The Picus Security Validation Platform
Picus SecurityReviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
223 reviews
from
and
External reviews are not included in the AWS star rating for the product.
A Must-Have Breach and Attack Simulation Platform for Continuous Security Validation
What do you like best about the product?
Picus Security provides an extremely practical and intelligent way to continuously assess and improve an organization’s security posture. Its extensive attack library, updated daily with real-world threat vectors, allows us to simulate adversary techniques in alignment with MITRE ATT&CK. The prevention and detection analytics are especially valuable—we can clearly see which controls are underperforming and take immediate, actionable steps. The UI is intuitive, the deployment is smooth, and integration with existing SIEM/SOAR/EDR tools is seamless. It's not just a BAS tool; it's a security operations enhancer.
What do you dislike about the product?
While the platform is generally very strong, the reporting module could benefit from more customization options—especially for tailoring reports to different stakeholders (e.g., executives vs. technical teams). Additionally, for highly segmented environments, agentless deployment options could be explored further to reduce friction in complex networks.
What problems is the product solving and how is that benefiting you?
Picus Security helps us continuously validate our security controls against real-world threats. It identifies gaps in both prevention and detection capabilities by simulating attack techniques mapped to MITRE ATT&CK. This allows our SOC team to respond faster, fine-tune our rules, and prioritize remediation efforts based on evidence. It brings continuous, data-driven assurance that our defenses are working as expected.
What business problems is Picus Security helping you solve?
We used to rely heavily on periodic assessments and manual red teaming, which were time-consuming and costly. Picus now allows us to automate this process and gain real-time insights into our security posture. It has significantly improved our incident readiness, reduced alert fatigue by highlighting ineffective rules, and helped justify security investments with measurable data.
What business problems is Picus Security helping you solve?
We used to rely heavily on periodic assessments and manual red teaming, which were time-consuming and costly. Picus now allows us to automate this process and gain real-time insights into our security posture. It has significantly improved our incident readiness, reduced alert fatigue by highlighting ineffective rules, and helped justify security investments with measurable data.
Picus provides a practical and efficient way to test and improve security controls.
What do you like best about the product?
I like that PİCUS Security makes it easy to simulate real-world cyber threats and evaluate the effectiveness of our security controls in a continuous and automated way.
What do you dislike about the product?
So far , I have not encountered any issues or negative aspects with Picus Security. My experience is positive overall.
What problems is the product solving and how is that benefiting you?
Picus helps us identify gaps in our security controls by simulating real world attacks. It also allows us to test whether our security products are configured correctly, which helps us proactively strengthen our defenses and improve overall cuber readiness.
Picuse vey nice product
What do you like best about the product?
What I like best about Picus Security is its proactive approach to cybersecurity through continuous security validation. Unlike traditional security tools that often take a reactive stance, Picus allows organizations to simulate real-world attacks and identify gaps in their defenses before they can be exploited. I’m particularly impressed by the comprehensiveness of its threat library and how quickly it incorporates the latest attack techniques. Additionally, the seamless integration with existing security infrastructure and the actionable mitigation insights make it an invaluable tool for both red and blue teams. It helps create a true culture of cyber resilience.
What do you dislike about the product?
While Picus Security is a highly effective platform, one area that could be improved is the learning curve for new users. Due to the platform's wide range of features and technical depth, it can take some time for security teams to fully understand and utilize all of its capabilities. Additionally, while the threat library is impressive, occasional updates may lag slightly behind newly emerging attack techniques. That said, these are relatively minor concerns, and the value the platform provides far outweighs these challenges.
What problems is the product solving and how is that benefiting you?
Picus Security addresses a major gap in traditional cybersecurity: the inability to continuously validate security controls against real-world threats. In many environments, security teams rely heavily on theoretical protection—trusting that their tools are working as expected. Picus solves this by simulating real attack scenarios and highlighting exactly where defenses are lacking.
For me, the biggest benefit is the visibility it provides. I no longer have to guess whether our controls will hold up under real attacks—we can test, measure, and improve proactively. The automated mitigation recommendations also save a significant amount of time for our blue team, helping us prioritize and act faster. Ultimately, Picus improves our overall security posture and builds confidence in our resilience.
For me, the biggest benefit is the visibility it provides. I no longer have to guess whether our controls will hold up under real attacks—we can test, measure, and improve proactively. The automated mitigation recommendations also save a significant amount of time for our blue team, helping us prioritize and act faster. Ultimately, Picus improves our overall security posture and builds confidence in our resilience.
Great Platform that provides BAS technology.
What do you like best about the product?
Picus Security helps organization to continuously test, monitor and improve cybersecurity defences.
What do you dislike about the product?
I faced problem when accessing data from API. The commands were not working properly and needed a developer to fix the command.
What problems is the product solving and how is that benefiting you?
Picus helps solving the critical problem of not knowing if our security controls are actually working as it supposed to work.
Easy to implementation and integration
What do you like best about the product?
PICUS is regarded as a mature, practical, and customer-oriented BAS platform that significantly aids in proactive security validation and continuous improvement of defenses. Its ease of use, comprehensive threat simulation, and strong support are standout features that together deliver a very good overall experience
What do you dislike about the product?
Integration with third-party security tools can sometimes fail or require manual intervention to resolve issues
What problems is the product solving and how is that benefiting you?
Picus Security helps users gain accurate, up-to-date insights into their security posture, enabling more effective prioritization, remediation, and confidence in their defenses against evolving cyber threats.
My feedback on Picus
What do you like best about the product?
1.They are very good at providing instant support.
2.All team members are qualified and capable
3.They take feature requests seriously and are open to continuous improvement
2.All team members are qualified and capable
3.They take feature requests seriously and are open to continuous improvement
What do you dislike about the product?
