Useful for security assessment and maintaining correct security posture
What is our primary use case?
I use the solution for test and demo environments, and then we deploy the platform's last version for our customers. We use the advanced license type, so we have all the features in the platform.
The tool is used for security assessment and maintaining our customers' correct security posture. We have different types of customers, so there are different types of use cases. But in general, the main need is for the maintenance of cloud security posture.
What is most valuable?
The tool's most valuable feature is its attack path analysis. The feature of the tool for inspecting running containers and the new feature of intelligent artificial intelligence security posture is good. With the attack path analysis, I can see the perfect path of a possible attack, I can see the exposure of different types of resources, and I can stop the attack with the remediation or suggestion of the platform. Regarding the container runtime security, I can see how the container runs and what type of action the container takes during execution. I can take some action to modify the running of the container. For the artificial intelligence security posture, I can see the misconfiguration problem with the security permission that customers give to the platform, like Bedrock or OpenAI, and so on. We can help the customer resolve this problem of data security exposure and so on. All such features are effective in identifying vulnerabilities. The platform allows users to collect information without the need for an install agent. So it's totally agentless, and it is a great feature. I don't need to install an agent, so onboarding the platform is very easy and very speedy.
What needs improvement?
The tool keeps improving on a weekly basis. Wiz enters into a lot of partnerships with other technologies. I don't have any idea about the improvements needed in the tool at the moment.
For me, Wiz is a very complete product, but it is not the perfect one. Other technologies are better for our customers' specific use cases. A possible way to grow the tool is by introducing new functionality or features.
In the future, the tool can introduce an on-prem infrastructure or platform. Not having an on-prem version can be an obstacle for customers who have a large workload in an on-prem environment.
The onboarding can be done in five minutes or five to ten minutes. Then, there is the configuration, and it depends on the type of the use case of the customer. There is a customer that has simple use cases for whom the onboarding can be done in four to eight hours a day. If there are some customers with a lot of use cases and a lot of different cloud providers, more time is needed. In general, we don't need more than five days to deploy the tool, even in the case of a very complex architecture and hybrid cloud environment.
To deploy the tool, we need to have access to the account of the customer, and Wiz is a stuff that we need to make with the customer. We do the onboarding together. The customer creates the correct authorization in the cloud platform and gives us the key to connect to the platform, and then the platform connector starts and begins to collect information.
For how long have I used the solution?
I have been using Wiz since 2023. My company is a service integrator and a partner of Wiz. I use the solution's latest version.
What do I think about the stability of the solution?
It is a stable solution. Stability-wise, I rate the solution an eight to nine out of ten.
What do I think about the scalability of the solution?
Scalability-wise, I rate the solution a ten out of ten.
I don't know the exact number of users because every customer can create a user autonomously on the platform. So, I don't have availability at the moment for the total number of users. We have five customers at the moment, and we have done a lot of PoC during the last two years. I suppose that we will have around 22 different customers. If you need a number, a minimum of 60 users use the tool.
My customers are medium and large enterprises.
How are customer service and support?
The solution's technical support was excellent. We have had excellent communication and availability for any of our needs or questions. They answer quickly, and we have had a great experience with the technical support. I rate the technical support a nine out of ten.
How would you rate customer service and support?
How was the initial setup?
If one is difficult and ten is easy to set up, I rate the product's initial setup phase a nine out of ten.
The solution is deployed on the cloud. In the future, the tool can introduce an on-prem infrastructure or on-prem platform, but at the moment, it is only cloud.
What's my experience with pricing, setup cost, and licensing?
If one is cheap and ten is expensive, I rate the tool's price as a five out of ten. The pricing depends on the customer and the dimension of the environment, whether the customer is strategic or not. I suppose that it is available at a middle price. In some cases, it has a very aggressive price, so very cheap, in order it's expensive. In particular, if the workload is poor, they can't make grid cells, so the price is high, and it is not in terms of real value but in terms of the budget of the customer.
What other advice do I have?
The tool can be used for all customers who don't have a security structure or security team inside because the platform is very easy to use. It is a very useful tool for developer teams that can use the platform without having security knowledge, and the platform helps the developer of code applications. The tool adapts to a use case in which there is a SOC team because of the rich data that the SOC can correlate and manage.
I recommend the tool to companies that use cloud products. Wiz can be integrated with other customer platforms because it enriches information and makes inaction very valuable in terms of security.
I rate the tool as an eight out of ten.
How Wiz Transformed Our Cloud Security Posture
What do you like best about the product?
Our company manages multiple landing zones across various cloud providers. Additionally, numerous teams work on projects spanning different sizes and technologies.
Wiz has been instrumental in helping us monitor, detect, and correct deployment deviations and obsolete resources. Today, it enables us to demonstrate compliance with industry frameworks.
Furthermore, Wiz's user-friendly interface and SaaS-based operation have significantly enhanced our overall experience. We were able to easily deploy Wiz using Terraform and manage 100% of its configuration through code. Whenever we needed assistance, their support team was always there to help. Now,
Wiz serves as our central command center for cloud security, which we consult daily. To ensure the compliance of all our Infrastructure as Code (IaC) deployments, we've integrated Wiz into our CI/CD pipelines.
What do you dislike about the product?
Wiz provides comprehensive visibility into the cloud environment. Its querying interface offers the potential to extract valuable information, but mastering it requires significant time investment.
Overall, dedicated team training is essential for effectively utilizing the tool.
