Sold by: Wiz
Deployed on AWS
Free Trial
Vendor Insights
AWS Free Tier
Wiz provides an entirely new approach to cloud security that for the first time identifies the actual risks hidden in your cloud infrastructure.
4.7
Overview
Wiz performs a deep assessment of your entire cloud and then correlates a vast number of security signals to trace the real infiltration vectors that attackers can use to break in. Wiz also gives you the tools to bring your DevOps and development teams into the process to fix these risks, creating a culture of security in your cloud operations that results in a stronger, more secure cloud. For more information visit: https://www.wiz.io
Wiz provides custom pricing for customers via Private Offer. Please contact marketplace@wiz.io for a better understanding of our pricing model and products.
Highlights
- Covers every resource across your full cloud stack, multi-cloud environment using a 100% API approach that deploys in minutes.
- Models overlapping cloud policies, configurations, and compensating controls that interact in ways that are often unpredictable to calculate their end result.
- Maps all of the issues in your cloud together in a single graph database, revealing which of them combined pose the greatest risk.
Details
Sold by
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Trust Center
Access real-time vendor security and compliance information through their Trust Center powered by Drata. Review certifications and security standards before purchase.
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(7)
SOC2
ISO27001
AWS Security Specialization
GDPR
PCIDSS
FedRAMP
HIPAA
Pricing
Free trial
Try this product free according to the free trial terms set by the vendor.
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Wiz Essential | Protect 100 cloud workloads | $24,000.00 |
Wiz Advanced | Protect 100 cloud workloads | $38,000.00 |
Wiz Sensor | 100 Wiz Sensors. Add-on for Wiz Advanced | $28,000.00 |
Wiz Code | 100 Wiz Code Licenses. Add-on for Wiz Cloud | $58,500.00 |
Wiz Defend | Ingest 300 GBs of logs per month. Add-on for Wiz Advanced | $18,000.00 |
Vendor refund policy
Please contact us at info@wiz.io
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Support
Vendor support
Wiz provides custom pricing for customers via Private Offer. Please contact marketplace@wiz.io for a better understanding of our pricing model and products. tel:+01-240.823.5670
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
Top
10
In Application Development, Continuous Integration and Continuous Delivery, Security
Top
10
In Vulnerability and Patch Management, Data Governance
Top
25
In Observability, Software Development
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Multi-Cloud Resource Coverage
Covers every resource across the full cloud stack in multi-cloud environments using a 100% API approach with deployment in minutes.
Cloud Policy and Configuration Analysis
Models overlapping cloud policies, configurations, and compensating controls to calculate their combined end result.
Risk Correlation and Visualization
Maps all issues in the cloud infrastructure together in a single graph database to identify which combined issues pose the greatest risk.
Security Signal Correlation
Correlates a vast number of security signals to trace real infiltration vectors that attackers can exploit.
DevOps and Development Team Integration
Provides tools to integrate DevOps and development teams into the security risk remediation process.
Attack Surface Management
Aggregates comprehensive attack surface visibility across hybrid environments with external attack surface scans to provide 360-degree view of entire attack surface
Vulnerability Management
Delivers complete visibility across on-premise and remote endpoints to identify, communicate, and remediate vulnerabilities, misconfigurations, and risks
Cloud Security
Provides code-to-cloud protection for cloud-native applications with seamless CI/CD pipeline integration and agentless risk assessment based on reachability, exploitability, and potential impact
Next-Generation SIEM and XDR
Delivers accelerated detection and response with SaaS deployment, intuitive interface, out-of-the-box detections informed by MDR SOC, and built-in automation capabilities
Threat Intelligence
Delivers high-fidelity actionable threat intelligence infused with proprietary threat and vulnerability research from Rapid7 Labs and community-driven tools
Offensive Security Engine
Simulates external exploits to produce Verified Exploit Paths for prioritizing exposures that are reachable by outside attackers and reducing cloud attack surface.
Cloud Security Posture Management
Continuously monitors and manages security of AWS configurations to prevent public exposure and ensure compliance.
Secrets Scanning
Identifies more than 750 types of secrets across public and private repositories.
