Sign in
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

Reviews from AWS customer

2 AWS reviews
  • 5 star
    0
  • 2
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

714 reviews
from and

External reviews are not included in the AWS star rating for the product.


    Andrew B.

The Best Cloud Security Platform

  • July 04, 2024
  • Review provided by G2

What do you like best about the product?
Very easy to use user-interface
Easy to get access to customer support
The constant release of new features to add to an already broad feature set
The attack path mapping creates a contextual view beyond that of cloud native security services such as AWS Inspector/Security hub.
What do you dislike about the product?
Due to the scope of the product offering, the users of Wiz and Administrators, developers or SOC analysts, need to have a clear understanding of cloud service providers to make maximum use of it.
What problems is the product solving and how is that benefiting you?
Understanding cloud misconfigurations
Assisting us in cloud vulnerability management
Demonstrating compliance to CIS/PCI DSS to our regulators


    Computer Software

Wiz helped us solve multiple challenges and has identified multiple ongoing risks in our cloud

  • July 04, 2024
  • Review provided by G2

What do you like best about the product?
Ability to detect vulnerabilities without network scanning. How it portrays our cloud network environment and shows the exposure points.
What do you dislike about the product?
I wish it did a better job at network threat detection. It mostly focuses on workload threat detection.
What problems is the product solving and how is that benefiting you?
Wiz helped us solve the problem of detecting vulnerabilities in a poorly architected cloud environment with overlapping subnets and inconsistent network reachability.


    David C.

The best cloud security tool so far

  • July 03, 2024
  • Review provided by G2

What do you like best about the product?
The comprehensive UI and extensive security features are really waht differentiates from other tools
What do you dislike about the product?
The Infrastructure as Code findings do not have a direct integration button with ITSM tools like Jira.
What problems is the product solving and how is that benefiting you?
Our exposure management in the cloud was not the best until we started using Wiz. It collects information about all the exposed assets and creates an attach path graph that details perfectly the possible impact of the exposure.


    Joseph R.

Wiz Review - Nearly 1 Year In

  • July 02, 2024
  • Review provided by G2

What do you like best about the product?
The data and presentation of it. This allows our team to enable the development and devops teams to follow along and move closer to self service with Security curating the path.
What do you dislike about the product?
The available auto-remediation list could be larger and it would be great if there was more on the prevention side (CDR), greater DSPM capability. We are looking at more told to go deeper here.
What problems is the product solving and how is that benefiting you?
More of a centralized security view related to the cloud. Enablement of cross team security efforts.


    JorgeLopez4

Helps us consolidate and manage information and risks, dividing them between VPCs and business units

  • June 13, 2024
  • Review from a verified AWS customer

What is our primary use case?

We use Wiz in our cloud security management by connecting it to our main cloud environment and other multi-cloud solutions. It helps us consolidate and manage information and risks, dividing them between VPCs and business units. Wiz keeps all information up-to-date and helps us identify any toxic connections within our cloud implementations.

What is most valuable?

The most valuable feature of Wiz is that it keeps information up to date without needing to perform scans or schedule maintenance windows. It provides a fresh snapshot of our vulnerability metrics. It also helps us make decisions on improvements, maintenance, or updates for our systems. Regarding compliance and governance, Wiz streamlines our vulnerability management to meet specific needs effectively.

What needs improvement?

The reporting should be improved because until a few months ago, the reports were only in CSV format, which made it difficult to clean up. Wiz tried to improve the reporting process, but it's not as valuable as Tenable.

For how long have I used the solution?

I have experience of using Wiz for more than a year.

What do I think about the scalability of the solution?

Wiz was quite scalable and easy to manage initially. However, as the solution became more costly with our growth, it posed some challenges. We had to work on managing costs and scaling according to our needs, which required some effort, but we were able to find a balance in terms of pricing and performance.

How are customer service and support?

It is difficult to get in touch with them initially. We had to get in touch every for our queries related to AWS and GCP marketplaces. However, once you need to discuss numbers, they are very responsive. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I have worked with Tenable and Qualys. Wiz stands out in deployment ease and resource consumption compared to Qualys or Tenable. Its simplified processes and snapshot features make it a preferred choice.

How was the initial setup?

The initial setup was easy. We need to key details, therefore setting up Wiz very easily. It’s easier than Tenable, which requires deploying infrastructure and handling the associated costs. Deploying Wiz took about one month due to our multi-cloud services, but the main cloud service took less than a week.

Wiz requires no maintenance since it is a SaaS, but if we need to deploy a new service or have any issues, the technical support is really helpful without additional costs. Once integrated, it is very easy to maintain.

What about the implementation team?

We took help from an external account manager and a technical account manager from Wiz. Our team consisted of three people: a DevOps engineer, a TechOps engineer, and the person responsible for the implementation.

What was our ROI?

Using Wiz has significantly reduced our costs compared to having three separate solutions. We estimate a cost reduction of around 35% to 50%, or even more, due to consolidating our security management into one platform. This operational impact has been one of the most significant benefits we've experienced with Wiz.

