Sold by: WizÂ
Deployed on AWS
Free Trial
Vendor Insights
AWS Free Tier
Wiz provides an entirely new approach to cloud security that for the first time identifies the actual risks hidden in your cloud infrastructure.
4.7
Overview
Wiz performs a deep assessment of your entire cloud and then correlates a vast number of security signals to trace the real infiltration vectors that attackers can use to break in. Wiz also gives you the tools to bring your DevOps and development teams into the process to fix these risks, creating a culture of security in your cloud operations that results in a stronger, more secure cloud. For more information visit: https://www.wiz.ioÂ
*Wiz provides custom pricing for customers via Private Offer. Please contact marketplace@wiz.io for a better understanding of our pricing model and products.
Highlights
- Covers every resource across your full cloud stack, multi-cloud environment using a 100% API approach that deploys in minutes.
- Models overlapping cloud policies, configurations, and compensating controls that interact in ways that are often unpredictable to calculate their end result.
- Maps all of the issues in your cloud together in a single graph database, revealing which of them combined pose the greatest risk.
Details
Sold by
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Trust Center
Access real-time vendor security and compliance information through their Trust Center powered by Drata. Review certifications and security standards before purchase.
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(7)
ISO27001
SOC2
AWS Security Specialization
GDPR
PCIDSS
FedRAMP
HIPAA
Pricing
Free trial
Try this product free according to the free trial terms set by the vendor.
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Wiz Essential | Protect 100 cloud workloads | $24,000.00 |
Wiz Advanced | Protect 100 cloud workloads | $38,000.00 |
Wiz Sensor | 100 Wiz Sensors. Add-on for Wiz Advanced | $28,000.00 |
Wiz Code | 100 Wiz Code Licenses. Add-on for Wiz Cloud | $58,500.00 |
Wiz Defend | Ingest 300 GBs of logs per month. Add-on for Wiz Advanced | $18,000.00 |
Vendor refund policy
Please contact us at info@wiz.ioÂ
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Support
Vendor support
Wiz provides custom pricing for customers via Private Offer. Please contact marketplace@wiz.io for a better understanding of our pricing model and products. tel:+01-240.823.5670
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
Top
10
In Application Development, Continuous Integration and Continuous Delivery, Security
Top
10
In Vulnerability and Patch Management, Data Governance
Top
25
In Observability, Software Development
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Cloud Infrastructure Scanning
"Performs comprehensive assessment across entire cloud infrastructure using 100% API-based approach with rapid deployment"
Risk Correlation Mechanism
"Correlates multiple security signals to trace potential infiltration vectors and identify complex attack paths"
Multi-Cloud Support
"Provides unified security coverage across diverse cloud environments and resource types"
Policy Interaction Modeling
"Analyzes overlapping cloud policies, configurations, and compensating controls to predict complex security interactions"
Graph-Based Visualization
"Generates comprehensive cloud security mapping using graph database to reveal interconnected security issues and risk relationships"
Attack Surface Management
Aggregates comprehensive attack surface visibility across hybrid environments with external attack surface scans to build a dynamic, 360-degree view
Cloud Security
Provides code-to-cloud protection for cloud-native applications with seamless CI/CD pipeline integration and real-time, agentless risk assessment
Threat Intelligence
Delivers high-fidelity, actionable threat intelligence sourced from proprietary threat and vulnerability research with community-driven tools
Vulnerability Management
Offers complete visibility across on-premise and remote endpoints to identify, communicate, and remediate vulnerabilities and misconfigurations
Security Automation
Enables acceleration and streamlining of time-intensive processes through customizable workflows and plugins without requiring coding expertise
Cloud Security Posture Management
Agentless CNAPP with comprehensive asset inventory, graph explorer, and security configuration scanning
Threat Detection Engine
AI-powered real-time protection for cloud workloads, servers, VMs, and containers across multi-cloud environments
Infrastructure as Code Scanning
Automated scanning of infrastructure configurations for security vulnerabilities and misconfigurations
Cloud Object Storage Protection
AI-powered malware detection for cloud storage platforms with millisecond scanning and automated remediation actions
AI Model Security
Security monitoring and protection for AI models and pipelines deployed on cloud AI services with advanced threat detection capabilities
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
No security profile
No security profile
Standard contract
No
No
No
Customer reviews
Marcel Velica
Unified cloud visibility has transformed our risk prioritization and reduced alert fatigue while improving collaboration across security and DevSecOps teams
Reviewed on Nov 29, 2025
Review from a verified AWS customer
What is our primary use case?
