What do you like best about the product?

Key benefits and features of Wiz that make it a valuable tool for cloud security posture management:
1. Agentless architecture: Wiz does not require any agents or additional software to be installed on cloud instances, which makes it lightweight and easy to deploy. This reduces the attack surface and minimizes the risk of unwanted alterations to the environment.
2. Continuous monitoring: Wiz continuously monitors cloud environments for security vulnerabilities, providing real-time alerts and recommendations for improvement. This helps organizations stay ahead of potential threats and maintain a robust security posture.
3. Compliance checking: Wiz supports various compliance frameworks, such as PCI DSS, HIPAA/HITECH, and GDPR, and provides detailed reports on compliance status. This helps organizations ensure they are meeting regulatory requirements and avoiding costly penalties.
4. Integration with other tools: Wiz integrates with popular cloud providers like AWS, Azure, and Google Cloud, as well as with other security tools and systems, such as SIEMs and incident response platforms. This allows organizations to leverage existing investments in security infrastructure and enhance their overall security posture.
5. Ease of use: Wiz offers an intuitive interface that makes it easy for users to understand and address security vulnerabilities. This reduces the need for extensive training or technical expertise, making it accessible to a wider range of users.
6. Cost-effective: Wiz provides a cost-effective solution compared to traditional security tools that require agents or additional software installations. This can help organizations save time and resources while improving their overall security posture.
7. Scalability: Wiz is designed to handle large-scale cloud environments, making it an ideal choice for organizations with complex and dynamic cloud infrastructures.
8. Advanced analytics: Wiz provides advanced analytics capabilities that enable organizations to identify emerging threats and improve their security posture over time. This includes anomaly detection, predictive analytics, and customizable reports.
9. Enhanced visibility: Wiz provides detailed visibility into cloud environments, allowing organizations to identify potential security risks and take proactive measures to address them. This includes monitoring of cloud resources, network traffic, and user behavior.

What do you dislike about the product?

While Wiz is a powerful tool for automating security and compliance processes in the cloud, there are some potential downsides or areas where it may not be as helpful as expected. Here are some of the least helpful aspects of Wiz:
1. Dependence on cloud providers: Wiz is built around the major cloud providers like AWS, Azure, and GCP. While this makes it easy to integrate with these platforms, organizations using other cloud providers or on-premises environments may find Wiz less useful.
2. Limited integration with other tools: While Wiz integrates with some other security and compliance tools, its integration capabilities are limited compared to other automation tools. This can make it difficult for organizations to integrate Wiz with their existing toolset.
3. Steep learning curve: While Wiz provides a user-friendly interface, the sheer amount of features and capabilities can make it challenging for new users to learn and master the tool. This can be especially true for organizations without dedicated security or compliance teams.
4. Cost: Its paid tiers can be expensive, especially for larger organizations. This can be a barrier for some organizations looking to implement Wiz's features.
5. Limited visibility into cloud resources: Wiz relies on the cloud provider's APIs to gather data about cloud resources. However, these APIs may not provide complete visibility into all cloud resources, particularly those that are not natively supported by the cloud provider. This can limit Wiz's ability to detect and monitor certain types of resources.
6. Dependence on accurate data: Wiz relies on accurate and up-to-date data to make informed recommendations and provide effective security and compliance management. However, if the data is incomplete, outdated, or inaccurate, Wiz's recommendations may not be reliable.
7. Limited support for non-cloud environments: While Wiz is primarily designed for cloud environments, its capabilities may be limited when applied to on-premises environments or other types of infrastructure.
8. Potential for false positives: Like any security tool, Wiz may generate false positives, which can lead to unnecessary work and fatigue for security teams. This can also undermine the credibility of the tool in the eyes of security decision-makers.

What problems is the product solving and how is that benefiting you?

1. Protecting sensitive information: With Wiz, you can easily identify and classify sensitive information within your organization, such as intellectual property, customer data, or financial information. This helps ensure that only authorized personnel have access to this information, reducing the risk of data breaches or leaks.
2. Managing access to confidential data: Wiz allows you to control access to sensitive information based on user roles, permissions, and other factors. This ensures that only authorized personnel can access the information they need to do their jobs, while restricting access to unauthorized users.
3. Ensuring compliance with regulations: Many organizations are subject to various cyber security and data privacy regulations, such as GDPR, HIPAA, or PCI DSS. Wiz helps ensure that you are meeting these requirements by providing visibility into your organization's information management practices and helping you identify areas for improvement.
4. Reducing the risk of insider threats: With Wiz, you can monitor and analyze user behavior to detect potential insider threats, such as employees or contractors accessing sensitive information without authorization. This helps reduce the risk of data breaches caused by unauthorized access or malicious activity within your organization.
5. Improving incident response times: In the event of a data breach or other security incident, Wiz can help you quickly identify and contain the issue, reducing the impact on your business operations. This is especially important in regulated industries where swift action is required to minimize legal and reputational risks.
6. Enhancing board-level oversight: By providing real-time visibility into information management practices across the organization, Wiz can help board members and other senior executives better understand and oversee cyber security and data privacy risks. This enables more effective risk management and strategic decision-making.
7. Supporting business continuity planning: In the event of a disaster or major security incident, Wiz can help you quickly identify and isolate affected systems, services, or data, minimizing the impact on your business operations. This supports more effective business continuity planning and crisis management.
8. Facilitating third-party risk management: With Wiz, you can better evaluate and manage risks associated with third-party vendors, service providers, or other external partners. This helps ensure that these partners are meeting your cyber security and data privacy standards, reducing the risk of breaches or other security incidents.
9. Optimizing information management processes: Wiz can help you identify areas for improvement in your information management processes, such as data quality, accuracy, or access controls. By optimizing these processes, you can reduce the risk of security incidents and improve overall business efficiency.
10. Supporting digital transformation initiatives: As organizations undergo digital transformation, Wiz can help ensure that sensitive information is properly protected and managed throughout the entire lifecycle, from creation to deletion or archiving. This supports more effective risk management and helps you achieve your strategic objectives.