What's my experience with pricing, setup cost, and licensing?

Regarding pricing, it’s more than $100k because we have a very big infrastructure. Our environment supports around three thousand people, and we offer business-to-client financial services to around one million clients, so we rely heavily on Wiz.

What other advice do I have?


I'd recommend Wiz, especially if reporting improvements are made.  I rate Wiz an episode ght out of ten primarily due to reporting challenges.


    Donatas-Bukelis

An agentless cloud assets vulnerability scanner which akes snapshots and then scans

  • May 17, 2024
  • Review provided by PeerSpot

What is our primary use case?

Wiz is an agentless cloud assets vulnerability scanner. You don't need to install anything to use any of the machines. It takes snapshots and then scans it. It is interesting because all other scanners need to install some agent.

How has it helped my organization?

This solution is designed to be agentless. This approach saves bandwidth and other resources. Nobody needs to report anything or send packages to the backend. Everything operates as a SaaS solution. They perform snapshots and alerting, converting the data into metadata, which they then analyze and return. Thus, the SaaS solution handles the entire process without requiring additional effort from us.

What is most valuable?

Wiz is a very powerful and easy-to-use tool. It's highly customizable, allowing us to manage many custom features effectively.

What needs improvement?

You need to enter numbers manually. Now, everyone has to press to proceed. Wiz still requires managing all the numbers on the web page. Wiz could enhance API integration with ServiceNow and Jira. 

For how long have I used the solution?

I have been using Wiz for six months.

Which solution did I use previously and why did I switch?


How was the initial setup?

The initial setup is straightforward and takes two to three weeks to complete.

What's my experience with pricing, setup cost, and licensing?

Wiz is quite expensive. However, having a comprehensive view of your cloud environment is essential. On-premises systems are much easier to track, but managing numerous instances in the cloud requires enhanced visibility.

We are paying 250k per year.

For our business case, we needed Wiz to meet regulatory requirements and quickly identify public exposure vulnerabilities, such as publicly accessible instances or resources. This information immediately helps prevent vulnerabilities within your business environment, providing a cybersecurity advantage. While this doesn't translate to direct financial benefits, it helps prevent potential breaches and escalations, which is invaluable. Like other security tools, Wiz incurs a cost, but its value lies in enhanced security rather than financial gain.

What other advice do I have?

Wiz's scanning and detection capabilities can identify vulnerabilities potentially affecting the cloud or exposure. It's not solely focused on database issues. It performs various tasks effectively. The categorization is excellent, the dashboards are informative, and the reporting features are robust. Additionally, you can create highly customizable reports.

Everything works using a CI/CD pipeline, which is very good because every DevOps engineer can manage it by simply creating some code around the message request. Wiz works fine and is fully compliant with CI/CD. The workflow and the tasks align with industry standards.

We can configure any compliance framework for checking with Wiz. For example, you can select frameworks such as GDPR, AWS Fundamentals, and CI/CD. You can configure the tool based on the recommendations provided by these frameworks. If your company has specific requirements, like allowing an 8-character password while the state requires 12 characters, you can customize the settings accordingly. Wiz will then assess compliance based on these customized parameters, and if everything meets the set criteria, it will confirm that you are compliant.

You have everything in one dashboard. The dashboard and reports are quite literally perfect. Since everything is in one dashboard, you can customize the reports to show only the columns you want to see. For example, you can exclude low-risk items so you don't get notifications about low-risk issues that do not impact your compliance status.

Wiz has some AI features for consolidation, but it's not customizable. What VMware offers is similar, but there's not much to choose between. You either have a batch compliance agreement, or you don't. Wiz's framework complies with requirements, or it doesn't. It's a vulnerability management tool similar to Kangaroo but with better AI documentation features. You can ask questions about how to do something, and the AI will provide the relevant information. This feature is built into the system.

Overall, I rate the solution a ten out of ten.

Which deployment model are you using for this solution?

On-premises


    John C.

Best CSPM I’ve used plus much more

  • May 09, 2024
  • Review provided by G2

What do you like best about the product?
We looked at Wiz to replace our previous CSPM and it did a great job at that. However, we found that it's also awesome at dependency management and showing context around alerts.
What do you dislike about the product?
The automation capabilities aren't as strong as other competitors, and what was once a single-SKU, everything-you-need platform has become more fragmented as they acquire other companies and add features. I like the new features, but the pricing is becoming less friendly.
What problems is the product solving and how is that benefiting you?
Wiz takes care of pretty much our entire cloud security stack and DevSecOps efforts. We've licensed Wiz Code for CI/CD scans and will use their SAST product as soon as it launches.