My main use case for Wiz includes utilizing Wiz Code , Wiz Defend , and Wiz Cloud Security Posture Management.
A quick specific example of how I use Wiz Cloud Security Posture Management in my day-to-day work is analyzing all the issues we see within the cloud and infrastructure as a code over our SOC team and security engineering.
I have been using Wiz during these years and think it is a great product; I can review in depth when the need is being requested, and I have been doing POCs of other vendors out there compared with Wiz.
I did create a custom dashboard in Wiz, and my experience with it is that it works well, has a flexible widget system, good query-based customization, and easy cloning for multi-team environments, but it could work better with limited visualization types.
Wiz runtime sensor has helped in identifying active threats more effectively compared to previous solutions by providing increased visibility and accuracy, especially when correlating runtime behavior with cloud posture; it offers better context around runtime activity, faster detection of critical threats, improved detection accuracy, increased visibility across assets we previously missed, and stronger support for incident response, with the overall impact rated 10 out of 10.
Before adopting Wiz, we relied on multiple disconnected tools for CSPM, vulnerability scanning, and infrastructure as a code review, which each provided partial visibility; Wiz replaced most of these functions with one unified security graph that brings together configuration, risk, identity, workload vulnerability, data sensitivity, and exposure path in one way.
A quick specific example of how I use Wiz Cloud Security Posture Management in my day-to-day work is analyzing all the issues we see within the cloud and infrastructure as a code over our SOC team and security engineering.
I have been using Wiz during these years and think it is a great product; I can review in depth when the need is being requested, and I have been doing POCs of other vendors out there compared with Wiz.
I did create a custom dashboard in Wiz, and my experience with it is that it works well, has a flexible widget system, good query-based customization, and easy cloning for multi-team environments, but it could work better with limited visualization types.
Wiz runtime sensor has helped in identifying active threats more effectively compared to previous solutions by providing increased visibility and accuracy, especially when correlating runtime behavior with cloud posture; it offers better context around runtime activity, faster detection of critical threats, improved detection accuracy, increased visibility across assets we previously missed, and stronger support for incident response, with the overall impact rated 10 out of 10.
Before adopting Wiz, we relied on multiple disconnected tools for CSPM, vulnerability scanning, and infrastructure as a code review, which each provided partial visibility; Wiz replaced most of these functions with one unified security graph that brings together configuration, risk, identity, workload vulnerability, data sensitivity, and exposure path in one way.
What is most valuable?
The standout features of Wiz that make it valuable for me include good multi-cloud environment support, data governance, shadow IT detection, DevSecOps governance, automation, level reporting, threat detection, and good infrastructure detection.
Wiz has positively impacted my organization by implementing zero trust authorization, providing good reporting that shows the top attack path, critical assets, overall risk posture, and demonstrating AI and ML workload capabilities towards my team, as well as good infrastructure detection and vulnerability detection accuracy with security posture management at massive scale and identity exposure. There is a massive reduction in risk exposure, immediate visibility across the entire cloud estate, reduced noise and better prioritization, stronger DevSecOps collaboration, continuous compliance instead of ad hoc panic, faster incident response with real context, significant cost savings through tool consolidation, and stronger AI and data governance.
