Sold by: Dazz
The Dazz Unified Remediation Platform is a SaaS platform that accelerates remediation and risk reduction for security and development teams. Dazz automates the manual, time-consuming remediation process, allowing organizations to quickly uncover blind spots, shrink vulnerability backlog into root causes, and streamline fixes in existing customer workflows.
4.3
Overview
The Dazz Unified Remediation Platform gives security and development teams one remediation solution for everything developed and run in code, clouds, applications, and infrastructure. The Dazz Unified Remediation Platform aggregates data from a plethora of detection technologies, correlates and prioritizes related issues, traces back to root causes, and delivers a contextual remediation plan in order to measurably reduce exposure.
For more information visit: https://www.dazz.io/ . For custom pricing, EULA, or a private contract, please contact AWS-Marketplace@dazz.io , for a private offer.
Highlights
- Prioritize Risk - Dazz unifies and contextualizes all security findings with exposure analysis, exploitability, business impact, and root causes. The result is that customers know the few issues to fix first out of thousands of security findings.
- Reduce Remediation Time - Dazz helps customers remediate faster by automatically identifying root causes, correlating many alerts into one single fix, and generating actionable remediation guidance with generative AI. Engineers, infrastructure, and IT teams that leverage Dazz gain complete context on what needs to be fixed, the impact of any issue, and how best to fix it.
- Secure CI/CD Pipelines - By connecting to your development platforms and security tooling, Dazz helps strengthen the CI/CD by identifying security coverage gaps, authentication and access issues, misconfigurations, and exposure issues.
Details
Sold by
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Dazz Platform - 1000 | Dazz platform for environments with up to 1000 cloud resources | $400,000.00 |
Vendor refund policy
All fees are non-cancellable and non-refundable except as required by law.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Email support is offered Monday - Friday during normal business hours (EST) support@dazz.io
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Rapid7
By Orca Security CNAPP
Top
100
In Infrastructure as Code
Top
10
In Vulnerability and Patch Management, Data Governance
Top
10
In Monitoring, Application Development
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Multi-Source Security Data Aggregation
Aggregates data from multiple detection technologies and correlates related issues to provide unified visibility across code, clouds, applications, and infrastructure
Root Cause Analysis and Tracing
Traces security findings back to root causes and correlates multiple alerts into single actionable issues for streamlined remediation
Risk Prioritization and Contextualization
Prioritizes security findings using exposure analysis, exploitability assessment, and business impact evaluation to identify critical issues requiring immediate attention
Generative AI-Powered Remediation Guidance
Generates contextual remediation plans and actionable guidance using generative AI to accelerate the remediation process
CI/CD Pipeline Security Integration
Integrates with development platforms and security tooling to identify security coverage gaps, authentication issues, misconfigurations, and exposure vulnerabilities within CI/CD pipelines
Attack Surface Management
Aggregates comprehensive attack surface visibility across hybrid environments with external attack surface scans to provide 360-degree view of entire attack surface
Vulnerability Management
Delivers complete visibility across on-premise and remote endpoints to identify, communicate, and remediate vulnerabilities, misconfigurations, and risks
Cloud Security
Provides code-to-cloud protection for cloud-native applications with seamless CI/CD pipeline integration and agentless risk assessment based on reachability, exploitability, and potential impact
Next-Generation SIEM and XDR
Delivers accelerated detection and response with SaaS deployment, intuitive interface, out-of-the-box detections informed by MDR SOC, and built-in automation capabilities
Threat Intelligence
Delivers high-fidelity actionable threat intelligence infused with proprietary threat and vulnerability research from Rapid7 Labs and community-driven tools
Agentless Cloud Security Architecture
Agentless-first approach using patented SideScanning technology that provides deep visibility into cloud environments without requiring agent deployment
Risk Prioritization and Attack Path Analysis
Granular risk scoring applied to each alert with capability to identify and correlate seemingly unrelated issues into dangerous attack paths
Unified Cloud Security Platform
Single platform consolidating multiple security functions including CSPM, CWPP, CIEM, DSPM, Container security, and API security
CI/CD Integration for Application Security
Seamless integration into CI/CD process to secure applications from code to cloud deployment
AI-Powered Investigation and Remediation
Generative AI capabilities for simplified security investigations and accelerated remediation workflows
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
No security profile
No security profile
-
-
-
-
-
Standard contract
No
No
No
Customer reviews
reviewer2846637
Cloud insights and AI have streamlined how I identify and verify daily vulnerabilities
Reviewed on May 30, 2026
Review from a verified AWS customer
What is our primary use case?