Cloud Infrastructure Entitlements Management
Detects and manages excessive or unused permissions to mitigate the risk of privilege escalation.
Real-Time Malware Detection
Detects malware including zero-days in milliseconds with scanning performed directly in cloud environment for object storage services like Amazon S3 and file storage services.
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
No security profile
No security profile
Standard contract
No
No
No
Customer reviews
Sanket-Shinde
Automated code scans have protected client data and improve secure deployments in our workflows
Reviewed on Apr 24, 2026
Review from a verified AWS customer
What is our primary use case?
My main use case for Wiz is in my report, where I use it when we push any code changes on GitHub . The DevOps team sets one pipeline that includes Wiz scanning. When we push any changes, if there are any vulnerabilities or security issues related to the code, Wiz raises a vulnerability that stops the pipeline execution and prevents deploying any changes. When we need to deploy, we fix those changes first and then proceed to deploy.
Wiz fits into our workflow as a very good tool, which I can affirm because of the many levels of scans they offer. As developers, we focus on completing tasks and may overlook security aspects, but we have a Wiz plugin in VS Code and IntelliJ IDEA. We run scans locally to fix any issues before pushing code to GitHub , ensuring that we resolve potential problems upfront.
Wiz is deployed in my organization through a private cloud setup, and as a developer, I use it with integration provided by the Infosec and DevOps teams during code changes and deployment processes.
What is most valuable?
The best features Wiz offers include its comprehensive scanning capabilities, which are essential for my work.
In addition to the good features, Wiz scanning is integrated into our repo. The DevOps team added that functionality, and the reporting aspect alerts us via email when vulnerabilities are raised, indicating deployment failures due to those issues. We receive timely notifications after deployment failures and have good integration with our DevOps team and pipelines, along with a user-friendly interface that provides details and hints for fixing vulnerabilities.
Wiz positively impacts my organization, especially since we are in the insurance sector where data security is paramount. Cybercriminals and cyberattacks are constant threats; thus, Wiz's scanning helps ensure we do not expose vulnerabilities, enhancing my organization's security and trust with clients.
Regarding specific outcomes or metrics, compliance has notably improved in my organization. With the Wiz plugin at the local level, we identify vulnerabilities before pushing changes, allowing us to fix them ahead of time. While I cannot claim faster development cycles outright, I can say that Wiz helps mitigate issues that might arise post-deployment, reducing pressure and ensuring security upfront.
What needs improvement?
While Wiz provides excellent data and reports, sometimes the suggested fixes for vulnerabilities are not always accurate based on our code compatibility. For example, if Wiz recommends upgrading from log4j to log8j but our code only supports log6j, this can lead to issues. Additionally, I suggest incorporating AI to provide real-time hints for fixing vulnerabilities during scans, as this would enhance usability significantly.
Regarding needed improvements in Wiz, the integration and usability are quite effective, though adding AI-driven features could significantly assist developers in addressing vulnerabilities more efficiently, thereby improving deployment times and adherence to deadlines.
For how long have I used the solution?
I have been using Wiz from last two years.
What do I think about the stability of the solution?
Wiz is stable and scalable, with no downtimes experienced during changes, ensuring that any vulnerabilities found are addressed without affecting my workflow.
How are customer service and support?
Customer support from Wiz is quite good. While I have not directly engaged with them, our Infosec and DevOps teams liaise with Wiz and receive prompt responses, indicating a positive experience overall.
I am unsure about post-sales support services and whether my organization utilizes them. We typically raise tickets through the DevOps team, which handles communication with Wiz, and I find that process works well.
Which solution did I use previously and why did I switch?
I am not certain about other solutions evaluated before Wiz, but we also use Snyk alongside Wiz. Both tools have their strengths, but I find Wiz to be more advantageous due to its detailed summaries and team support.
What was our ROI?
I have seen a return on investment with significant effort reduction, as Wiz vulnerabilities allow us to detect risks before cyberattacks can occur, building trust with my clients because we prevent sensitive data exposure.
What's my experience with pricing, setup cost, and licensing?
I do not have detailed information about pricing, setup costs, or licensing as I am just a user. However, I have heard the setup cost is low and that we subscribe on a yearly basis.
