Wiz Runtime Sensor

What do you like best about the product?

What I like best about Wiz is its clear visibility across our entire cloud environment without requiring agents. The platform maps risks end-to-end — from infrastructure misconfigurations to vulnerabilities, secrets, and compliance gaps — in a single dashboard.

For SecOps, it’s extremely valuable that Wiz prioritizes issues by context (e.g., exposed to the internet, contains sensitive data, exploitable path), so we don’t waste time chasing noise. Integrations with existing workflows (SIEM, ticketing, etc.) make it easy to operationalize findings.

From an admin perspective, the ease of deployment and scalability stand out. It’s quick to onboard new accounts, and visibility is almost immediate, which is rare in this space.

What do you dislike about the product?

What I dislike about Wiz is that the platform is not yet truly unified in management. With the number of products and capabilities they’ve added, it feels like they could be consolidated better — today it’s more like managing three different consoles instead of a single pane of glass.

The DSPM (Data Security Posture Management) capabilities are promising but still relatively immature compared to Wiz’s core strengths. Coverage is not as deep as I’d like, and it still needs more development to give us the same confidence we have with vulnerability and misconfiguration findings.

In addition, the volume of findings can be overwhelming, especially early on, and it requires tuning and integrations to avoid alert fatigue. Wiz is improving here, but out-of-the-box prioritization can still surface too much noise for smaller teams.

What problems is the product solving and how is that benefiting you?

Wiz helps us address several critical areas in cloud security, including monitoring and analytics, detection and response, compliance, vulnerability management, exposure management, and DSPM. Providing agentless visibility across our cloud environment eliminates blind spots and gives our SecOps team clear insight into risks and misconfigurations.
Its cloud detection and response features stand out because alerts are contextualized, allowing us to focus on real threats instead of noise.
Continuous compliance checks against industry frameworks save significant time during audits, while vulnerability scanning and exposure management prioritize issues based on exploitability and exposure paths, so we can remediate what truly matters first.
The DSPM capabilities are still maturing, but already help us locate sensitive data and highlight where it may be at risk, and help us to map most of our data.

Benefits to Us:

Time savings—Instead of manually correlating risks, Wiz shows the attack path in context, which accelerates the response.
Risk reduction – Prioritized findings ensure our limited SecOps resources focus on the most dangerous issues first.
Audit readiness – Compliance reporting is much faster and less painful.
Operational efficiency – With Wiz’s agentless deployment, onboarding new cloud accounts takes minutes, not days.

What do you like best about the product?

Immediately gained actionable insight into our cloud security posture which was previously considered a 'security black hole'.

The onboarding process was a breeze and the team we are working with know their stuff!

It's very intuitive, even for someone with no prior devsecops experience.

What do you dislike about the product?

Not an issue with Wiz itself but we are still working on buy-in and utilization from all our devs on the Wiz Code component.

What problems is the product solving and how is that benefiting you?

Lack of visibility into cloud security posture. No dedicated DevSecOps staff.

What do you like best about the product?

Wiz provides comprehensive visibility across AWS without agents (so really easy to get started). The security graph highlights risks by factoring in exposure, lateral movement, known vulnerabilities, so only the most relevant issues surface. This reduces false positives and alert fatigue compared to for example AWS native Security Hub. Dashboards, root cause analysis, and Terraform fix snippets make it engineer-friendly and actionable, not just a compliance tool.

What do you dislike about the product?

The platform can feel overwhelming at first due to the breadth of features and data. Role-based access and project scoping require careful setup to avoid visibility gaps.

What problems is the product solving and how is that benefiting you?

Wiz solves the lack of visibility across a complex AWS environment. It consolidates security findings, eliminates noise from false positives, and prioritizes risks based on exposure and business impact. This reduces alert fatigue, accelerates remediation, and frees engineers from manual triage. Also supports compliance audits (useful if you have yearly audits), and enables proactive risk reduction.

What do you like best about the product?

Security starts with visibility, in WIZ we have the complete inventory, starting from the cloud layer up to the application deployed on workloads, including data and identity. Posture and behavior rules are based on this solid basement.

What do you dislike about the product?

The product is constantly evolving, pretty hard to follow and some changes are a bit not expected.

What problems is the product solving and how is that benefiting you?

We have a single window that is enough for solving 85%+ of questions for a multi-cloud enterprise environment. There is a solution for each stage from code to cloud, and everything is visible in a single console.

What do you like best about the product?

Visibility and Team Ownership: Setting up projects and dashboards has helped our teams take ownership of their areas of the organization.

Risk Prioritization: We know exactly what to work on because Wiz helps identify assets with external exposure, vulnerabilities, data findings, misconfigurations, etc.

Solve issues, not just identify them: This is where I think Wiz has the secret sauce so to speak. Not only can it identify issues in your environment, but generating code fixes or steps how to remediate an issue makes it much easier for development teams to solve.

Setup: Integrations are seamless, easy to implement and work right away.

Dashboard: Allows you to quickly check each day the status of your environment and what needs to be tackled next.

Support Team: Support is fast and has a ton of helpful documents to assist you in the need arises.

What do you dislike about the product?

Custom Dashboards: The board views right now are limited to some predefined queries. While very good and useful. I would like to see this expanded in the future to allow more customizations.

Some of the views and issues do require some time in seat being in the application. If you want your dev team to be in the console, you will need to provide some training or use the integrations to send the information to them elsewhere.

What problems is the product solving and how is that benefiting you?

Lack of Visibility and Context: It can be hard to know exactly what is going on in your cloud environments and that's where Wiz has shined for us. Integrating from our code repository to our cloud service provides us with a really cool security graph that shows potential attack paths. The context of not only a vulnerability or exploit in your environment, but seeing how it impacts your organization is huge.

Overwhelming Security Alerts and "Alert Fatigue": While Wiz doesn't completely remove false positives, my team knows when alerts come in, it means action is needed.

Slow Remediation and Collaboration Issues: Remediation steps provided directly to the engineering teams shortens investigation time and allows our team to actually resolve issues rather than Jira tickets sitting in a backlog.

Vulnerability Management: Connecting to our code repository we can instantly create PRs to update packages in our repositories.