What do you like best about the product?

The ease of implementation combined with the depth of details provides an incredible single pane of glass that we can measure our security posture.

What do you dislike about the product?

We have been a customer for less than a year and at this point there have not been any significant dislikes with the platform.

What problems is the product solving and how is that benefiting you?

We have a significant cloud footprint, and we wanted the ability to see the enterprise view in a single place - without the need for agents or significant level of effort.

What do you like best about the product?

1. An agentless tool
2. Quick to deploy through API
3.Offers platform for Threat Center to catchup with latest threats.
4. Supports multi cloud for both CSPM and vulnerability management
5.Cheap solution if both CSPM and CWPP used together.

What do you dislike about the product?

1.Still many CVEs are present with missing solutions.
2. Adding custom rules for CSPM is not easy as compare to Dome9.
3.No way to generate consolidated report of all OS hardening . You have to go OS wise .
4.Many benchmark policies are still not matured .
5. Solution not available for on-Prem environments.

What problems is the product solving and how is that benefiting you?

1. Offering one platform for both CSPM and CWPP.
2. Cheap as compared to other 3rd party solutions.
3.ease of creating cutom queries.
4.Threat Centers offers free of cost solution to keep up with outside threat alerts.

What do you like best about the product?

Wiz is a very easy and simple to set-up CNAPP that allows people to have a centralized, easy to use and intuitive platform for all the Cloud security needs.

It has a wide range of graphs and dashboards, that you can also customize to satisfy your needs.

It also has a lot of security frameworks and complicance systems so that you can check all aspects of your infraestructure.

For a small team like mine, it is very simple and fast to check the highest priority issues and remediate them, as the issues shown in Wiz also provide information and interconnection within all the resources.

What do you dislike about the product?

Despite scans being run automatically often enough, a manual scan trigger would be greatly appreciated, specially when looking for a real-time fixes and threats.

What problems is the product solving and how is that benefiting you?

Finding all the security threats and presenting them in a very clear and concise way, with different priorities, so that I can focus on fixing the most urgent and important ones and have a way to determine their root cause.

What do you like best about the product?

I like the best the option to see topoligic of the vulnerability for e.g ec2 -> AMI -> CVE .. etc.., it is super comfortable and super accurate!

What do you dislike about the product?

Scanning time taking a bit to long, maybe if there is an option to rescan from the vulnerable point.

What problems is the product solving and how is that benefiting you?

Scanning Docker images using wiz-cli, Security vulnerability scanning of the Cloud, Exposed ALBs to the world, WAF rules that have not been set correctly.

What do you like best about the product?

It is essential to have a single place where all the relevant information is found, and sorted in a clear and organized manner.

What do you dislike about the product?

Currently, it does not cover all the desired areas.

What problems is the product solving and how is that benefiting you?

Organizing all security vulnerabilities in a user-friendly interface, saving time and resources.

What do you like best about the product?

The UI is very simple and ituitive. Most security products are messy, and I cant understand where to start in order to remidate the issue.

What do you dislike about the product?

Long time to update.
Sometimes after we remidate the issue it could take a few days until Wiz console will update and stop showing the issue.

What problems is the product solving and how is that benefiting you?

Wiz allow us to find vaulrabilites in exploited ami version on k8s nodes, and other exploited pkgs.

What do you like best about the product?

The relationship between all objects in the cloud. Great graph display, fast web-ui.

What do you dislike about the product?

Too few exmaples when you try to query your data.
Sometimes it takes a few hours untill some asset-config changes

What problems is the product solving and how is that benefiting you?

It allows discovery of bad configs in terms of networking & permissions

What do you like best about the product?

Wiz has proven to be an invaluable asset in our pursuit of maintaining a robust and secure cloud environment. Their platform's innovative approach to cloud security and visibility has enabled us to enhance our threat detection capabilities and streamline our overall security management.

What do you dislike about the product?

Wiz.io's ability to seamlessly integrate with various cloud environments empowers teams to maintain a secure digital landscape without disrupting their workflow

What problems is the product solving and how is that benefiting you?

Wiz effectively solves critical cloud security challenges by enhancing threat detection, automating processes, providing actionable insights, offering a user-friendly interface, ensuring comprehensive security coverage, and supporting scalability. These solutions have directly benefited our organization by strengthening our security posture, improving efficiency, and enabling strategic decision-making.

What do you like best about the product?

great UI/US that helps us sole our issues better and faster

What do you dislike about the product?

on prem vmware support deployment needs are very complicated to achieve.

What problems is the product solving and how is that benefiting you?

Improve my cloud security posture by having 100% visibility into my cloud environment.
Focus on the most critical security risks first