TrustRadius: an HG Insights company

Wiz

Score8.1 out of 10

7 Reviews and Ratings

Get a Demo

What is Wiz?

Wiz is a Tel Aviv based, cloud risk visibility solution for enterprise security. It provides a 360° view of security risks across clouds, containers and workloads.

Categories & Use Cases

Key Features

Learn about the best (and worst!) features Wiz has to offer, as determined by TrustRadius' reviewers.
Based on 7 ratings of Wiz's features
View all features

Top Performing Features

  • Compliance and Auditing

    Supports compliance with industry regulations and standards, and offers audit logs and reports to meet regulatory requirements and facilitate security audits.

    Category average: 8.4

  • Intrusion Detection and Prevention:

    Implements systems and technologies to detect and prevent unauthorized access or intrusions into cloud resources or networks.

    Category average: 7.8

  • Regular Vulnerability Management

    Conducts regular vulnerability assessments and scans to identify and remediate security vulnerabilities within the cloud infrastructure.

    Category average: 7.8

Areas for Improvement

  • Automated Data Backup and Recovery

    Provides automated and regular backups of cloud data to ensure data availability and offers mechanisms for data recovery in case of data loss or disaster.

    Category average: 7.8

  • Secure Data Transfer

    Provides secure methods for transferring data to and from the cloud, such as encrypted protocols or virtual private networks (VPNs).

    Category average: 8.1

  • Security Incident Response

    Establishes protocols and procedures for promptly responding to security incidents, mitigating their impact, and conducting forensic investigations.

    Category average: 7.2

Reviews

What users are saying about Wiz.
View all reviews

Enjoying the Wiz Journey

Incentivized
Andy Hebert
Software Engineer - Security at Entegral (201-500 employees employees)

Use Cases and Deployment Scope

* Brings together 2-3 cloud environments into a single pane of glass

* Supports (although we would like to see better support) segmentation of cloud resources based on tags or resource tag enrichment. This allows our product teams in the organization to focus on the resources they are responsible for.

* It will help our ISO focus on what matters through Wiz's issue generation through toxic combinations. Right now, it is hard for our ISO to focus on what matters. They squirrel away whenever there is an audit or some perceived security threat. I am hoping Wiz will help our office reach a maturity level that takes a more pragmatic approach to security, one that allows us to make steady gains and push the security forward in the organization.

Pros

  • It seems to be a very open. The platform exposes as little or as much detail you want. Most things can be boiled down to a security graph query. So a user of Wiz can see how the graph data is really the nucleus of the platform.
  • The API console and the API explorer are super valuable for API integrators like ourselves.
  • The role/permission based controls are pretty robust and has allows us to define the workflows that we want our end users to engage with.

Cons

  • I would like to see the modification of the issue status to be wrapped in some form of a permission
  • I would like to be able to show filtered queries on the Identity Entitlements screen also on the security graph.
  • I wish I didn't have to create an automation rule (when the rule does just about the same thing in each) for each project (in Wiz).

Return on Investment

  • We haven't completed a full rollout yet, but the goal is to shift left security to all of our product teams so that security is a shared effort across the organization.
  • We want to be able to demonstrate fast remediations, corrective action plans with tangibles from Wiz in response to audits or red team findings.
  • We would like to also use information from Wiz to substantiate answers to security questionnaires that customers requires us to fill out in order to do business with them.

Usability

Alternatives Considered

Palo Alto Networks Cortex XDR

Other Software Used

Palo Alto Networks Cortex XDR, Palo Alto Networks Prisma Access, Qualis

Easy to use and provides tangible value from the first day

Incentivized
Amit Levran
Head of Security in Information Technology at Sundaysky (51-200 employees employees)

Use Cases and Deployment Scope

We use Wiz to monitor our AWS environment for misconfiguration, threats, irregular activity, changes in posture and user activity. In addition we rely on Wiz findings to optimize our compliance posture and make sure that we continue to maintain a strong and manageable security operation. Wiz is our go-to tool and every day starts with a review of the Wiz dashboards.

