
WIZ Cloud Infrastructure Security Platform
From Noise to Real Risk with Wiz
Another thing I really appreciate is the overall depth of the platform without it feeling too heavy to use. Features like data security insights, contextual vulnerability details, and built‑in remediation guidance are genuinely useful.
The Advanced license adds a lot of value, and the Outpost setup is important for us because it allows sensitive data processing to stay within our environment while Wiz mainly works on metadata. On top of that, the support from our TAM has been excellent, very responsive and hands‑on, especially during onboarding and tuning phases.
Since the platform evolves quickly, some features are still maturing and from time to time that can lead to minor instability or changes in behavior that require adjustment. Also, because it provides so much visibility, it can feel a bit overwhelming at first until you fine‑tune filtering and prioritisation. That said, once everything is properly set up, it becomes much easier to manage and the value is very clear.
It’s also very useful for improving collaboration between security and engineering teams. Findings can be scoped, contextualized, and shared in a way that makes remediation more practical and easier to track. In addition, the platform helps with ongoing posture management and compliance by providing continuous visibility, which makes it easier to identify gaps early and avoid reactive work.
Concise, Precise Risk Detection with Automated Triage Agents
Simplifying Cloud Security and Risk Prioritization
Easy to Configure, Reliable, and Consistently High-Performing
Straightforward, Easy-to-Navigate Interface
Easy Website Creation and Launch with a Full Suite of Marketing Tools
Unified cloud views have simplified finding infrastructure vulnerabilities and identity risks
What is our primary use case?
What is most valuable?
The UI is what I appreciate most about Wiz; the interface is really easy and not clunky. You can create many dashboards and a personal page for all the vulnerabilities you are trying to find. When it comes to your systems, users, and applications, having all of those attachments to your different platforms and being able to have the scans go throughout the platforms while pulling those vulnerabilities is really helpful with a nice user interface.
Wiz brings great integration into GCP resources, which is crucial for my previous organizations that were very heavily GCP-based. Wiz has seamless integration into GCP, AWS, Azure, Okta, and other large cloud platforms and SaaS platforms.
Wiz allows you to consolidate tools, but not all tools. It does not handle the nuanced type of tools, but the major tools it does allow you to consolidate from my experience.
The main advantage of Wiz is its user interface. A good interface makes it easy for engineers to not get fatigued from working with so much data and ensures it is not clunky-looking, as it is hard to identify issues. You want something that is visually appealing to identify risk, and having a good UI presents a huge benefit.
What needs improvement?
I would want to see Wiz improve by connecting to other major platforms agnostically, with the ability to connect to other platforms without needing to do too much integration. It requires a lot of alignment with different platforms for it to function properly.
I am not sure if Wiz has reduced alert fatigue in my organization, as I have not really looked into that aspect.
Wiz is not agnostic compared to other competitors in the market. If you want to add a new integration to another platform, it does not have an easy plug-and-play option for whatever platform. It requires integration to the proper tooling, and that is only from my experience with it.
For how long have I used the solution?
My experience with Wiz began six months ago.
What do I think about the stability of the solution?
I have not had any crashes, downtimes, or performance issues with Wiz.
What do I think about the scalability of the solution?
I find Wiz scalable and have tried to scale it up and out.
How are customer service and support?
I evaluate the customer service and technical support of Wiz as pretty useful. At my last company, we were able to have weekly calls with Wiz to talk about new updates and remediate any issues that we had. I would rate the technical support an eight on a scale of one to ten.
Which solution did I use previously and why did I switch?
I have used Exonius, but that is not a cloud posture platform; it is more of a logging platform or monitoring platform. I probably have used others, but I do not remember their names.
How was the initial setup?
Onboarding with Wiz is straightforward. I find it easy to teach myself how to use it, and I was able to figure it out within a week or two of just exploring it inside of Wiz.
What about the implementation team?
I was not involved in the setup deployment of Wiz.
What other advice do I have?
I have not utilized Wiz Defend. I do not use Wiz Code in my operations. I have not used the AI Posture Management in Wiz, but I have used Posture Management, though I only used it for a few weeks in the beginning.
I find Wiz Posture Management pretty beneficial in my overall cloud security strategy, as everything is in the cloud. Many companies use cloud resources, so I think it is pretty beneficial.
I have not utilized Wiz Runtime Sensor, as I am more infrastructure, networking, and compute-related, so I have not been involved in application risk and have not really used the runtime features for Wiz.
Wiz has not helped my organization achieve zero criticals in its issue queues. There are many critical issues that come up regularly, and having to tackle them means sometimes those critical issues cannot be resolved because of architectural issues. If you resolve it, there will be an issue within the architecture, so I do not think I have ever seen the critical issues get down to zero.
Regarding the cloud security democratization aspect of Wiz, I have only used it here and there for infrastructure-related items and touched some other cloud-related items, but from my scope, I do not think I have seen the actual impact it has on our entire team or organization. When I used it, I was a level one engineer, so I did not get to see the entire scope of its impact.
I have not used Wiz recently, but from my memory of using it, I did appreciate the identity platform and think that they should expand more into the identity area and make it more seamless for items such as RBAC or non-human identities.
I am not entirely sure how my latest company purchased Wiz, but my first company that I used it with bought it through Google's Marketplace.
I was not using Wiz post-sales support services.
My overall rating for Wiz is an eight out of ten.
Comprehensive cloud security has improved visibility and enabled precise threat response
What is our primary use case?
For example, if we have a cloud resource that has an Amazon GuardDuty alert, we will use Wiz to ingest the log, and we review it for security reasons and use that information in our alerting pipeline. Wiz is where we ingest all the information and logs.
My main use case is to scan cloud infrastructure for misconfigurations, issues, security threat intelligence, and more.
What is most valuable?
For example, we use many other automation tools that need to integrate with Wiz, and through the graph API or GraphQL API, we are able to call Wiz in a very specific way where if we want to automate anything, it is possible via their API.
There is a variety of features per team, such as cloud security, AI security, security operations center, and more.
Wiz has positively impacted my organization by stopping security incidents, giving us full visibility in our cloud environments, and providing us with the confidence that we can use the tool not just for security but also for operations tooling, DevOps, code scanning, and all of the above.
We have seen specific outcomes and information improve as a result, and we have definitely narrowed down more incidents that we might need to take care of with the tooling, which has given us wider visibility compared to when we did not have it.
Wiz allowed us to consolidate tools, and on the issues it gives us from the top level down—critical to informational—we are able to fully prioritize the things that are most important due to that capability.
What needs improvement?
The pricing is out of control, but when it comes to the actual functionality of the tool, the tool is great.
On a scale of one to ten, I would rate Wiz an eight. I rate it an eight because internally, they have specific people who want to bulldoze you when it comes to signing agreements that are much higher priced than the value that you get. Wiz is great. Some people are great and some are not, so they are a little bit less willing to work with customers on their specific needs regarding things such as pricing versus other tools.
For how long have I used the solution?
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
How are customer service and support?
Which solution did I use previously and why did I switch?
How was the initial setup?
What about the implementation team?
What was our ROI?
What's my experience with pricing, setup cost, and licensing?
Which other solutions did I evaluate?
What other advice do I have?
My impression of the cloud security democratization aspect of the product is that it is one of the best sources of truth we have. It is extremely impactful on the organization, so it is definitely a tool we are going to use if the pricing is right.
We have gone through three technical account managers and have decided not to renew.
My advice to others looking into using Wiz is to make sure that you are working with the right account team, set up all of your integrations correctly, and take your time during your proof of value.
Wiz is a great tool, and we will continue to use it over time. I rate Wiz an eight out of ten overall.