My main use case for Wiz Code is for vulnerabilities. I receive a specific vulnerability from some assets, and I analyze and try to verify if they are positives or false positives. In general, all of my work regarding Wiz Code involves vulnerabilities.
What is most valuable?
Wiz Code's cloud part is good; I am able to see the IDs, the assets, and the information, which in general makes it easier to find where the vulnerability is. The organization of the data helps me find where the vulnerability is; I don't really use the dashboard much.
The AI feature is the other part that I like most with Wiz Code; it helps a lot and makes it easier to search for something. For example, if I need to do some query to look up a specific vulnerability or assets, it is easier.
Wiz Code has positively impacted my organization because it is better on a daily basis. We receive new cases, and it is easy to analyze and take care of them. It made things easier in that we receive a specific vulnerability, and if I select that one, we are able to see everything regarding the vulnerability, the asset, and the owners, for example.
What needs improvement?
The dashboards can be better; we have dashboards, but they are really complex and have a lot of information.
For how long have I used the solution?
I have been working in my current field for almost three years.
What do I think about the stability of the solution?
Wiz Code is stable with no downtime or reliability issues.
What do I think about the scalability of the solution?
Wiz Code's scalability can handle growth or increased workload well.
How are customer service and support?
I have never reached out to Wiz Code's customer support, so I don't have experience with that.
Which solution did I use previously and why did I switch?
I did not previously use a different solution before Wiz Code.
What's my experience with pricing, setup cost, and licensing?
I don't have much experience with pricing, setup cost, and licensing because my company bought it, so I just use it for free.
Which other solutions did I evaluate?
I didn't evaluate other options before choosing Wiz Code.
What other advice do I have?
I think Wiz Code is pretty much better right now. I only use it for what is already specified. I don't know what advice I would give to others looking into using Wiz Code because I think we use it more for company work and I don't know how much I would use it privately since this is more a company tool. I would rate my overall experience with Wiz Code as a nine out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Jaiashish K
Improved vulnerability management has reduced costs and provides accurate risk visibility
Reviewed on May 30, 2026
Review from a verified AWS customer
What is our primary use case?
Wiz Code is used for vulnerability management by scheduling a scan for the entire infrastructure, then exporting the report and sharing it with the remediation team. Sometimes, zero-day vulnerabilities are discovered, and remediation steps are checked to see if they have been released. The scan status for scheduled or on-demand scans is monitored, and once a scan is complete, verification is performed to ensure correct data is being retrieved. The main use case for Wiz Code is vulnerability management for infrastructure.
What is most valuable?
Wiz Code offers minimum false positive vulnerabilities, which is the best feature and meets expectations for the tool. Another valuable feature is remediation, where remediation steps are provided and remediation status can be tracked.
The remediation tracking helps the workflow by making it faster to track and making remediation easier. For example, one report is created for everything, and then the steps for remediation are provided.
What needs improvement?
Scanning in Wiz Code takes a lot of time. When running 50, 100, or 1,000 assets at one time, it takes nine or ten hours, and the reason is unclear. If the scanning time could be improved, it would be helpful.