Pros

  • Analyze and alert about system misconfiguration
  • Identify sensitive data that is stroed on our system
  • Create a risk mapping that takes into account not only one parameter but the entire risk scope e.g an exposed server + it is housing sensitive data AND it has a known and exploitable vulnerability
  • Dashboards to consolidate the findings

Cons

  • We would like to see more system events such as cloudtrail events in Wiz, the current set of events is very limited and missing many key events
  • Mobile app

Return on Investment

  • Improved security
  • Cost Savings
  • Better communication inside te organization

Usability

Alternatives Considered

Tenable Cloud Security, IBM Guardium and Orca Cloud Security Platform

Other Software Used

Scytale, CrowdStrike Falcon

Wiz Cloud Security Simplified

Incentivized
Kirolos FameView profile
Cloud Security Engineer in Engineering at Fiserv (10,001+ employees employees)

Use Cases and Deployment Scope

We use Wiz to get a visibility over our cloud assets and define the gaps, risks, vulnerabilities, configuration drifts, Kubernetes security, secrets, Data Security, and a lot more. Wiz is an overall CSPM product that helps us define and point out the risk that we have as well as gain an overall visibility over all our cloud assets.

Pros

  • Cloud Configuration benchmarks
  • KSPM
  • DSPM
  • Container Security
  • Data visibility

Cons

  • Container Vulnerability
  • API Security
  • AI Security

Return on Investment

  • Helped us increase our CSPM by giving us full visibility over cloud configuration issue
  • helped get visblity over runtime container with vulnerabilities and crate a plan to address them
  • helped us define root level gaps in networking and address them

Usability

Alternatives Considered

CrowdStrike Falcon

Other Software Used

BigID, Teleport, Torq

An honest view of Wiz and how it helps Cloud focused organizations

Incentivized
Jesse BoothView profile
Sr Director Security Operations in Information Technology at GoTo (1001-5000 employees employees)

Use Cases and Deployment Scope

We utilize Wiz for Cloud vulnerability management, its used to detect high fidelity security issues, and configuration changes/drift that can happen over time. Its great because it can be implemented in a way that allows us to see these changes as they happen without fear that something could be changed without centralized visibility. We utilize it in a self service in mind so development teams can utilize the tool to help them remediate their areas issues, while giving security and architecture teams global views.

Pros

  • Global visibility
  • Raising high confidence security concerns
  • Access control to allow you to segment project access while simultaneously allowing central teams such as architecture and security global view.

Cons

  • Its not always obvious what needs to be configured in the CSP to allow Wiz to handle advanced features
  • While it is higher fidelity than most security tools, it can raise some false positives regarding external exposure.

Return on Investment

  • Wiz has helped enable us to achieve lower SLAs when it comes to vulnerability management because it can put the engineers in the tool to see the issue even for beyond CVE's but configuration issues.
  • The issues Wiz raises are considered more valuable as it helps address the real risk of different configurations depending on the exposure of an asset.

Usability

Alternatives Considered

Lacework, CrowdStrike Falcon and Orca Cloud Security Platform

Other Software Used

Zscaler Private Access, Zscaler Internet Access, CrowdStrike Falcon, Axonius, Splunk Enterprise Security (ES), Microsoft Defender for Endpoint

Wiz Security for our Cloud environment

Incentivized
Simon King GCGI BSc(Hons) PGDip_TM CMgr MCMI CISM CRISCView profile
Associate Director Information Security at Atolls GmbH (501-1000 employees employees)

Use Cases and Deployment Scope

Initially it gives great visibility of every technology across our digital estate, then highlights vulnerabilities and risks including how they could be exploited and guidance on how these can be fixed/addressed. The thing I like most is the integrations with other systems so that this is not a stand alone tool but an integral part of our businesses security suite.

Pros

  • Technical Inventory
  • Identified configuration and patching risks
  • Integrates with other systems

Cons

  • Provide SAST/DAST website scanning

Return on Investment

  • Overall visibility of all Technical assets
  • Visibility not previously seen

Usability

Other Software Used

Appcheck NG, SentinelOne Vigilance, Abnormal Security

Related Products

Products similar to Wiz that may also meet your needs.
All comparisons
Snyk
CompareLearn more
Aqua Cloud Native Security Platform
CompareLearn more
Lacework
CompareLearn more
Orca Cloud Security Platform
CompareLearn more