What problems is the product solving and how is that benefiting you?
Gaining complete visibility into the cloud resources deployed by various teams is a significant challenge for the company. It's essential to balance the freedom granted to developers through a DevOps approach with the need to prevent security vulnerabilities.
Wiz enables the consolidation of different rules and security postures, providing a holistic view of the cloud environment. This centralized perspective can be effectively communicated back to teams, empowering them with insights into their specific resources and projects.
great tool for working securely and managing my assets across my entire IT architecture
What do you like best about the product?
dashboard creation and the power of queries
What do you dislike about the product?
sometimes the action of rescanning a resource can be quite long
What problems is the product solving and how is that benefiting you?
wiz allowed me to correct security vulnerabilities, which improves the overall level of security of my infrastructure
A simple way to automate your cloud security workflow
What do you like best about the product?
At wiz, one of the most importants things is that although you could have hundreds of vunerabilities, you cand easily know what of these represents an authentic thread. It's a simple way to have a priority.
What do you dislike about the product?
Sometimes Wiz extracts a lot of information, and could be, if nobody has introduced you in the platform, too much information.
What problems is the product solving and how is that benefiting you?
Wiz give us one step ahead to automate the security process and integrate it in the SDLC. Thanks to its API it is possible to move the information across other platforms and automate Jira with it.
Wiz has greatly enhanced our infrastructure's security with its excellent visual dashboard, support.
What do you like best about the product?
1. Visual Dashboard: The visual board provided by Wiz is exceptional. It allows us to see all issues and vulnerabilities across our AWS and Azure platforms at a glance. This intuitive visualization has been crucial for quickly identifying and prioritizing issues.
2. Vulnerability Resolution: During our use of Wiz, we identified 17 critical and 36 high vulnerabilities within our system. Thanks to Wiz's detailed insights and actionable recommendations, we have successfully resolved all these vulnerabilities. As a result, our resistance to malicious attacks has improved significantly.
3. Support and Flexibility: The support and flexibility of the Wiz product are top-notch. From day one, the Wiz team introduced their product and the tools they offer to scan our system. As a Senior Cloud Engineer, I frequently reached out to Wiz support via email, and they consistently provided timely and helpful responses to resolve any issues I encountered.
What do you dislike about the product?
1. Unified Solutions: Some issues came with generic solution options instead of personalized ones.
2. Lack of Quick Scan Option: After fixing platform issues, there is no option for a quick scan of the system in the Wiz board. Scanning goes once in a day. And not twice. There is no option to customize timeline.
3. Customer Support Options: There is no call line or live chat for customer support, which is not a significant problem but could be improved.
What problems is the product solving and how is that benefiting you?
Wiz is solving key security issues such as closing external access to our databases, S3 buckets, and virtual machines, as well as improving the security of our Kubernetes clusters. These enhancements have led to a significant reduction in vulnerabilities, with 17 critical and 36 high issues resolved. This has greatly improved our overall security posture, making our infrastructure more robust and resilient against potential threats.
The best SaaS i found on the market after a lot of PoC
What do you like best about the product?
The design, and the simplicity of the tools. U can easly set up many usefull things, and always open with new features, especially for TF. The customer support has always been very responsive and proactive in their responses. It's esay to setup the tools for non-regular users.
What do you dislike about the product?
I got a lot of problem for the setup of wiz with a Jira On-prem, the docs was not clear and the the helm template was wrong for the setup
What problems is the product solving and how is that benefiting you?
The objective of wiz was to have a global vision of our entire Landing zone which includes Azure, GCP, AWS and then to reduce the cyber risk of our LDZ
put wiz in your life
What do you like best about the product?
It is very deep, but intuitive. It fulfills its objective very well. I love it.
What do you dislike about the product?
I would like there to be a button on the platform that switches between normal mode or expert mode, where all the options are saved and it would be even easier to use.
What problems is the product solving and how is that benefiting you?
Every time I enter the portal I find something new. It's fantastic to think that both the definitions and the look and feel are always being updated.
CISO
What do you like best about the product?
everything is in one platform and you have end to end visibility of your data, resources and threats to your assets.
What do you dislike about the product?
It can become little complicated with all types of findings.
What problems is the product solving and how is that benefiting you?
Compliance in cloud was our biggest challenge, also inventory management and vulnerbaility prioritisationl.
Best visibility of our cloud security we've ever had
What do you like best about the product?
- Clear visibility of our cloud accounts
- Graphical visualisation of attach path
- Clear reporting
- Integration into CI/CD
- Good recent acquisitions
- Quick time to value & free trial
What do you dislike about the product?
- Workload pricing model can be unpredicatible
- Some key features in the higher price tier
What problems is the product solving and how is that benefiting you?
Clear visibility of our attack surface, integrates well into our existing products and workflows
Great product with a deep understanding of the challenges of managing a secure cloud environment.
What do you like best about the product?
Call to action, ahead of the curve, and rich query language. Provides insights from day one with a simple integration approach.
What do you dislike about the product?
The current CDR is not accurate and generates many false positives. Customer support are not that good.
What problems is the product solving and how is that benefiting you?
Wiz solves our cloud security visibility issues by providing real-time insights and proactive threat detection. It also flags issues in IaC before pushing to production and allows me to query my cloud environment to locate architecture security issues. This has been a game-changer for us, significantly enhancing our security posture and allowing us to respond swiftly to potential threats.