Slowness is sometimes experienced when accessing Wiz Code, which is on the cloud. Connection timeout errors occur sometimes, and sometimes it is not available, so that needs to be resolved. Feature-wise, compared to zero-day vulnerability remediation steps, remediation steps are received faster on Qualys and Tenable. In Wiz Code, it takes five, six, or seven days, and zero-day vulnerability remediation steps are not provided that quickly.
For how long have I used the solution?
Wiz Code has been used for the last two years.
What do I think about the stability of the solution?
Wiz Code is stable now.
What do I think about the scalability of the solution?
Wiz Code's scalability is good now.
How are customer service and support?
Timely responses from customer support for Wiz Code are not being received. Service requests are raised, but proper responses are not provided. It takes 24 to 48 hours to get a response, even after asking for updates multiple times, so customer support needs to be improved.
Which solution did I use previously and why did I switch?
Tenable was used previously, and the management decided to switch to Wiz Code because it was costly. The decision was made to go with Wiz Code as a more affordable alternative.
What was our ROI?
A return on investment has been seen with Wiz Code, as it is money-saving. Management provided the update that it is money-saving.
Which other solutions did I evaluate?
Before choosing Wiz Code, Tenable Security Center was evaluated, and the decision was made to go with Wiz Code.
What other advice do I have?
Wiz Code's implementation positively impacted the organization, and the decision to go with it was made because of the billing. Feature-wise, it is not much different, but the billing is impacting. Tenable and Qualys are more costly compared to Wiz Code, which is why the organization decided to go with Wiz Code.
Wiz Code has a feature for the dashboard, and dashboards are created to give the status for business metrics. These metrics include what the critical assets are, how many worldwide spread vulnerabilities there are, how many assets per location, what the remediation is, how old the vulnerabilities are, and how many are end of life. The dashboard is very easy to create and creates a business metrics overview for everyone to see what the risk is in the organization. The metrics feature is very good.
Wiz Code's governance and security regarding AI capabilities are pretty good, and there is no issue with that.
The accuracy of Wiz Code is understood to be up to 95% or 96%.
If you are mostly on the cloud, Wiz Code is recommended. If you are mostly on-premises, it is not recommended.
This review receives a rating of 8.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Santhoshgullapudi Santos
Automated cloud scans have improved threat detection and streamline forensic investigations
Reviewed on May 28, 2026
Review from a verified AWS customer
What is our primary use case?
My main use case for Wiz Code is to detect vulnerabilities, findings, and issues in our cloud environment. It detects our AWS account, Azure , and GCP as well, scanning all our cloud accounts and detecting misconfigurations. Based on severity—high, low, medium—we find those issues and solve them accordingly, identifying the root cause of those things.
In our cloud environment, we have detected issues with ECS services, where our main part is to develop code and policies. One thing we noticed in the ECS service was that a role had high permissions, meaning it had more than necessary access. We solved that issue by remediating it and sharing our information with the cloud team.
As part of these past six months, I have concentrated on my contribution to the team, focusing on Wiz Code policies and concurrently working on the forensics feature in Wiz Code. For the forensics feature, we create a cross-account IAM role. If we have 100 AWS accounts, there are many issues found at the snapshot level and in EC2 instances. Wiz Code has a feature called Wiz forensics, which copies the EC2 volumes from the source account to the forensic account, allowing us to investigate all the findings. To do this, we need to create a cross-account IAM role and think about following the least privilege policy. Recently, I worked on the Wiz Code forensics feature.
What is most valuable?
Wiz Code offers many benefits. It is a cloud security tool that is essential nowadays, helping significantly in my day-to-day activities. It detects misconfigurations and shows them in the Wiz Code UI, and it also provides features such as dashboards and widgets, allowing us to create customized dashboards for our requirements and set alerts as needed.
I have customized the dashboards. Recently, I'm doing some research and development on Wiz Code dashboards and reviewing videos on creating them.
