TrustRadius: an HG Insights company

Wiz Reviews & Insights

Score8.1 out of 10

7 Reviews and Ratings

Get a Demo

Top industries

Based on 1,542 HG Insights installations.

#1 most frequent

Information

23.7%

365 installations of 1,542

#2 most frequent

Professional, Scientific, and Technical Services

17.6%

271 installations of 1,542

#3 most frequent

Manufacturing

9.1%

140 installations of 1,542

Community Insights for Wiz

Synthesised from 24 verified reviews.

Overview

Synthesised from 24 reviews

This product assessment is based on a synthesis of 24 recent reviews analyzing Wiz across multiple dimensions including overall satisfaction, ROI, deployment experience, and use of its security graph. Wiz is a cloud security platform designed to provide comprehensive visibility and risk assessment across cloud environments. A key strength lies in its agentless, API-centered approach, which facilitates rapid deployment and broad inventory coverage; 58% of reviewers specifically praised the ease of installation and setup. Users report significant improvements to security (46%) and enhanced visibility into cloud environments (29%) as key benefits, contributing to a stronger security posture and risk reduction (21%). The Wiz security graph is leveraged by 38% of reviewers to prioritize security issues and understand the context behind them, while 29% use it to gain a wider view of security risks and identify root causes. However, some areas for improvement were noted. API security, real-time scanning capabilities, and reporting improvements were each mentioned by 8% of reviewers. The same percentage of reviewers also cited concerns regarding false positives and desired additional features, as well as automation improvements. Alternatives such as Orca Cloud Security Platform and CrowdStrike Falcon were each mentioned by 13% of reviewers as products they have used or evaluated. Overall, Wiz offers a compelling value proposition for organizations seeking to enhance their cloud security posture through rapid deployment and comprehensive risk assessment. While some areas require further refinement, the platform's strengths in visibility, ease of use, and risk prioritization appear to outweigh its weaknesses for many users.

Pros

  • Easy and fast deployment due to agentless, API-centered approach (58% of reviewers)
  • Improved security posture and risk reduction (46% and 21% of reviewers respectively)
  • Enhanced visibility into cloud environments (29% of reviewers)
  • Effective risk prioritization using the Wiz security graph (38% of reviewers)
  • Agentless approach provides stability and reduces logistical complications (33% of reviewers)

Cons

  • Concerns regarding API security (8% of reviewers)
  • Desire for improvements in real-time scanning capabilities (8% of reviewers)
  • Need for reporting improvements (8% of reviewers)
  • Incidence of false positives (8% of reviewers)
  • Desire for more comprehensive features and automation improvements (8% of reviewers)
What other products like Wiz have you used or evaluated?

From 24 reviews

Summary

In a review sample of 24, multiple alternative products were mentioned. Orca Cloud Security Platform and CrowdStrike Falcon were each mentioned by 13% (3 of 24) of reviewers.

Related topics

CrowdStrike FalconOrca Cloud Security Platform

Top Quotes

CrowdStrike Falcon

Lacework, CrowdStrike Falcon and Orca Cloud Security Platform

Orca Cloud Security Platform

Tenable Cloud Security, IBM Guardium and Orca Cloud Security Platform

What positive or negative impact (i.e. Return on Investment or ROI) has Wiz had on your overall business objectives?

From 24 reviews

Summary

This analysis of 24 recent reviews explores the return on investment (ROI) and overall business impact of Wiz. A significant portion of reviewers, 46% (11 of 24), highlight improvements to security as a key benefit. Another 29% (7 of 24) cite enhanced visibility into cloud environments as a positive outcome. Risk reduction is noted by 21% (5 of 24) of reviewers, indicating that Wiz contributes to a stronger security posture. Cost savings, though less frequently mentioned, are also seen as a positive impact by 13% (3 of 24) of reviewers. Finally, 8% (2 of 24) of reviewers specifically mentioned improvements to cloud posture management.

Related topics

Risk ReductionBetter VisibilityCost SavingsCloud Posture ManagementImproved Security

Top Quotes

Risk Reduction

The issues Wiz raises are considered more valuable as it helps address the real risk of different configurations depending on the exposure of an asset.

Better Visibility

Overall visibility of all Technical assets

Cost Savings

Cost Savings

Besides Wiz, what other software do you regularly use? How likely would you be to recommend it to a friend or colleague?

From 24 reviews

Summary

In a corpus of 24 recent product reviews, reviewers mentioned alternative software used alongside Wiz. CrowdStrike Falcon and Zscaler Private Access were each mentioned by 8% (2 of 24) of reviewers. These mentions provide insight into the broader security ecosystems in which Wiz is deployed.

