TrustRadius: an HG Insights company

Wiz

Score8.6 out of 10

34 Reviews and Ratings

Get a Demo

What is Wiz?

Wiz is a Tel Aviv based, cloud risk visibility solution for enterprise security. It provides a 360° view of security risks across clouds, containers and workloads.

Categories & Use Cases

Key Features

Learn about the best (and worst!) features Wiz has to offer, as determined by TrustRadius' reviewers.
Based on 34 ratings of Wiz's features
View all features

Top Performing Features

  • Compliance and Auditing

    Supports compliance with industry regulations and standards, and offers audit logs and reports to meet regulatory requirements and facilitate security audits.

    Category average: 8.3

  • Regular Vulnerability Management

    Conducts regular vulnerability assessments and scans to identify and remediate security vulnerabilities within the cloud infrastructure.

    Category average: 8.1

  • Automated Data Backup and Recovery

    Provides automated and regular backups of cloud data to ensure data availability and offers mechanisms for data recovery in case of data loss or disaster.

    Category average: 8

Areas for Improvement

  • Secure Data Transfer

    Provides secure methods for transferring data to and from the cloud, such as encrypted protocols or virtual private networks (VPNs).

    Category average: 8

  • Intrusion Detection and Prevention:

    Implements systems and technologies to detect and prevent unauthorized access or intrusions into cloud resources or networks.

    Category average: 7.6

  • Security Incident Response

    Establishes protocols and procedures for promptly responding to security incidents, mitigating their impact, and conducting forensic investigations.

    Category average: 7.4

Reviews

What users are saying about Wiz.
View all reviews

Enjoying the Wiz Journey

Incentivized
Andy Hebert
Software Engineer - Security at Entegral (201-500 employees employees)

Use Cases and Deployment Scope

* Brings together 2-3 cloud environments into a single pane of glass

* Supports (although we would like to see better support) segmentation of cloud resources based on tags or resource tag enrichment. This allows our product teams in the organization to focus on the resources they are responsible for.

* It will help our ISO focus on what matters through Wiz's issue generation through toxic combinations. Right now, it is hard for our ISO to focus on what matters. They squirrel away whenever there is an audit or some perceived security threat. I am hoping Wiz will help our office reach a maturity level that takes a more pragmatic approach to security, one that allows us to make steady gains and push the security forward in the organization.

Pros

  • It seems to be a very open. The platform exposes as little or as much detail you want. Most things can be boiled down to a security graph query. So a user of Wiz can see how the graph data is really the nucleus of the platform.
  • The API console and the API explorer are super valuable for API integrators like ourselves.
  • The role/permission based controls are pretty robust and has allows us to define the workflows that we want our end users to engage with.

Cons

  • I would like to see the modification of the issue status to be wrapped in some form of a permission
  • I would like to be able to show filtered queries on the Identity Entitlements screen also on the security graph.
  • I wish I didn't have to create an automation rule (when the rule does just about the same thing in each) for each project (in Wiz).

Return on Investment

  • We haven't completed a full rollout yet, but the goal is to shift left security to all of our product teams so that security is a shared effort across the organization.
  • We want to be able to demonstrate fast remediations, corrective action plans with tangibles from Wiz in response to audits or red team findings.
  • We would like to also use information from Wiz to substantiate answers to security questionnaires that customers requires us to fill out in order to do business with them.

Usability

Alternatives Considered

Palo Alto Networks Cortex XDR

Other Software Used

Palo Alto Networks Cortex XDR, Palo Alto Networks Prisma Access, Qualis

Easy to use and provides tangible value from the first day

Incentivized
Amit Levran
Head of Security in Information Technology at Sundaysky (51-200 employees employees)

Use Cases and Deployment Scope

We use Wiz to monitor our AWS environment for misconfiguration, threats, irregular activity, changes in posture and user activity. In addition we rely on Wiz findings to optimize our compliance posture and make sure that we continue to maintain a strong and manageable security operation. Wiz is our go-to tool and every day starts with a review of the Wiz dashboards.