Wiz has positively impacted my organization by implementing zero trust authorization, providing good reporting that shows the top attack path, critical assets, overall risk posture, and demonstrating AI and ML workload capabilities towards my team, as well as good infrastructure detection and vulnerability detection accuracy with security posture management at massive scale and identity exposure. There is a massive reduction in risk exposure, immediate visibility across the entire cloud estate, reduced noise and better prioritization, stronger DevSecOps collaboration, continuous compliance instead of ad hoc panic, faster incident response with real context, significant cost savings through tool consolidation, and stronger AI and data governance.
What needs improvement?
Wiz can be improved with better maturity in code scanning and developer workflows, expanding secret detection to full lifecycle management, stronger IAMÂ across multi-account environments, more transparent attack path scoring and risk modeling, improved AI and ML security scanning, reduced false positives in runtime threat detection, more fine-grained access control and tenant separation, and better integration for serverless workloads.
For how long have I used the solution?
I have been using Wiz for around two years.
What do I think about the stability of the solution?
In my experience, Wiz is very stable.
What do I think about the scalability of the solution?
Wiz is very scalable.
How are customer service and support?
I do use Wiz's post-sale support services, and I am improving every quarter the performance of the tool with their assistance.
The customer support for Wiz is very good.
The customer support for Wiz is very good.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have evaluated multiple solutions before Wiz, including Palo Alto Prisma Cloud, Orca Security , Lacework , Check Point, Qualys cloud solution, Snyk , Checkmarx, and other DevSecOps platforms.
What was our ROI?
I have seen a return on investment with Wiz by reducing our budget spent on other tools, saving time, and needing fewer employees.
Wiz has reduced alert fatigue in my organization by around 90% over a given time period.
Wiz has reduced alert fatigue in my organization by around 90% over a given time period.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing for Wiz was through an RFP where they offered us a good price, and the licensing was a flexible solution based on our business.
What other advice do I have?
My advice for others looking into using Wiz is to try it not just as another security tool, but as a foundational visibility and risk prioritization platform for your entire cloud environment; to get the full value, you need to think strategically about adoption, ownership, and cross-team alignment. I would rate this review as a 9 out of 10.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Antwon L.
Unmatched Cloud Visibility and Seamless Jira Integration
Reviewed on Nov 25, 2025
Review provided by G2
What do you like best about the product?
What I like best about Wiz is the insight visibility and overview of issues and vulnerabilities within a cloud environment. Being able to not only track the primary resource of each individual issue but to also be able to view that in a security graph at a very high level. This type of insight capabilities helps users like me understand the full history of the issue as well as the different access points. Also being able to integrate these issues/vulnerabilities directly into Jira for direct progress tracking improves the workflow of solving them within a timely manner.
What do you dislike about the product?
The only downside I have for Wiz is that it can give a ton of information and telemetry on your environment all at once. Which can seem kinda overwhelming when first onboarding Wiz because a user may not know exactly what areas to search for in Wiz, and as a result it can take some time to understand.
What problems is the product solving and how is that benefiting you?
Wiz is solving the gaps of public exposure and vulnerabilities that our cloud environment has had in the past. That directly benefits me by giving my team more visibility into our cloud environments security posture overall, and knowing that I'm taking the correct steps into making our cloud environment as secure as possible.
Manufacturing
Seamless Integration and Outstanding Detection Capabilities with Wiz
Reviewed on Nov 24, 2025
Review provided by G2
What do you like best about the product?
Our experience with Wiz has been overwhelmingly positive. Integrating both our cloud and on-premises environments was straightforward, quick, and efficient, thanks to clear documentation and highly responsive account contacts. In addition to the standard Cloud Provider onboarding, we found it easy to connect our Kubernetes clusters via APIs, a feature we haven’t encountered with other vendors.
Wiz also stood out for its flexibility: by using the CLI, we were able to scan our repositories even without access to the native Repository connector. We successfully onboarded our virtual environment as well, which allowed us to gain insight into on-premises security issues.