Related topics

CrowdStrike FalconZscaler Private Access

Top Quotes

CrowdStrike Falcon

Scytale, CrowdStrike Falcon

Zscaler Private Access

Zscaler Private Access, Zscaler Internet Access, CrowdStrike Falcon, Axonius, Splunk Enterprise Security (ES), Microsoft Defender for Endpoint

Please provide some detailed examples of areas where Wiz has room for improvement.

From 24 reviews

Summary

This analysis of 24 recent reviews identifies areas where Wiz could improve, according to users. Several reviews (8%, 2 of 24) cited concerns regarding API security, real-time scanning capabilities, and reporting improvements. Users also noted the presence of false positives (8%, 2 of 24) and desired additional features. Some reviewers (8%, 2 of 24) mentioned the need for automation improvements. The feedback suggests a desire for more comprehensive and streamlined functionality within the Wiz platform.

Related topics

API SecurityFalse positivesReporting improvementsReal-time scanningAutomation improvementsMissing features

Top Quotes

API Security

API Security.

False positives

While it is higher fidelity than most security tools, it can raise some false positives regarding external exposure.

Reporting improvements

Wiz does not store teh resolved date, which makes it harder for teams to run reports

Wiz leverages a security graph at the core of the product that is designed to accurately detect and define security risks. How does your company utilize the Wiz security graph for risk assessment?

From 24 reviews

Summary

Across 24 recent reviews, the Wiz security graph is primarily utilized for risk assessment through prioritization and understanding security risks within cloud environments. A significant 38% (9 of 24) of reviewers leverage the security graph to prioritize security issues, enabling them to focus on the most critical risks and understand the context behind them. Another 29% (7 of 24) use the graph to gain a wider view of security risks, understand connections between them, and identify root causes. The ability to slice and dice results based on organizational structure is also valued for quick risk mitigation. Reviewers, including those from non-technical backgrounds, find the security graph beneficial for identifying and triaging misconfigurations, investigating issues, and enhancing overall cloud security posture.

Related topics

Risk Prioritization and AssessmentUnderstanding Security Risks

Top Quotes

Risk Prioritization and Assessment

Oh yeah, we use this a lot. When an alert is created, before hunting down the product team and dumping into them, we use the Graph to understand what is going on to get a clearer picture. And more often that not, it has been really useful for both us and the product teams to understand the risk correctly rather than just shooting darts at thin air

Understanding Security Risks

Coming from a non-tech background, I was able to easily make connections between security risks and instances it was coming from, as well as what the gaps were and the configurations I can make to patch them.

Via an agentless, API-centered approach, Wiz is designed to be rolled out in minutes to easily scan workloads and get full visibility into cloud environments. Please describe your experience with this aspect of the product.

From 24 reviews

Summary

Based on 24 recent reviews, Wiz is frequently praised for its straightforward deployment and comprehensive cloud visibility, largely attributed to its agentless, API-centered approach. A significant 58% (14 of 24) of reviewers specifically highlight the ease of installation and setup, often mentioning the speed with which Wiz can be rolled out and provide meaningful insights. This is further supported by the benefits of the agentless approach, which 33% (8 of 24) of reviewers appreciate for its stability and the elimination of logistical complications associated with agents. The agentless design is considered a core feature, facilitating quick integration and broad inventory coverage across numerous resources.

Related topics

Easy deployment and setupAgentless approach benefits

Top Quotes

Easy deployment and setup

Wiz's agentless, API-centered approach enables quick deployment and comprehensive cloud visibility.

Agentless approach benefits

The feature of agentless scanning workloads is the core feature of Wiz.

Reviews

25 Reviews

Wiz Is a Great Tool.

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

Wiz is used for our cloud security. Whenever resources are deployed within QA or production, Wiz will scan and identify vulnerabilities for us to report and respond to. It's great because it provides us with metrics on what issues have been and what has been fixed over time. This is mainly for cloud environments.

Pros

  • User friendly with navigation.
  • Gives breakdown of the issue and recommendations to fix.
  • Has nice dashboards for visibility.

Cons

  • Be able to see what changes were made with CIS compliance.
  • Click into the chart showing changes made over time.

Likelihood to Recommend

Wiz is well-suited if you want to run real-time scans against resources that were recently patched or configured. It is good to keep track of vulnerabilities found and what can be done to resolve the issues without having to open up multiple tabs. Overall, it is good to keep an eye on how well cloud teams or cloud security teams are doing.
VU
Verified User
Administrator in Information Technology (1001-5000 employees)
Vetted Review
Wiz
2 years of experience

Wiz succeeds in tech and user experience across modern security applications

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

We use Wiz for Cloud Security Posture Management of our multi-cloud environments. We rely on Wiz for not only getting insights into misconfigured security issues in our environments, but also for understanding the latest vulnerabilities from Wiz's threat intel. This helps us identify threats and services affected by them in our organization, and allows us to quickly export reports and send communications out to teams swiftly to perform remediation accordingly to Wiz's vulnerability report.

