External reviews
764 reviews
from
and
External reviews are not included in the AWS star rating for the product.
The platform is user-friendly and intuitive, making it easy for me to start using it effectively.
What do you like best about the product?
I like how simple it is to visualize data. It is the most user-friendly product that I've worked with a readable UI that is easy to navigate. The fact that assets update in real-time as changes occur is fantastic for checking if progress has been made. There is no need to set up any scans or put agents on your cloud assets.
What do you dislike about the product?
We are stuck with limited options when generating reports. It would be a nice feature to create custom report templates so we can properly show off all the work we've been doing with this product.
What problems is the product solving and how is that benefiting you?
Wiz shows us what we currently lack in our cloud environment, from misconfigured public-facing assets to vulnerabilities in outdated software. I can work with Project leaders to clean up our environments and present current problems to our Cloud Center of Excellence team. Wiz allows us to show our progress and the number of outstanding issues we have.
Extensive coverage of the cloud vulnerabilities and security misconfigurations
What do you like best about the product?
WIZ provides extensive coverage of the cloud environment, with engineering-minded dashboards, with issues providing contextual information, with additional capabilities like cloud inventory, attack paths, security frameworks assessment. It is also easy to enable and get results.
What do you dislike about the product?
WIZ does not provide leadership-level dashboards that could transfer detected threats into business impact (through risk, money...). Querying a large amount of data may timeout, thus you may have to rely on reports and API.
What problems is the product solving and how is that benefiting you?
WIZ provides extensive coverage of cloud infrastructure security - CNAPP. And as is, it allows building an infrastructure security vulnerability program without a need for additional tools
Wiz Reinventing Cloud Security
What do you like best about the product?
Our favorite part of Wiz is the agentless scanning. No deploying agents to every endpoint to get the security data we needed. Setting up the connections was straightforward and took no time at all.
The security graph is intuitive and easy to use, giving our analyst a great visual picture of how our cloud is mapped out.
New features are being released all the time.
Wiz calculates what is essential and lets us know what we need to be worried about. Most products give you a list of high/medium/low vulnerabilities, but Wiz will calculate the likelihood of that vulnerability being realized. This lets us know what we need to focus on.
The security graph is intuitive and easy to use, giving our analyst a great visual picture of how our cloud is mapped out.
New features are being released all the time.
Wiz calculates what is essential and lets us know what we need to be worried about. Most products give you a list of high/medium/low vulnerabilities, but Wiz will calculate the likelihood of that vulnerability being realized. This lets us know what we need to focus on.
What do you dislike about the product?
There is not much we dislike, but if we had to be picky, the company is still young, and some features are not fully developed yet. This is understandable, and we look forward to growing with Wiz on our cloud security journey.
What problems is the product solving and how is that benefiting you?
We currently use Wiz as our main CSPM to generate compliance reports and vulnerability management solution in the cloud. Wiz is our primary security solution for locking down the cloud.
Easy to use, yet powerful
What do you like best about the product?
I’m impressed how WIZ was able to combine functionality that used to require many tools to cover.
Now I have access to one powerful tool that scans for me all components of our cloud infrastructure: VMs, containers, container images, all kinds of data stores, managed services, serverless instances and more! And it gives me comprehensive and contextual information about different categories of security threats (CVEs, security misconfigurations, cloud entitlements, externally exposed assets, End-of-Life software etc.).
Finally, it delivers that data to you in a comprehensive form, ready to be further explored using a Security Graph (another powerful WIZ feature). Impressive!
Now I have access to one powerful tool that scans for me all components of our cloud infrastructure: VMs, containers, container images, all kinds of data stores, managed services, serverless instances and more! And it gives me comprehensive and contextual information about different categories of security threats (CVEs, security misconfigurations, cloud entitlements, externally exposed assets, End-of-Life software etc.).
Finally, it delivers that data to you in a comprehensive form, ready to be further explored using a Security Graph (another powerful WIZ feature). Impressive!
What do you dislike about the product?
WIZ doesn’t scan cloud resources right after deployment, instead does it according to a predefined schedule. In addition, the status of container findings doesn’t get updated automatically to resolved. It may introduce some challenges for engineers when tracking the progress of the remediation process.
What problems is the product solving and how is that benefiting you?
Scanning all types of cloud resources against different categories of security threats in a single tool.
Since moving to wiz from another solution I find it much more useful
What do you like best about the product?
The easy and readable info with all the amount of noise the cloud produces.
It does much more then the basic cspm solutions and is allways innovating
It does much more then the basic cspm solutions and is allways innovating
What do you dislike about the product?
I would like to see more integrations into other VM solutions that are in prem to have an holistic view
What problems is the product solving and how is that benefiting you?
Well, Vulnerability mgmt, miss configuration, the actual risk and automation to snow
Data to insight to action, done with WIZ
What do you like best about the product?
Wiz has advanced dramatically with their DSPM and CIEM offering
What do you dislike about the product?
I believe the data has become very "wide" and less focused, more doesnt mean more value, i believe the insight to action part has become less valuable, i dont believe wiz has made enough focused on both SaaS platfroms and less focus on shift right
What problems is the product solving and how is that benefiting you?
Being an all-cloud company, visibility is key, to build our cloud security program, this is where WIZ makes a major difference for us as a company to establish our decision making, priorities and cloud security baseline.
Great, multi cloud CSPM. Compliments and enriches our vulnerability visibility.
What do you like best about the product?
The interface is really nice and integrates with our other systems (Kenna, SIEM, etc)
Love that we can deploy this across AWS, as well as GCP and Azure.
