Wiz Runtime Sensor

What do you like best about the product?

UI / UX
Wiz replaces traditional flat CVE lists with an intuitive Security Graph. It maps actual attack paths, showing how vulnerabilities, internet exposure, and permissions intersect to form true risks. Dashboards are clean, modern, and leadership-ready.

Integrations
The agentless, API-driven architecture connects AWS, Azure, and GCP tenants in minutes without impacting production. It also integrates smoothly into CI/CD pipelines and IaC (Terraform) to catch secrets and misconfigurations pre-deployment.

Performance
Operating out-of-band via cloud snapshots ensures zero impact on workload performance. Scanning is fast, comprehensive, and completely eliminates the deployment friction and stability risks of traditional host agents.

Pricing / ROI
Wiz is a premium enterprise investment with a steep price tag at scale. However, the ROI is realized through immediate tool consolidation (CSPM, CIEM, vulnerability scanning) and a massive reduction in alert noise, saving engineering teams countless hours.

Support / Onboarding
Time-to-value is nearly instant; you get full environment visibility on day one. The onboarding framework allows for a seamless, phased rollout. Customer support is highly proactive and technically sharp when dealing with complex enterprise setups.

AI / Intelligence
Its AI-SPM capabilities excel at discovering "Shadow AI"—automatically mapping out unmanaged models and training data. The built-in AI assistant also allows analysts to query the security graph using natural language for rapid triaging.

G2 Summary: Wiz is a top-tier CNAPP that eliminates tool sprawl and security friction. While it is a significant financial commitment, the ability to prioritize "toxic combinations" rather than endless alerts makes it indispensable for large-scale, multi-cloud environments.

What do you dislike about the product?

While Wiz excels at high-level cloud visibility, the day-to-day operational reality introduces a frustrating amount of noise through false positives, particularly within application runtimes.

The primary issue stems from how Wiz analyzes vulnerabilities in container images and runtime environments. The platform frequently flags vulnerabilities in libraries that are technically present inside a container or file system, but are completely untouched, unimported, and unused by the running application.

When security dashboards fill up with these "phantom" risks, it creates friction between the security and platform engineering teams. Developers end up wasting time investigating and "fixing" vulnerabilities that pose zero actual runtime risk to the active application.

While the agentless snapshot model is fantastic for initial deployment, the platform needs to become more precise. It should correlate package presence with actual runtime execution paths or active memory loading before raising the alarm. Until Wiz can distinguish between an idle file on a disk and a library that is actually exposed in the application execution path, teams will continue to experience alert fatigue and strained internal relationships during remediation sprints.

What problems is the product solving and how is that benefiting you?

What problems is Wiz solving and how is that benefiting you?
The Problems Wiz Solves
Before Wiz, our security posture suffered from three major issues: overwhelming alert fatigue, delayed feedback loops for developers, and a lack of true context. Traditional scanners would flood us with thousands of flat CVEs, treating an isolated, unexploitable bug the same as an exposed critical risk. This created massive friction between our security and engineering teams and slowed down deployment cycles.

How It Benefits Us
Focussing on the Right Things for Remediation
Wiz completely eliminates the noise by mapping our entire multi-cloud environment onto a single Security Graph. Instead of chasing thousands of minor alerts, it surfaces "toxic combinations"—the exact intersection of a vulnerability, public internet exposure, and an over-privileged role. This risk prioritization means our cloud and engineering teams focus only on the critical attack paths that actually matter, saving countless hours of wasted engineering effort.

Proactive Shift-Left Prevention with Wiz CLI
Wiz doesn't just catch risks after they are live in production; it helps us prevent them from happening in the first place. By integrating Wiz CLI directly into our CI/CD pipelines and Infrastructure as Code (IaC) templates, developers can scan their Terraform code and container images locally or during build time. This allows us to catch misconfigurations and exposed secrets early, blocking risky code before it ever gets deployed.

Streamlined Cloud-Native Remediation
Wiz bridges the gap between identifying a problem and fixing it. Its built-in remediation workflows provide clear, actionable context and guided steps directly to the engineers responsible for the infrastructure. By delivering precise, context-rich findings down to the specific cloud native resource or container image, it accelerates our time-to-remediate and empowers our teams to maintain a highly secure cloud posture autonomously.

What do you like best about the product?

What I like best about Wiz is its ability to provide risk-based visibility across our cloud environment in a way that is actionable for both security and engineering teams.

The most valuable aspect is the contextual risk prioritization. Rather than managing large volumes of findings, Wiz helps us focus on the exposures that matter most and drive remediation where it has the greatest impact.

The platform is intuitive, scales well, and provides strong executive-level visibility into cloud risk. We've also found the AI capabilities helpful in accelerating investigations and understanding complex attack paths and security findings.

What do you dislike about the product?

As with any mature security platform, there is a significant breadth of functionality, which can create a learning curve for new users. While the platform does a strong job of contextualizing risk, some of the more advanced capabilities and reporting options could be simplified further to accelerate adoption across broader technical teams.

As our cloud environment continues to evolve, I would also welcome continued investment in AI-driven recommendations and automation to further reduce investigation and remediation effort. These are relatively minor considerations, however, compared to the overall value the platform delivers.