Pros

  • Analyze and alert about system misconfiguration
  • Identify sensitive data that is stroed on our system
  • Create a risk mapping that takes into account not only one parameter but the entire risk scope e.g an exposed server + it is housing sensitive data AND it has a known and exploitable vulnerability
  • Dashboards to consolidate the findings

Cons

  • We would like to see more system events such as cloudtrail events in Wiz, the current set of events is very limited and missing many key events
  • Mobile app

Return on Investment

  • Improved security
  • Cost Savings
  • Better communication inside te organization

Usability

Alternatives Considered

Tenable Cloud Security, IBM Guardium and Orca Cloud Security Platform

Other Software Used

Scytale, CrowdStrike Falcon

Wiz Cloud Security Simplified

Incentivized
Kirolos FameView profile
Cloud Security Engineer in Engineering at Fiserv (10,001+ employees employees)

Use Cases and Deployment Scope

We use Wiz to get a visibility over our cloud assets and define the gaps, risks, vulnerabilities, configuration drifts, Kubernetes security, secrets, Data Security, and a lot more. Wiz is an overall CSPM product that helps us define and point out the risk that we have as well as gain an overall visibility over all our cloud assets.

Pros

  • Cloud Configuration benchmarks
  • KSPM
  • DSPM
  • Container Security
  • Data visibility

Cons

  • Container Vulnerability
  • API Security
  • AI Security

Return on Investment

  • Helped us increase our CSPM by giving us full visibility over cloud configuration issue
  • helped get visblity over runtime container with vulnerabilities and crate a plan to address them
  • helped us define root level gaps in networking and address them

Usability

Alternatives Considered

CrowdStrike Falcon

Other Software Used

BigID, Teleport, Torq

Wiz Is a Great Tool.

Incentivized
Verified User
Administrator in Information Technology (1001-5000 employees employees)

Use Cases and Deployment Scope

Wiz is used for our cloud security. Whenever resources are deployed within QA or production, Wiz will scan and identify vulnerabilities for us to report and respond to. It's great because it provides us with metrics on what issues have been and what has been fixed over time. This is mainly for cloud environments.

Pros

  • User friendly with navigation.
  • Gives breakdown of the issue and recommendations to fix.
  • Has nice dashboards for visibility.

Cons

  • Be able to see what changes were made with CIS compliance.
  • Click into the chart showing changes made over time.

Return on Investment

  • It has engaged the cloud and InfoSec teams more closely.
  • Improved cloud security when resources are spun up and deployed to production.
  • Enhances the security posture of the entire organization, as products and services are hosted in the cloud.

Usability

Wiz succeeds in tech and user experience across modern security applications

Incentivized
Verified User
Analyst in Information Technology (10,001+ employees employees)

Use Cases and Deployment Scope

We use Wiz for Cloud Security Posture Management of our multi-cloud environments. We rely on Wiz for not only getting insights into misconfigured security issues in our environments, but also for understanding the latest vulnerabilities from Wiz's threat intel. This helps us identify threats and services affected by them in our organization, and allows us to quickly export reports and send communications out to teams swiftly to perform remediation accordingly to Wiz's vulnerability report.

Pros

  • Multi-cloud: Ability of Wiz to integrate with all of our cloud platforms makes it easy to deploy and centralizes our insights into all environments
  • UI/UX: Wiz's UI is one of, if not -- the best UI I have ever used in a security application. Wiz is able to make it easy to follow and use the application to simplify the normally overcomplicated process of parsing through security information and tools.
  • Marketing: Hosting meetups such as Wizdom has demonstrated Wiz's investment into its customers by providing us with more encouragement to use the app. The merch, ads, and presentation are above and beyond many companies in the tech industry.
  • Threat Intel: We rely on Wiz for the latest finds in vulnerabilities across all platforms, and since it is incorporated into the application, it makes this easy and fast to push out necessary steps without going through multiple layers of communication between vendors, cyber governance, security analysts, and developers.

Cons

  • Real time scanning/reportng: Ability to provide real-time monitoring of multi-cloud environments

Return on Investment

  • Improved operationalized cloud security: Wiz offers a single pane of glass of visibility into our multi-cloud applications, reducing the operational need to consistently enter different environments to perform security audits and vulnerability assessments. This allows security engineers to spend more time on other objectives while excelling in services offered through Wiz.
  • Auditing/Reporting: Wiz makes it easy to export reports, reducing the need for us to consolidate information ourselves to push to necessary contacts for communication, expediting the process in which we remediate vulnerabilities or perform governance.

Usability

Alternatives Considered

AWS Security Hub and Amazon GuardDuty

Other Software Used

HashiCorp Vault, Tenable Nessus

Related Products

Products similar to Wiz that may also meet your needs.
All comparisons
Snyk
CompareLearn more
Aqua Cloud Native Security Platform
CompareLearn more
Lacework
CompareLearn more
Orca Cloud Security Platform
CompareLearn more