Pros

  • Multi-cloud: Ability of Wiz to integrate with all of our cloud platforms makes it easy to deploy and centralizes our insights into all environments
  • UI/UX: Wiz's UI is one of, if not -- the best UI I have ever used in a security application. Wiz is able to make it easy to follow and use the application to simplify the normally overcomplicated process of parsing through security information and tools.
  • Marketing: Hosting meetups such as Wizdom has demonstrated Wiz's investment into its customers by providing us with more encouragement to use the app. The merch, ads, and presentation are above and beyond many companies in the tech industry.
  • Threat Intel: We rely on Wiz for the latest finds in vulnerabilities across all platforms, and since it is incorporated into the application, it makes this easy and fast to push out necessary steps without going through multiple layers of communication between vendors, cyber governance, security analysts, and developers.

Cons

  • Real time scanning/reportng: Ability to provide real-time monitoring of multi-cloud environments

Likelihood to Recommend

I would say Wiz is best suited for organizations developing in multi-cloud environments. Wiz UI/UX makes it very easy to integrate, use, and teach. The application oversimplifies many tedious processes when it comes to monitoring security across many different layers and tools. Like mentioned, real-time scanning would be a great addition to the application (although I can see it may be quite difficult). I believe in organizations utilizing a single CSP structure may rather use that platform's native in-house services for security monitoring.
VU
Verified User
Analyst in Information Technology (10,001+ employees)
Vetted Review
Wiz
1 year of experience

Easy to use and provides tangible value from the first day

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

We use Wiz to monitor our AWS environment for misconfiguration, threats, irregular activity, changes in posture and user activity. In addition we rely on Wiz findings to optimize our compliance posture and make sure that we continue to maintain a strong and manageable security operation. Wiz is our go-to tool and every day starts with a review of the Wiz dashboards.

Pros

  • Analyze and alert about system misconfiguration
  • Identify sensitive data that is stroed on our system
  • Create a risk mapping that takes into account not only one parameter but the entire risk scope e.g an exposed server + it is housing sensitive data AND it has a known and exploitable vulnerability
  • Dashboards to consolidate the findings

Cons

  • We would like to see more system events such as cloudtrail events in Wiz, the current set of events is very limited and missing many key events
  • Mobile app

Likelihood to Recommend

Wiz is great when you are looking to get both high level AND in depth visibility into your system configuration and risks, the system usability is second to none, the UI is simple, support is great and they keep adding useful features to the system.
Wiz is less of a fit when it comes to investigations given the limited set of events it collects from audit logs
AL
Amit Levran
Head of Security in Information Technology at Sundaysky (51-200 employees)
Vetted Review
Wiz
1 year of experience

NextGen Cloud Security

Rating: 10 out of 10
Incentivized

Use Cases and Deployment Scope

Wiz is very good on CSPM along with rapidly catching up CWPP, ASPM which is enterprise needs.

Pros

  • CSPM
  • CWPP
  • UI/UX

Cons

  • Shorting on report on UI screen

Likelihood to Recommend

Graph API is very robust Wiz to provide holistic view on security prospective.
VU
Verified User
Professional in Information Technology (10,001+ employees)
Vetted Review
Wiz
1 year of experience

Wiz Elevating Cloud Security to New Heights

Rating: 10 out of 10
Incentivized

Use Cases and Deployment Scope

Wiz offers a comprehensive view of our cloud infrastructure through a unified interface. We utilize Wiz Cloud, Code, Sensor, and Defend to mitigate a variety of risks. These include the exposure of sensitive data, whether public or private within our network, vulnerabilities and outdated technologies, misconfigurations, malware, suspicious activities, and more.

Pros

  • Contextualizing risks
  • Eliminating isolated solutions
  • Restricting user access to view only the resources they manage

Cons

  • Better Project management - more options to group resources to a project when subscriptions is shared but resources are not tagged
  • Better way to tag in Wiz
  • Exception Management - Ability to track exception numbers submitted for resources and issues and bi-directional status updates (ServiceNow)

Likelihood to Recommend

Wiz is way ahead of each security domains than other vendors. Wiz integrates well and their roadmap is never ending with quick implementation.
VU
Verified User
Director in Information Technology (10,001+ employees)
Vetted Review
Wiz
3 years of experience

Wiz

Rating: 8 out of 10
Incentivized

Use Cases and Deployment Scope

We user it for Cloud Compliance, we monitor our score and try to evaluate the security controls to our baseline score. We also use the DataSecurity and External Exposure boards on a daily basis, and keep track of any alerts as they come in and reach out to the product team owners.