One of the platform’s greatest strengths is its interface. Resource discovery happens instantly, the inventory fills rapidly, and projects can be segmented to provide team-specific access. The detection capabilities are exceptional, identifying everything from cloud misconfigurations to sensitive data exposure and new AI-related risks, all with customizable dashboards.
Wiz also stood out for its flexibility: by using the CLI, we were able to scan our repositories even without access to the native Repository connector. We successfully onboarded our virtual environment as well, which allowed us to gain insight into on-premises security issues.
One of the platform’s greatest strengths is its interface. Resource discovery happens instantly, the inventory fills rapidly, and projects can be segmented to provide team-specific access. The detection capabilities are exceptional, identifying everything from cloud misconfigurations to sensitive data exposure and new AI-related risks, all with customizable dashboards.
What do you dislike about the product?
There are a few minor bugs that do not affect the overall functionality of the service, such as issues with the history of the Mika AI assistant. Additionally, project segregation currently does not exclude Entra ID findings that are unrelated to the specific project. However, both of these issues have been addressed.
What problems is the product solving and how is that benefiting you?
Usage of the project helping us to increase visibility and speed-up findings resolution.
reviewer2780310
Enables comprehensive visibility into cloud risks and supports tailored compliance reporting across teams
Reviewed on Nov 21, 2025
Review provided by PeerSpot
What is our primary use case?
My use cases for Wiz mostly revolve around cloud security posture management, compliance, internal opex reporting, and shift-left security tooling, centered around compliance and cloud security shift-left.
What is most valuable?
What I appreciate most about Wiz is that the compliance and CSPM aspects of this cloud-native application protection offering are genuinely better than other products available in the market. Having worked on Prisma, Orca , and Qualys as well, when I compare Wiz with everything else, it definitely has an edge. The graph queries and graph explorer in Wiz are exceptionally well done by their team, giving me a complete view of resources, how they relate to other resources in the account or in other accounts, and how they pose an external threat or risk.
I have created boards in Wiz for internal projects and teams depending on what product line it is, and I have tried creating custom dashboards. My experience with creating custom dashboards is that it is neither easy nor difficult; it is somewhere in between. Obviously, it is not the same as Power BI or any other visualization tool, so I understand it will not be at that level, but it gets the job done. I get a high-level overview of trends of the findings or non-compliant items, and it accomplishes what I need. I also do not expect it to be at that level because that is not what it is built for.
What needs improvement?
I really cannot think of anything that Wiz can improve, because the use cases I deal with have almost all features that cater to them, so I really do not have anything in mind right now.
One thing Wiz can do better is regarding support for the open-source fork of Terraform called OpenTofu. Many organizations are moving from Terraform to OpenTofu to save costs in licensing, but their documentation does not officially state that they are supporting OpenTofu, so that would be beneficial to have. Since it is just a copy of Terraform, it should not be a difficult addition, but that would be a valuable feature.
For how long have I used the solution?
I have been using Wiz in my career for close to one and a half years.
What do I think about the stability of the solution?
I have seen some lagging or downtime a couple of times, but I am not sure why it happened. It was just a couple of times, and it did not impact what I was doing.
What do I think about the scalability of the solution?
Wiz is very scalable.
How are customer service and support?
I have contacted Wiz's technical support. The quality and speed of the support are very good; most of the time, I do get the answers I am looking for, and if not, the team works internally. If there is no feature, they raise a feature request for us, so it has been very good. On a scale from 1 to 10, I would give Wiz's support a 10.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial deployment of Wiz is very easy for me. The first time I deployed Wiz, it took me approximately 10 to 20 minutes, depending on the availability of the other team. When they are available, I usually get it done within 10 or 15 minutes, or even less than that when we have all the prerequisites ready.
What about the implementation team?
Wiz does require some maintenance on my end, but it is minimal. The maintenance involves configuring connectors for Wiz, and it does require a few permissions for Wiz to scan the cloud accounts and other resources. That is the only maintenance needed, such as adding or updating the role in Wiz if other permissions or services introduced by the cloud provider are not covered.