There’s nothing negative to report, and their support is outstanding.
What problems is the product solving and how is that benefiting you?
Because Picus is an attack simulation tool, they have expertise in both application-level details and vendor solutions, so we’re able to receive support on a wide range of topics.
Vendor Specific Mitigations for Simulated Threats
What do you like best about the product?
I like the ease of deployment, the integrations and/ or implementation are easy, and the vendor-specific mitigations that it provides are great. I have frequently used the tool and done POCs for various customers, and in case I get stuck, the Customer support is impeccable.
What do you dislike about the product?
I have only worked on the SCV and APV modules, and they are truly great. Other modules I have not worked on so I may not be able to identify the dislikes
What problems is the product solving and how is that benefiting you?
Most of my customers depended on Red and Blue teamers for assessing the gaps, and it was also a manual process that took a long time and yielded low results.
I love the automation that Picus BAS provides and the continuous simulation process, where the in-house engineers can do the simulation and also learn at the same time.
I love the automation that Picus BAS provides and the continuous simulation process, where the in-house engineers can do the simulation and also learn at the same time.
Door Opener to Great Conversations
What do you like best about the product?
Value from the solution can be seen in couple of hours.
Vendor specific mitigation is pinpoint and useful.
Good price point.
Support is fast.
Vendor specific mitigation is pinpoint and useful.
Good price point.
Support is fast.
What do you dislike about the product?
Nothing yet, they are developing/fixing quite fast if there are any gaps.
What problems is the product solving and how is that benefiting you?
Fixing gaps in security controls on a daily basis.
Picus Security
What do you like best about the product?
With its continuous security validation through real-world attack simulations, Picus empowers security teams to identify and close gaps before adversaries can exploit them.
Its deep integration with the MITRE ATT&CK framework provides unmatched visibility into which tactics and techniques your defenses can or cannot detect — turning abstract threats into actionable insights.
Unlike many other platforms, Picus doesn’t just point out weaknesses — it goes further by offering remediation guidance and even ready-to-deploy detection content for SIEM, EDR, and firewall systems.
For SOC teams, this means faster time-to-response, improved detection engineering, and a measurable way to prove security efficacy.
Picus isn’t just a validation tool — it’s a strategic enabler for building resilient, threat-aware defense systems. Highly recommended for any organization that takes cyber readiness seriously.
Its deep integration with the MITRE ATT&CK framework provides unmatched visibility into which tactics and techniques your defenses can or cannot detect — turning abstract threats into actionable insights.
Unlike many other platforms, Picus doesn’t just point out weaknesses — it goes further by offering remediation guidance and even ready-to-deploy detection content for SIEM, EDR, and firewall systems.
For SOC teams, this means faster time-to-response, improved detection engineering, and a measurable way to prove security efficacy.
Picus isn’t just a validation tool — it’s a strategic enabler for building resilient, threat-aware defense systems. Highly recommended for any organization that takes cyber readiness seriously.
What do you dislike about the product?
While Picus Security is a powerful platform, there are a few considerations to keep in mind:
The licensing cost may be relatively high for small to mid-sized organizations.
As the number of integrated systems increases, the initial setup and configuration can become more complex and time-consuming — but it’s absolutely worth it.
That said, these limitations are generally manageable with proper planning and expert support.
The licensing cost may be relatively high for small to mid-sized organizations.
As the number of integrated systems increases, the initial setup and configuration can become more complex and time-consuming — but it’s absolutely worth it.
That said, these limitations are generally manageable with proper planning and expert support.
What problems is the product solving and how is that benefiting you?
One of the biggest challenges I faced was not knowing how effective our security controls really were — we had SIEM alerts, firewall rules, EDR agents in place, but no real way to validate if they would detect or block actual attacks.
Picus Security solved that problem.
By continously simulating real world threats, it helped me a lot by:
Idetifying gaps in our detection and prevention layers that I wasn't even aware of.
Gain quantifiable evidence of how secure/exposed actually we were.
Prioritize remediation efforts based on real attack techniques. No more dreaming and guessing, always head me to the right direction.
Fine tuning of SIEM rules and correlation logic with Pcius' ready to use detection content.
Justify security investments to leadership with concrete, visual results.
Long story short, Picus helped us turn our security posture from reactive to proactive.
Picus Security solved that problem.
By continously simulating real world threats, it helped me a lot by:
Idetifying gaps in our detection and prevention layers that I wasn't even aware of.
Gain quantifiable evidence of how secure/exposed actually we were.
Prioritize remediation efforts based on real attack techniques. No more dreaming and guessing, always head me to the right direction.
Fine tuning of SIEM rules and correlation logic with Pcius' ready to use detection content.
Justify security investments to leadership with concrete, visual results.
Long story short, Picus helped us turn our security posture from reactive to proactive.
A Smart Way to Understand and Disrupt Attack Paths
What do you like best about the product?
What I love most about Picus Security is how effortlessly it brings real attack scenarios to life, turning complex threats into clear, actionable insights that help us feel more in control of our security daily. Their customer support is exceptional—always responsive, knowledgeable, and committed to helping us succeed.
What do you dislike about the product?
While Picus Security delivers great value overall, there are occasional areas, such as advanced configurations for specific scenarios, where we’d love to see even more flexibility. That said, the team is always receptive to feedback and continuously improves the platform.
What problems is the product solving and how is that benefiting you?
Picus Security helps us enhance and partially automate our penetration testing processes. Instead of relying solely on periodic manual tests, we now have continuous visibility into potential attack paths and control weaknesses. This not only saves time and resources but also helps us stay one step ahead by identifying risks before they can be exploited.
showing 181 - 190