Pros

  • Data Security Posture Management
  • Separate scope by projects
  • And Vulnerability identification

Cons

  • Wiz does not store teh resolved date, which makes it harder for teams to run reports
  • There is no visibility into MTTR metrics or MTTD
  • Would love to see Wiz do automated metrics system

Likelihood to Recommend

The TAM's are really helpful, and they take the time out to really understand what you are trying to solve and help us out with building queries or resolve an error. And the DSPM feature is very helpful in my experience, I usually use the JSON tab to see if there are any firewall rules for that, instead of going the long route and checking in Azure. And also the GRAPHs that Wiz provides are quite helpful to get a clearer visibility into what we are looking at.
VU
Verified User
Engineer in Information Technology (1001-5000 employees)
Vetted Review
Wiz
1 year of experience

Wiz Cloud Security Simplified

Rating: 10 out of 10
Incentivized

Use Cases and Deployment Scope

We use Wiz to get a visibility over our cloud assets and define the gaps, risks, vulnerabilities, configuration drifts, Kubernetes security, secrets, Data Security, and a lot more. Wiz is an overall CSPM product that helps us define and point out the risk that we have as well as gain an overall visibility over all our cloud assets.

Pros

  • Cloud Configuration benchmarks
  • KSPM
  • DSPM
  • Container Security
  • Data visibility

Cons

  • Container Vulnerability
  • API Security
  • AI Security

Likelihood to Recommend

Wiz is the best out of box CNAPP/CSPM tool thats currently on the market.
KF
Kirolos Fame
Cloud Security Engineer in Engineering at Fiserv (10,001+ employees)
Vetted Review
Wiz
2 years of experience
Verified on LinkedIn

Wiz is really very much needed for cloud security.

Rating: 10 out of 10
Incentivized

Use Cases and Deployment Scope

We currently use Wiz primarily as a Cloud Security Posture Management (CSPM) tool to secure our cloud environments. We currently have the majority of our cloud infrastructure in the GCP environment, but also have some other resources in Azure and AWS. The primary reason for using Wiz is for our Platsec and SOC teams to monitor the threats and risks. Based on that, they reach out to the application teams for remediating those vulnerabilities and set up policies to alert them of any critical vulnerabilities. I believe without Wiz, our organization would be blind to some of the very crucial vulnerabilities, as we have thousands of projects on our cloud environment, which makes it impossible to track without Wiz.

Pros

  • Vulnerability scanning and remediation.
  • Reports.
  • Documentation on all the integrations.

Cons

  • Wiz sensor improvements.
  • Automation use cases for specific tasks based on organization needs.
  • AI use more better searching.

Likelihood to Recommend

We currently use Wiz primarily as a CSPM tool to secure our cloud environments. We currently have majority of cloud stuff in GCP environment but also have some other stuff in Azure and AWS. The primary reason of using Wiz is for our Platsec and SOC teams to monitor the threats and risks. Based on that they reach out to the application teams for remediating those vulnerabilities and set up policies to alert them of any criticals. I believe without Wiz our organization would be blind on some of the very critical vulnerabilities as we have thousands of projects on our cloud environment which makes it impossible to track without Wiz.
VU
Verified User
Analyst in Information Technology (10,001+ employees)
Vetted Review
Wiz
1 year of experience

The Cloud and Container Wizard of Oz.

Rating: 10 out of 10
Incentivized

Use Cases and Deployment Scope

Cloud and Container Security.

Pros

  • UI/UX
  • Real time monitoring.
  • Graph database for visualization.

Cons

  • API Security.
  • Wiz Code.
  • Tuning.

Likelihood to Recommend

Well-suited for anyone who is leveraging public cloud infrastructure or services.
VU
Verified User
Manager in Engineering (1001-5000 employees)
Vetted Review
Wiz
3 years of experience

Wiz is a notch above the rest.

Rating: 10 out of 10
Incentivized

Use Cases and Deployment Scope

We use Wiz for cloud vulnerability management, security detections, identifying misconfigurations, and aligning ourselves with our security frameworks. The business problems we aim to address are secure cloud configuration and vulnerability management. Being in the cloud, it is essential to identify all potential security gaps, misconfigurations, and issues that could compromise the environment.

Pros

  • Vulnerability Management.
  • Cloud Configuration.
  • Data Findings.
  • Cloud Exposure.
  • Compliance Posture.
  • Reporting

Cons

  • Jira Ticketing - I would like tickets for specific findings not just issues.
  • Quick and easy to use resource/asset Inventory.
  • More detailed attack path analysis.
  • Navigation is already great, but it is easy to get lost.

Likelihood to Recommend

Wiz does cloud security extremely well. We are able to efficiently work towards remediating vulnerabilities, misconfigurations, and other security issues. My primary concern is how tickets are created and to whom they are assigned. I would like to see a more granular approach to ticketing, rather than blanket coverage for an issue. I prefer to assign findings internally through our ticketing system; however, there is no option to create a ticket for a finding.
VU
Verified User
Team Lead in Information Technology (201-500 employees)
Vetted Review
Wiz
1 year of experience