to prioritize the right resources for greater efficiency and effectiveness in our defenses.
The best and efdective Solution.
What do you like best about the product?
The Solution is simple, using the TTPS of Mitre I can test my solutions, includ my Active Directory.
What do you dislike about the product?
We need more tests.. kind of API, external surface attack.
What problems is the product solving and how is that benefiting you?
FW DPI, edr behavioral analysis
Very useful
What do you like best about the product?
The quantity of test and visibility!!!!!
What do you dislike about the product?
Nothing! Visibility is always essential!
What problems is the product solving and how is that benefiting you?
The CTEM journey
An easy-to-use platform that delivers on its promises and always brings new innovations
What do you like best about the product?
It has an intuitive, easy-to-use platform and can enter productive environments in just a few days.
What do you dislike about the product?
The troubleshooting documentation needs to be improved a bit, as some errors don't go to the console and you need to see the log on the agent.
What problems is the product solving and how is that benefiting you?
Periodic assessments of environmental safety posture
Separating cyber wheat from chaff
What do you like best about the product?
Ability to quickly conduct very specific posture assessments while also having a programatic view of susceptibility to a variety of attacks
What do you dislike about the product?
Can be difficult to export information at times
What problems is the product solving and how is that benefiting you?
Prioritization of exposure and initial identification of remediation alternatives in the context of susceptibility
Amazing experience of Security
What do you like best about the product?
Picus Security provides a highly effective and user-friendly platform for continuously validating our security controls. The simulated attack scenarios are realistic and regularly updated, which helps us identify gaps before real threats exploit them. The reporting and remediation guidance are clear, actionable, and save a significant amount of time for our security team
What do you dislike about the product?
Overall, the platform works seamlessly. Occasionally, some advanced attack simulations require fine-tuning for specific environments, but the Picus support team is always quick and helpful in resolving these issues.
What problems is the product solving and how is that benefiting you?
Picus Security helps us continuously validate and improve the effectiveness of our security controls. By simulating real-world attack scenarios, it allows us to proactively identify vulnerabilities and close gaps before they can be exploited. This significantly enhances our security posture, reduces risk, and saves time by providing clear remediation guidance.
Picus Experience
What do you like best about the product?
I have been working with Picus for over 3.5 years, providing installation, troubleshooting, and support services through various consulting companies.
What started as a BAS (Breach and Attack Simulation) product has grown into a comprehensive security platform. The modules now meet the complex needs of large enterprises and help reduce a significant amount of operational workload.
In my field — endpoint security — the results from Picus simulations have been a great asset. They’ve given me valuable insights that directly improved the effectiveness of my mitigation work. With the CSV module, I’ve also seen how cloud environments can be built on a much stronger and more secure foundation.
One thing I really appreciate is how much Picus invests in their product. You can see they’re constantly improving it and adding capabilities that actually matter in day-to-day operations. Combined with their strong vendor support, easy-to-use interface, and smooth integration with other tools, Picus has become a solution you can rely on long term — not just for testing, but for improving security in a practical way.
What started as a BAS (Breach and Attack Simulation) product has grown into a comprehensive security platform. The modules now meet the complex needs of large enterprises and help reduce a significant amount of operational workload.
In my field — endpoint security — the results from Picus simulations have been a great asset. They’ve given me valuable insights that directly improved the effectiveness of my mitigation work. With the CSV module, I’ve also seen how cloud environments can be built on a much stronger and more secure foundation.
One thing I really appreciate is how much Picus invests in their product. You can see they’re constantly improving it and adding capabilities that actually matter in day-to-day operations. Combined with their strong vendor support, easy-to-use interface, and smooth integration with other tools, Picus has become a solution you can rely on long term — not just for testing, but for improving security in a practical way.
What do you dislike about the product?
Picus does a good job of capturing raw logs, but identifying the specific control responsible often requires manual log inspection in Picus portal.There is still room for improvement on the reporting side, particularly in making the outputs more straightforward and actionable.
What problems is the product solving and how is that benefiting you?
Picus Security addresses the challenge of continuously validating and improving an organization’s security posture without adding significant operational overhead. By simulating real-world threats, it helps identify gaps in endpoint, network, and cloud defenses before attackers can exploit them.
Amazing simulation experience
What do you like best about the product?
Picus Security is best known for its continuous Breach and Attack Simulation (BAS), which lets you safely test your defenses against real-world threats mapped to MITRE ATT&CK.
It continuously validates security controls, identifies detection/prevention gaps, and provides actionable, vendor-specific mitigation guidance.
It integrates with SIEM, XDR, and EDR tools, helping SOC teams quickly improve defenses and demonstrate compliance with standards like NIST and ISO 27001.
It continuously validates security controls, identifies detection/prevention gaps, and provides actionable, vendor-specific mitigation guidance.
It integrates with SIEM, XDR, and EDR tools, helping SOC teams quickly improve defenses and demonstrate compliance with standards like NIST and ISO 27001.
What do you dislike about the product?
Great for proactive defense, but cost, tuning effort, and scenario limits can be sticking points — especially for teams with tight budgets or limited manpower.
What problems is the product solving and how is that benefiting you?
Unverified Security Posture Runs continuous Breach & Attack Simulations mapped to MITRE ATT&CK. Provides clear, evidence-based visibility into detection and prevention capabilities.
Gaps in Detection & Prevention Identifies exactly which attacks bypassed your controls. Enables quick remediation before an actual attacker exploits them.
Slow Response to Threat Changes Constantly updates attack scenarios to match the latest TTPs. Keeps defenses aligned with emerging threats without waiting for yearly tests.
Inefficient SOC Tuning Integrates with SIEM, XDR, EDR to correlate simulation results with actual alerts. Reduces alert fatigue, improves detection rules, and increases SOC efficiency.
Compliance Evidence Gaps Generates continuous validation reports. Supports frameworks like NIST, ISO 27001, PCI DSS with provable control testing data.
Gaps in Detection & Prevention Identifies exactly which attacks bypassed your controls. Enables quick remediation before an actual attacker exploits them.
Slow Response to Threat Changes Constantly updates attack scenarios to match the latest TTPs. Keeps defenses aligned with emerging threats without waiting for yearly tests.
Inefficient SOC Tuning Integrates with SIEM, XDR, EDR to correlate simulation results with actual alerts. Reduces alert fatigue, improves detection rules, and increases SOC efficiency.
Compliance Evidence Gaps Generates continuous validation reports. Supports frameworks like NIST, ISO 27001, PCI DSS with provable control testing data.
showing 61 - 70