What other advice do I have?
Wiz reduces alert fatigue within my organization effectively, as we perform local scans before pushing changes to GitHub, which minimizes issues at the production level and alleviates the stress of resolving errors late in the deployment process.
Wiz runtime sensor effectively helps in identifying active threats, allowing us to recognize and address serious issues at the development and local levels before they reach production, thus ensuring security and reliability.
The cloud security democratization aspect of Wiz is significant, as it enhances my organization's security management by ensuring standards are upheld through local and repo-level scans, even though I do not manage cloud security directly.
My advice for others looking into using Wiz is that it is crucial for building trust with clients and securing products, as it addresses vulnerabilities effectively before production, thus helping prevent cyberattacks and enhancing organizational reputation.
My company only has a customer relationship with Wiz, and I do not have additional information regarding other business relationships they may have.
I rated this review 8.5 out of 10.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Nitish U.
Unmatched Cloud Security Capabilities with Wiz
Reviewed on Apr 13, 2026
Review provided by G2
What do you like best about the product?
No Product in cloud security can match Wiz capabilities. Wiz Dashboard, Wiz Findings, Wiz DSPM. Wiz data classification. Everything is awesome
What do you dislike about the product?
Pricing and Customer Support. Nothing in India
What problems is the product solving and how is that benefiting you?
A central bird’s-eye view of the entire clustered infrastructure. The contextual analysis helps with prioritization decisions, and it lets me map an issue across related components, from code to cloud.
Shivam S.
Intuitive Interface, Exemplary Support with Cloud Security
Reviewed on Apr 07, 2026
Review provided by G2
What do you like best about the product?
I really like the user interface of Wiz; it's really good and clean, making it easy for anyone to understand and navigate, even if they haven't used it before. The AI tool is also really good and helps us a lot. Setting up Wiz was really easy for us, and the Wiz team really supported us.
What do you dislike about the product?
fetching data from wiz is slow client library need to improve
What problems is the product solving and how is that benefiting you?
Wiz helps solve cloud security risks and compliance issues. Its user interface is clean, intuitive, and easy to navigate, even for new users, and the AI tool is notably effective in aiding us.
Einav F.
Easy Integration and Clear, Actionable Remediation
Reviewed on Apr 07, 2026
Review provided by G2
What do you like best about the product?
1.integration and implementation is easy and straightforward.
2.Insights, investigation, and remediation are straightforward to understand and easy to execute.
2.Insights, investigation, and remediation are straightforward to understand and easy to execute.
What do you dislike about the product?
Sometimes there’s just too much information displayed on the screen, which can feel a bit overwhelming.
What problems is the product solving and how is that benefiting you?
1. Vulnerability detection.
2. PCI and SOC2 compliance.
3. CI/CD pipeline issues.
4. Container-related issues.
5. EOL issues.
2. PCI and SOC2 compliance.
3. CI/CD pipeline issues.
4. Container-related issues.
5. EOL issues.
Verified User
Powerful CSPM with Robust API Support
Reviewed on Apr 07, 2026
Review provided by G2
What do you like best about the product?
I find Wiz extremely valuable as it provides an all-round view of our cloud components across different platforms. The Security Graph is very helpful, especially when I need to look up a cloud account or a resource, as it makes the process super easy. Connecting Wiz to other tools via API is quite helpful to extract data. Wiz offers better coverage compared to our previous tool, and its APIs are easy to use. Although the initial setup wasn't easy due to multiple connectors, the Wiz team was really helpful throughout the process.
What do you dislike about the product?
The API has limitations, like I cannot pull more than 10,000 events which in some cases becomes tedious. If I have an aggressive Graph QL Query, the event count becomes too high, so pulling out that data using APIs does not help when the count is above 10,000 events. So I have to break down my queries to not reach the count. It was not easy because there are multiple connectors but the Wiz team is really helpful.
What problems is the product solving and how is that benefiting you?
Wiz provides an all-round view of our Cloud components across platforms, making it easy to look up accounts and resources. The Security Graph is super helpful, and connecting via API is beneficial for data extraction.