Which other solutions did I evaluate?
I have used some alternatives and similar solutions to Wiz. I remember the names of those alternatives; one is Palo Alto's Prisma Cloud, and the other was Qualys' tool, which was kind of a makeshift tool, not a full-fledged CSPM, but they called it CSPM. When I compare Wiz to those tools, I prefer Wiz a lot more because it is definitely a couple of notches above all those tools. They have done much better with their UI, which is very organized, whereas Prisma is mostly a lot of acquisitions and a lot of tools stitched together and offered as a SaaS solution. Not saying it is bad, but Wiz does it better than what they have been doing.
What other advice do I have?
I personally have not worked on Wiz Runtime Sensor, so I cannot really comment on whether it has helped identify active threats more effectively compared to any other solutions that I have used. We have plans, but not yet. I would rate this review overall as a 9.
Information Technology and Services
Revolutionized Our Cloud Security Posutre with Unmatched Visibility and Support
Reviewed on Nov 18, 2025
Review provided by G2
What do you like best about the product?
Wiz has become and invaluable tool for our cloud security posture. The platform provides full visibility into all layers of our workload and cloud environments, which has been a game-changer for our security team.
It is amazing to see how different assets and resources are connected to each other. This contextual relationship helps us understand the risks and potential blast radius of vulnerability and misconfigurations in ways we have not been able to view before.
I also have to highlight that the Support team is exceptional. Our Account Manager and Technical Support team has been incredibly responsive, knowledgeable and genuinely invested in help us get the most value out of Wiz.
It is amazing to see how different assets and resources are connected to each other. This contextual relationship helps us understand the risks and potential blast radius of vulnerability and misconfigurations in ways we have not been able to view before.
I also have to highlight that the Support team is exceptional. Our Account Manager and Technical Support team has been incredibly responsive, knowledgeable and genuinely invested in help us get the most value out of Wiz.
What do you dislike about the product?
My main critique is that Wiz is overwhelming at first. Wiz does so much that it can be challenging to know where to start. Its breadth of features and insights, while ultimately its strengths, creates a steep initial learning curve for new users to the platform.
What problems is the product solving and how is that benefiting you?
Wiz has fundamentally transformed how we approach cloud security management. The platform gives us visibility across our entire cloud environment, eliminating the blind spots that previously existed when trying to piece together information from multiple tools and consoles.
Having a single pane of glass to view all cloud resources, issues, and findings has dramatically improved our efficiency. Instead of context-switching between different dashboards and security tools, our team can now see everything in one place, which speeds up investigation and remediation times significantly.
The automation capabilities have been particularly valuable – Wiz automatically notifies the appropriate teams of vulnerabilities based on our configured rules and workflows. This means critical issues reach the right people immediately without manual triage, reducing our mean time to response.
Perhaps most importantly for our organization, Wiz ensures we adhere to the strictest security standards. The platform's compliance frameworks and continuous monitoring help us maintain our security posture and demonstrate compliance to auditors and stakeholders. This has reduced the stress and manual effort that previously went into compliance reporting, while giving us confidence that we're meeting our security obligations.
Having a single pane of glass to view all cloud resources, issues, and findings has dramatically improved our efficiency. Instead of context-switching between different dashboards and security tools, our team can now see everything in one place, which speeds up investigation and remediation times significantly.
The automation capabilities have been particularly valuable – Wiz automatically notifies the appropriate teams of vulnerabilities based on our configured rules and workflows. This means critical issues reach the right people immediately without manual triage, reducing our mean time to response.
Perhaps most importantly for our organization, Wiz ensures we adhere to the strictest security standards. The platform's compliance frameworks and continuous monitoring help us maintain our security posture and demonstrate compliance to auditors and stakeholders. This has reduced the stress and manual effort that previously went into compliance reporting, while giving us confidence that we're meeting our security obligations.