Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Since moving to wiz from another solution I find it much more useful
What do you like best about the product?
The easy and readable info with all the amount of noise the cloud produces.
It does much more then the basic cspm solutions and is allways innovating
It does much more then the basic cspm solutions and is allways innovating
What do you dislike about the product?
I would like to see more integrations into other VM solutions that are in prem to have an holistic view
What problems is the product solving and how is that benefiting you?
Well, Vulnerability mgmt, miss configuration, the actual risk and automation to snow
- Leave a Comment |
- Mark review as helpful
Wiz is Great for Cloud visibility and mitigation.
What do you like best about the product?
You can see all your could environments and accounts, view security issues and even how to solve them.
What do you dislike about the product?
It's not always easy to do specific searches
What problems is the product solving and how is that benefiting you?
Makes it easy for you to see your Cloud inventory and the security issues you have.
Data to insight to action, done with WIZ
What do you like best about the product?
WIZ is changing the play ground, allowing great visibility, and consistent proactiveness to support required new challenges and threats with a solid supporting team. WIth their new approach around DSPM, CIEM and CWPP they are on their way to create sticky free, and great solutions for cloud security
What do you dislike about the product?
I believe all CSPM׳s have room to give more, WIZ is a top player, its Malware scanning platform can have an extra boost to provide a great value, in addiition to alligning all together their features (connecting the dots between CSPM, DSPM and CIEM) to enrich the data value insights is important.
What problems is the product solving and how is that benefiting you?
Being an all-cloud company, visibility is key, to build our cloud security program, this is where WIZ makes a major difference for us as a company to establish our decision making, priorities and cloud security baseline.
Wiz is great solution for cloud security.
What do you like best about the product?
The simple interface and the good insights about the security posture of our cloud.
What do you dislike about the product?
I can't think of any at the moment.
Great product
Great product
What problems is the product solving and how is that benefiting you?
Security issues in the cloud. It gives me the ability to know exactly where I am vulnerable in my cloud environment and explains the gaps so I can fully understand them.
It is good product but missing some features that I am expecting from CNAPP
What do you like best about the product?
I liked the vulnerabilities that WIZ is able to provide in the environment and the update on new CVEs that impact our environment.
WIZ having a good dashboard in one location I can see the status of our environment.
WIZ having a good dashboard in one location I can see the status of our environment.
What do you dislike about the product?
There is no option to run a query on the JSON format of the environment
it is more query that builds by WIZ but we cannot adjust it
I would like to have the ability to build a custom query on some field that you don't take into consideration
protection on the network level such as analyzing the flow logs
scan for every 24 hours - I would like to have a scan for half an hour related to CSPM if someone changes the S3 to be public I would like to know immediately and not after 24 hours.
JIRA BI-directional - Jira Ticket can only open but not close the ticket in Jira.\
it is more query that builds by WIZ but we cannot adjust it
I would like to have the ability to build a custom query on some field that you don't take into consideration
protection on the network level such as analyzing the flow logs
scan for every 24 hours - I would like to have a scan for half an hour related to CSPM if someone changes the S3 to be public I would like to know immediately and not after 24 hours.
JIRA BI-directional - Jira Ticket can only open but not close the ticket in Jira.\
What problems is the product solving and how is that benefiting you?
provide a visiblity on the cloud environment from a exposure and vulnerabilites.
it is good in one location we can see all the connectivty but some time it is take time to understand where is the issue.
it is good in one location we can see all the connectivty but some time it is take time to understand where is the issue.
Wiz platform is a great way to be secure and get knowledge about your environment.
What do you like best about the product?
The most helpful is that you can collect data, the "Threat Center" for example is such a useful tab!
The qualities I appreciate are that I can see if we are exposed to attack.
Actually, I didn’t have a chance to use another platform.
The qualities I appreciate are that I can see if we are exposed to attack.
Actually, I didn’t have a chance to use another platform.
What do you dislike about the product?
I think that the downside is that, at first, it can seem a bit complicated platform.
What problems is the product solving and how is that benefiting you?
So wiz is constantly scanning our cloud so we can be protected and be aware of malicious activity, that is the main issue that wiz solving for me and my security team.
Cloud Security Made Easy
What do you like best about the product?
Wiz has one of the best onboarding experiences I've used in a cloud security product. Onboarding AWS accounts can be done in minutes and does not require the installation or management of any infrastructure agents.
What do you dislike about the product?
We've had some issues getting the Jira integration to work how we want it with labeling issues dynamically based on the controls in place. That being said our account managers have been very helpful in getting it figured it ou.
What problems is the product solving and how is that benefiting you?
AWS cloud security oversight, we had multiple accounts and no security team to start with so we were stretched thin. Wiz replaced the need to hire a full time engineer purely for building and running tooling for providing ongoing security observability on our AWS infrastructure.
Wiz, as a solution and from a customer support experience, has exceeded our expectations.
What do you like best about the product?
Ease of deployment is the first thing that comes to mind. Second, the information produced by Wiz quickly turns into actionable data.
What do you dislike about the product?
So far, there is no significant downside to Wiz.
What problems is the product solving and how is that benefiting you?
Visibility into our Cloud environment and ability to ascertain 'real' security risks that coincide with the native security services from our CSP.
Great, multi cloud CSPM. Compliments and enriches our vulnerability visibility.