What problems is the product solving and how is that benefiting you?

Wiz helps us address one of the biggest cloud security challenges: gaining clear visibility into risk across a rapidly evolving cloud environment while enabling teams to move quickly.

Before Wiz, it was more difficult to correlate vulnerabilities, misconfigurations, exposed assets, and identity risks to understand which issues required immediate attention. Wiz provides the context needed to prioritize remediation based on actual risk, improving collaboration between security and engineering teams and allowing us to focus resources where they have the greatest impact.

From a business perspective, this has improved our ability to manage cloud risk at scale, strengthen our security posture, and provide leadership with better visibility into our overall risk landscape. The result is a more efficient and risk-informed approach to cloud security without slowing down innovation.

What do you like best about the product?

Wiz is an incredible company. Their solutions have hit the right mark between visual representation of data, and actual technical insights. I've been incredibly impressed by it's balance of usability and powerful information. I've used a few different providers in the cloud security space, and Wiz is definately the leader for me.

What do you dislike about the product?

It can sometimes be hard to understand what new features I should be exploring. They incrementally improve the products at a fast rate, and it can be hard to keep up.

What problems is the product solving and how is that benefiting you?

Full cloud security coverage across our multiple cloud platforms.

What do you like best about the product?

Wiz has made a big difference in how we approach cloud security. What I like most is how easy it is to get a complete, unified view of everything across our cloud environment without needing to deploy agents everywhere. The platform does a great job of connecting the dots between vulnerabilities, misconfigurations, and exposures, so instead of chasing a flood of alerts, we can focus on the issues that actually pose real risk. That context has really helped us prioritize and move faster when it comes to remediation.

What do you dislike about the product?

The platform can feel a bit overwhelming at first, and there’s a learning curve to fully understand the depth of features and data.

Pricing can be on the higher side to similar tools.

What problems is the product solving and how is that benefiting you?

Wiz is helping us solve the challenge of getting clear, end-to-end visibility across our cloud environment. Instead of dealing with multiple tools and a high volume of disconnected alerts, Wiz brings everything into a single platform.

The biggest benefit is speed and efficiency. Our team spends less time chasing noise and more time focusing on meaningful remediation. It’s also improved collaboration across security and engineering teams since everyone is working from the same data and insights, which helps us address issues faster and more effectively.

What do you like best about the product?

Agentless, quick to set up, no headaches. Best part: it doesn't drown you in alerts - it shows real attack paths, so you know what to fix first. The AI side is interesting and potentially in high demand - Mika answers tricky security questions and pulls reports in plain language, and the new agents (Green, Red, Blue) hint at where this is all heading.

What do you dislike about the product?

Licensing for WIZ Cloud and WIZ Code is the weak spot - it's rigid and not transparent enough, and figuring out what you actually need (and what it'll cost) takes more effort than it should.
Reporting could be more flexible. You also can't assign owners for fixing vulnerabilities, which makes remediation harder to track.

What problems is the product solving and how is that benefiting you?

One clear view across our cloud, with the noise filtered out, so a small team can focus on the risks that actually matter - less manual digging, faster fixes.

What do you like best about the product?

One of Wiz’s biggest advantages is its agentless deployment model

What do you dislike about the product?

Alert noise requires some tuning after deployment

What problems is the product solving and how is that benefiting you?

can gained visibility quickly over our cloud environment ( Azure in our case) without requiring extensive endpoint installations or infrastructure changes.

What do you like best about the product?

Wiz has been easy to adopt and get started with. Their release schedule is also something to look forward to, with new relevant features coming out frequently.

What do you dislike about the product?

While initial adoption is easy, there can be at times too much data. Also, while the platform provides good visibility, other reporting relies on exporting csv's, which takes manual work to make presentable.

What problems is the product solving and how is that benefiting you?

Increased visibility and better MTTR.

What do you like best about the product?

Very detailed and useful information that provides real insight for security enhancement.

What do you dislike about the product?

Query and filtering in pages, even though the AI search is very good

What problems is the product solving and how is that benefiting you?

Wiz helps solve a visibility problem for us by providing clear insights into what we should fix first.

What do you like best about the product?

The visual graphs created by the platform is a game changer. The capability to provide issues on multiple platforms allow us to quickly identify concerns in much short period of time. Also, Wiz team is amazing with a pre and post-sales support that I did not get from other vendors without additional price (yes, no premium support packages required)

What do you dislike about the product?

Price might be a road blocker for some organizations, although Wiz was very flexible on their cost allowing us to proceed with the purchase even if without specific budget allocation

What problems is the product solving and how is that benefiting you?

Wiz help us to have visibility on where we didn't have, allowing a quick assessment with the minimum effort.
Some of the issues Wiz helped us was to identify configuration issues that would not be visible on regular manual or even with other tools

What do you like best about the product?

The platform evolves rapidly with new features and capabilities, enabling coverage of an increasingly broader range of attack surfaces.

What do you dislike about the product?

It is a fairly complex system with many pages, and some of the information appears to overlap or is not organized clearly enough.

What problems is the product solving and how is that benefiting you?

Provides comprehensive visibility into our cloud and code security posture, with intelligent triaging, actionable security recommendations, and the guidance needed to strengthen our environment as we scale rapidly.