Any SaaS company that doesn't have SSO is doomed to fail. Like that we can put it behind our Okta.
Love that we can deploy this across AWS, as well as GCP and Azure.
Any SaaS company that doesn't have SSO is doomed to fail. Like that we can put it behind our Okta.
What do you dislike about the product?
We recently that a few critical CVE/CVSS vulnerabilities and we had to enable some things that weren't turned on out-of-the-box. We didn't know that these were turned off until we scanned systems we knew had it and had to dig through docs to see why.
UPDATE: We recently discovered when Log4J was released that Wiz DOES NOT SCAN CRITICAL DIRECTORIES. What do I mean by this?
It will not scan key directories like /etc /bin /opt /lib /var.
When we were responding to the incident and scanning our infrastructure for Log4j, it came back negative, but we knew we had several Java applets and servers running it. Turns out, Wiz wasn't scanning linux directories where Log4j OR MOST MALWARE would run from.
We've experienced mostly good reviews, but once we identified these exclusions, we had slower responses and reporting from our various systems.
UPDATE: We recently discovered when Log4J was released that Wiz DOES NOT SCAN CRITICAL DIRECTORIES. What do I mean by this?
It will not scan key directories like /etc /bin /opt /lib /var.
When we were responding to the incident and scanning our infrastructure for Log4j, it came back negative, but we knew we had several Java applets and servers running it. Turns out, Wiz wasn't scanning linux directories where Log4j OR MOST MALWARE would run from.
We've experienced mostly good reviews, but once we identified these exclusions, we had slower responses and reporting from our various systems.
What problems is the product solving and how is that benefiting you?
Biggest problem Wiz is solving for us as getting consistent configuration management and vulnerability data across hundreds of AWS accounts as well as some GCP accounts from merger and acquisitions.
Wiz is an extremely powerful tool, that helps our company secure our cloud services very well
What do you like best about the product?
I love the UI, the visuals of all the machines and how they are linked together are great. It is far easier to search for data on Wiz than pull it from our Cloud environment.
What do you dislike about the product?
The API is great and very powerful, but it does take a lot of effort to learn. If the API was simpler for someone who has never used GraphQL before or had a REST element that would make my experience a lot better.
What problems is the product solving and how is that benefiting you?
Right now, we are trying to patch machines that have critical vulnerabilities and we have a lot of them in our environment. Wiz has made this extremely easy as it lays out all the issues with the machines and who to contact to get them fixed where before we weren't able to do that.
Visibility into the cloud
What do you like best about the product?
Vulnerability management, Identity management, container scanning, continuous monitoring. Wiz gives you all this and more. With most tools, you get your standard vulnerability management CVE score. With Wiz, it uses what they call a "toxic combination," gathering all this data to build the severity score. All of this is done without agents. This makes for an easy rollout/deployment, allowing for less administrative overhead and more time resolving security issues.
Wiz also does a great job with its configurations and integrations. Setting up SAML authentication/authorization was a breeze, and we love the Jira integration for issue tracking. Running private Kubernetes clusters? Deploy the Wiz tunnel broker to monitor your cluster. Do you want to alert or monitor the audit log? Send the events to your SIEM.
New and updates features are rolled out on a weekly basis. Have an idea for a new feature, easily submit your request via your assigned Wiz engineer, the Wiz Slack channel, or online.
Wiz also does a great job with its configurations and integrations. Setting up SAML authentication/authorization was a breeze, and we love the Jira integration for issue tracking. Running private Kubernetes clusters? Deploy the Wiz tunnel broker to monitor your cluster. Do you want to alert or monitor the audit log? Send the events to your SIEM.
New and updates features are rolled out on a weekly basis. Have an idea for a new feature, easily submit your request via your assigned Wiz engineer, the Wiz Slack channel, or online.
What do you dislike about the product?
There isn't much to not like.
The only thing we battle with today is how to assign a Wiz issue for an alert on a shared resource. In our case, this is specific to workloads running in a shared Kubernetes cluster.
The only thing we battle with today is how to assign a Wiz issue for an alert on a shared resource. In our case, this is specific to workloads running in a shared Kubernetes cluster.
What problems is the product solving and how is that benefiting you?
As a reasonably new cloud customer, our security team was blind as to what we were running in the cloud. Wiz opened up the door and gave us visibility to it all. With a few clicks, we can quickly answer questions for a security assessment or provide a security report for a particular product or our complete environment.
With the recent addition of Data Security Posture Management (DSPM), we're scanning our cloud storage and BigQuery datasets to make sure our data is secure.
With the recent addition of Data Security Posture Management (DSPM), we're scanning our cloud storage and BigQuery datasets to make sure our data is secure.
great value from the company product
What do you like best about the product?
I think their product is really good and helpful. i must say, not all new features are intuitive to work with, and im i did not always new how to work with all of their tools, but they have an amazing support that will explain and go over with you on things so i guess that what make the different
What do you dislike about the product?
I think, again as a software engineer that does not intuitive relate to security in the tech world, maybe they can try to translate things better and give solutions in a more "developer language" maybe it is not possible - and what they are doing is the best solution for now - presenting you what they can and giving you a human service as best as they can :-)
What problems is the product solving and how is that benefiting you?
As we grow, and as the internet grows and expands, we need to understand more about the world of security and how to behave and implement things in our system.
Wiz presents us the problems in our system, explaining us the problem and how to fix it, doing so they also help us to prevent it happening in the future
Wiz presents us the problems in our system, explaining us the problem and how to fix it, doing so they also help us to prevent it happening in the future
showing 261 - 270