Wiz Code has made things easier because whenever we write any cloud configuration rule, it detects issues across all AWS accounts. For example, if an employee creates an S3 bucket in public mode when it should be private, Wiz Code has a feature called Cloud Matcher in a cloud configuration rule that catches this misconfiguration. It provides details such as the account name, the S3 bucket name, when the issue was issued, and the IAM user involved, all of which are shown in the Wiz Code UI under the issues section.
Using Wiz Code has led to significant measurable improvements for our organization. For example, the graph controls feature allows us to create a security query that detects misconfigurations and indicates the stage at which issues occur. This feature shows everything end-to-end in a security graph, identifying what is affected and the root cause of the issue.
What needs improvement?
Wiz Code has many features, and I think they could continue to enhance customization according to our requirements.
For how long have I used the solution?
I have been using Wiz Code for the past six to eight months.
What do I think about the stability of the solution?
Wiz Code is stable, and we can customize it according to our requirements.
What do I think about the scalability of the solution?
For scalability, we can adapt Wiz Code based on our specific needs.
How are customer service and support?
The customer support is good. Whenever we encounter any blockers or require information or permission issues in Wiz Code, they promptly address our tickets.
Which solution did I use previously and why did I switch?
I did not use any other solution before Wiz Code. Previously, I was involved in another project that was a DevOps project.
How was the initial setup?
I have used the AWS cloud provider with cloud connectors to connect our cloud with Wiz Code. Specific roles and permissions are needed to deploy the Wiz Code scanner role, and these roles are created in both our environment and the Wiz Code AWS account for integration.
What about the implementation team?
There is a business relationship with the vendor, as there is a bond from our organization according to information I heard from my teammates.
What was our ROI?
Using Wiz Code has been a worthy investment. Manually checking all 100 AWS accounts for issues would take an immense amount of time, but Wiz Code allows us to scan all accounts within minutes and continuously monitors our cloud environment every 24 hours, displaying any changes in the Wiz Code UI under the issues and threats section.
What's my experience with pricing, setup cost, and licensing?
I don't have any idea about the licensing and pricing specifics as I believe that is handled in the backend, but I suspect that acquiring a Wiz Code tenant subscription involves significant cost.
Which other solutions did I evaluate?
I did not evaluate other options before choosing Wiz Code, as I was switching to another project that used Wiz Code. I wanted to explore learning new skills in this field.
What other advice do I have?
There is a business relationship with the vendor, as there is a bond from our organization according to information I heard from my teammates.
Wiz Code significantly aids in my day-to-day activities. I would rate this product eight out of ten, and I don't have any further additional thoughts on this session.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Mihajlo Jankovic
Improved vulnerability visibility has reduced critical risks and maintains healthier app security
Reviewed on May 27, 2026
Review from a verified AWS customer
What is our primary use case?
My main use case for Wiz Code is for application security, to scan vulnerabilities and prioritize the vulnerabilities based on results.
When a new vulnerability is published, I review the findings from Wiz Code and see if we are exposed with our versions we are using, and if we need to upgrade, what version, and what priority it needs to be based on the risk there.
What is most valuable?
The best features Wiz Code offers are the threat vulnerability picture and view by repository.
I value the vulnerability picture and the repository view because they help me to see all the vulnerabilities we have and to prioritize them.
Wiz Code has positively impacted our organization as it helped us to maintain a healthy application security side of the company and to remediate our vulnerabilities. Since using Wiz Code, we have reduced the number of our vulnerabilities by 50%, criticals by 90%, so we are very satisfied with it.
What needs improvement?
Wiz Code could be improved by showing us the dependencies that are affecting us; if we are upgrading one dependency, it would be helpful to know if down the road that's going to cause any problems with other dependencies.
For how long have I used the solution?
I have been using Wiz Code for more than six months.
How are customer service and support?
5
What other advice do I have?
Regarding Wiz Code's AI capabilities, I think its governance and security are very good; we are satisfied with the green and red events.