    Financial Services

Great CSPM tool for getting an handle on cloud workloads

  • April 24, 2024
  • Review provided by G2

What do you like best about the product?
Graph search feature allows complex querying of cloud assets
What do you dislike about the product?
Support is a little slow
CI/CD Scans Vulnerabiity rankings do not align with findings within the system's "toxic combinations"
What problems is the product solving and how is that benefiting you?
Wiz is helping us to understand and monitor our cloud workloads.


    Real Estate

Great Insights, Prioritization, and Interface

  • April 15, 2024
  • Review provided by G2

What do you like best about the product?
Allows for quick aggregation for what is most important to address. Support is always helpful when needed, which is rare since most things tend to just work and you get notifications when something changes in your cloud environment.
What do you dislike about the product?
Nothing about the product to dislike. What it does it does well. My only critique would be good if the product could use IaaS logs to suggest security best practices that are notoriously hard to achieve, like setting up AWS Security Group rules for implementing microsegmentation.
What problems is the product solving and how is that benefiting you?
It allows us to ensure that we maintain our security posture despite having to move quickly and pivot whenever the business needs us to. Even if that means migrating to a different IaaS provider. Wiz detects problems and allows us to address them quickly. Plus the provided context and directions the Wiz interface provides to remediate issues are usually spot on.


    reviewer2272701

Provides simplicity, comprehensive findings, and impressive security graph

  • April 15, 2024
  • Review provided by PeerSpot

What is our primary use case?

We currently use Wiz for cloud security management to identify and address vulnerabilities in our AWS platforms. Wiz is also integrated with our EKS clusters, allowing us to monitor and manage cluster security. We deploy sensors across our infrastructure, from the base level to more advanced setups, to gather comprehensive vulnerability data. Additionally, Wiz helps us manage our inventory and images. We have integrated Wiz with our ECR to monitor and secure container images through the ECR connector.

How has it helped my organization?

Our main goal is to use Wiz as our secondary product. We aim to gather all logs and vulnerabilities and integrate them into our main tool, Splunk. Wiz helps us identify issues, but Splunk remains our primary solution. We forward all logs from Wiz to Splunk. The client, Vericore, uses Splunk as their main tool to gather data from third-party CSPM tools like Prisma and others, including DDoS detection. This integration allows us to generate reports and distribute them to other departments to address the identified vulnerabilities.

What is most valuable?

Wiz offers greater visibility and more in-depth findings in terms of configuration, misconfiguration, and vulnerabilities.

What needs improvement?

The APIs are currently quite limited and not very mature, which makes integration with Splunk difficult. As a result, we often have to use Wiz instead of our mainframe to handle tasks related to Splunk. We regularly meet with the Wiz team, who then consult their product team to find solutions and alternative methods for these tasks.

For how long have I used the solution?

I have been using Wiz for six months.

What do I think about the stability of the solution?

It is stable.

What do I think about the scalability of the solution?

We don't have any issues with the scalability. 45-50 users are using this solution.

We have multiple departments, including product security and sales. We have development teams and other departments as well. For each senior and director in these departments, we have created users and provided them with access to Wiz. This allows them to gather reports from Wiz. Additionally, if they cannot get the reports from Wiz, they can use Splunk, with which we have integrated Wiz.

We have deployed Wiz in three organizations on AWS, each with approximately 70 to 80 accounts, totaling more than 120 accounts. We have also deployed Wiz in Microsoft environments, ensuring we can gather data from every platform.

How are customer service and support?

Support has been great. We have a dedicated channel with Wiz and are always in communication with them.

How would you rate customer service and support?

Neutral

How was the initial setup?

The initial setup was very straightforward. We used the deployment connectors in Wiz. We deployed three connectors for our AWS environment, and each connector requires specific roles: Wiz rules and read-only roles. The deployment was done using the CloudFormation template through our management account, and we deployed the template to all the accounts in the organization.

The deployment took no more than 48 hours because it was done easily. However, the setup to get all the data from AWS into Wiz took about 24-48 hours.

Which other solutions did I evaluate?

We use Splunk for DDoS detection and the AWS Security Data Lake for micro detections. We use Wiz for cloud platform configuration. For threat detection, we rely on the AWS Security Data Lake and Splunk.

What other advice do I have?

We use Wiz to enhance our cloud security, and as a result, the number of vulnerabilities has gone down. We have integrated Jira authentication with Wiz to create tickets. We have set up rules in Wiz that generate tickets for misconfigurations. These tickets are sent to the respective departments that own the accounts with the identified vulnerabilities and misconfigurations. Our security team pushes these tickets to the relevant teams, enhancing security. 

Integration and deployment are relatively easy. However, we have encountered some incidents with Wiz in the past. As Wiz mentioned, some policies included in the connectors were flagging our production EBS in AWS. 

Maintenance is very easy.

I recommend Wiz for its simplicity, comprehensive findings, and impressive security graph. It provides excellent visibility, threat detection, and data classification rules. Additionally, Wiz offers more control compared to Prisma and other third-party tools.

Overall, I rate the solution at eight-point five out of ten.

Which deployment model are you using for this solution?

Public Cloud