I think the accuracy and reliability of output from Wiz Code is approximately 95% accurate. I would rate this review a 9.
reviewer2244411
Unified security platform has reduced triage time and gives real-time visibility into code risks
Reviewed on May 21, 2026
Review from a verified AWS customer
What is our primary use case?
Wiz Code is designed for scanning code repositories for vulnerabilities, whether through static scans, dynamic security scans, or by identifying vulnerabilities in third-party libraries. Overall, it's a complete package that can help scan code repositories and code bases while flagging findings that are not beneficial for organizations.
We have integrated Wiz Code with our GitHub repositories and have been tracking the findings. With real-time code tracking, developers and security engineers from our team are able to see findings and misconfigurations within the code in real-time, and they can reach out to specific developers for remediation of those findings.
Automated code reviews are something we have in process. We have developed a CI/CD pipeline automation that can be integrated with the code repository and utilize Wiz Code for this purpose, so that pull requests can be triggered to lead to automatic remediation. However, this is specific to organizational needs. Some teams do require prior review before implementing any changes, whether minor or major, and they do require proper peer review for those pull requests. As far as automations are concerned, we have tested this within our environment, but it is specific to developer and team needs.
What is most valuable?
Wiz Code is itself a feature. Apart from Wiz , these are the specific features that Wiz Code has introduced. Earlier it was a single bundle package, but once Wiz was acquired by Google, they have separate SKUs, and Wiz Code is one of them. The feature itself is for code repositories.
As far as innovations are concerned, getting security on a single platform with respect to all findings, whether static findings, dynamic findings, secrets findings, or third-party library dependency findings, helps at a broader level when it comes to innovation. As a developer, I do not need to use different tools. Earlier in a traditional method, I used to rely on different tools for third-party library dependency findings, static findings, and dynamic findings. Wiz Code is a platform that serves most of these features as a single entity, which has definitely reduced the time for triaging the security aspects of vulnerabilities and helps in overall innovation for the team.
What needs improvement?
Every tool has some sort of improvement required. No tool can be said to be one hundred percent secure, so there's always a scope for improvement. When it comes to Wiz Code, how they are ingesting the metadata with respect to the integrated platform is something they can improve upon. In fact, they have already started working on this and are continuously improving those data ingestion parts with the integrated platform, whether GitHub , Bitbucket , or GitLab . Whatever information the platform is ingesting can be further used for automation as well. If I want to create some sort of policy by ingesting those data, I can do that. However, that requires visibility to the API that can support these integrations. In summary, there is a good scope for improvement for this platform.
Metadata ingestion and probably the integration of Wiz Code platform is something which is missing. They are already working on that. With the advancement of GenAI and AI, most vendors are in the AI race, and they want to make sure they are supportable for other platforms that are currently used in vibe coding. This is something I think Wiz Code can work on, making those integrations accessible for vendors available in the market.
For how long have I used the solution?
I have been working with Wiz Code for approximately one year.
How are customer service and support?
I haven't used much technical support specific to Wiz Code, but overall, as far as technical support and customer success interaction are concerned, I would say it is good. I do not have a very bad experience with those folks.
How was the initial setup?
The initial setup for Wiz Code is most straightforward.
What's my experience with pricing, setup cost, and licensing?
The topic of their pricing is confidential, which I'm not authorized to share. However, it is a bit expensive, but that depends on how broad your organization is and what your use case is. If you are a small scale enterprise organization, you probably would not pay such a hefty amount of money to protect your organization. However, if you're a big organization, if the organization is a large-scale enterprise organization and it's a reputable organization, then probably if you get most of the things in a single platform, then you do some trade-offs. In summary, it depends on where or what organization you're from and what your use case is.
What other advice do I have?
I'm working with Wiz Code as well, but I just wanted to understand why you are asking these specific questions. Do you want a review on a certain product?
There are some Check Point products still used in my company, but that would be specific.
I would rate this review at eight point five out of ten.