What do you like best about the product?
The interface is really nice and integrates with our other systems (Kenna, SIEM, etc)
Love that we can deploy this across AWS, as well as GCP and Azure.
Any SaaS company that doesn't have SSO is doomed to fail. Like that we can put it behind our Okta.
Love that we can deploy this across AWS, as well as GCP and Azure.
Any SaaS company that doesn't have SSO is doomed to fail. Like that we can put it behind our Okta.
What do you dislike about the product?
We recently that a few critical CVE/CVSS vulnerabilities and we had to enable some things that weren't turned on out-of-the-box. We didn't know that these were turned off until we scanned systems we knew had it and had to dig through docs to see why.
UPDATE: We recently discovered when Log4J was released that Wiz DOES NOT SCAN CRITICAL DIRECTORIES. What do I mean by this?
It will not scan key directories like /etc /bin /opt /lib /var.
When we were responding to the incident and scanning our infrastructure for Log4j, it came back negative, but we knew we had several Java applets and servers running it. Turns out, Wiz wasn't scanning linux directories where Log4j OR MOST MALWARE would run from.
We've experienced mostly good reviews, but once we identified these exclusions, we had slower responses and reporting from our various systems.
UPDATE: We recently discovered when Log4J was released that Wiz DOES NOT SCAN CRITICAL DIRECTORIES. What do I mean by this?
It will not scan key directories like /etc /bin /opt /lib /var.
When we were responding to the incident and scanning our infrastructure for Log4j, it came back negative, but we knew we had several Java applets and servers running it. Turns out, Wiz wasn't scanning linux directories where Log4j OR MOST MALWARE would run from.
We've experienced mostly good reviews, but once we identified these exclusions, we had slower responses and reporting from our various systems.
What problems is the product solving and how is that benefiting you?
Biggest problem Wiz is solving for us as getting consistent configuration management and vulnerability data across hundreds of AWS accounts as well as some GCP accounts from merger and acquisitions.
Completely redefining 'Cloud Security Posture Management'
What do you like best about the product?
Wiz is a game changer for security teams looking to accelerate their mean time to response for virtually any issue in the cloud. Utilizing mulitple criteria in prioritizing alerts (such as critical vulnerability AND public exposure), highlighting things like plaintext keys, identifying overly permissive roles and service accounts - all potentially in the same set of alerts - was not something we found in any other CSPM we demo'd. Likewise, other tools we used had some visualization capability, but not anything to the extent of Wiz's Security Graph. I think something that isn't talked about enough with the strength of Wiz's visualization is how much easier it makes investigations for analysts of all experience levels. We had several new analysts join our team this year and they were able to feel like they could make a near immediate impact in our cloud environment due to how easy Wiz made it for them to digest and understand the data. I'm not talking about the alert itself, but the context around the alert: the compromise paths, routes out to the greater internet, etc. Visualization is such a huge learning aid and makes it so easy to react almost instantaneously to findings.
What do you dislike about the product?
Not necessarily a downside, but I believe this is an opportunity for Wiz to market its ability to fill an additional gap.
Vulnerability management, at least in AWS, is a bit cumbersome. Before Wiz, we believed we had two options: a third-party vuln scanning platform or an AWS Inspector. Extending our on-prem scanning platform would be way too labor intensive to deploy and administrate. It would require a VM within each AWS OU with authentication privileges to the EC2s in the environment and would not even give us visibility into ECS or EKS. Using AWS Inspector would require the deployment of the systems manager agent across all EC2s. Because Wiz requires no insalled or deployed hardware, I think Wiz could make an excellent vulnerability management tool on top of everything else it does. Unfortunately, we do not use it today because there isn't a way to carve out vulnerabilities at a more granular level or prioritize them beyond Wiz's out-of-the-box rankings. There are plenty of companies, like ours, who are transitioning from on-prem to cloud and with that our development teams are still maturing their practices to align with AWS best practices, like regularly updating the images, checking for updates and calling the newest version of an image during a deployment. And while this maturation is happening it would be great to have Wiz to use for vuln management over deploying an archaic vulnerability scanner tool or being forced to use AWS Inspector.
Vulnerability management, at least in AWS, is a bit cumbersome. Before Wiz, we believed we had two options: a third-party vuln scanning platform or an AWS Inspector. Extending our on-prem scanning platform would be way too labor intensive to deploy and administrate. It would require a VM within each AWS OU with authentication privileges to the EC2s in the environment and would not even give us visibility into ECS or EKS. Using AWS Inspector would require the deployment of the systems manager agent across all EC2s. Because Wiz requires no insalled or deployed hardware, I think Wiz could make an excellent vulnerability management tool on top of everything else it does. Unfortunately, we do not use it today because there isn't a way to carve out vulnerabilities at a more granular level or prioritize them beyond Wiz's out-of-the-box rankings. There are plenty of companies, like ours, who are transitioning from on-prem to cloud and with that our development teams are still maturing their practices to align with AWS best practices, like regularly updating the images, checking for updates and calling the newest version of an image during a deployment. And while this maturation is happening it would be great to have Wiz to use for vuln management over deploying an archaic vulnerability scanner tool or being forced to use AWS Inspector.
What problems is the product solving and how is that benefiting you?
The bigger question is what problem does Wiz not solve? It allows us a greater visibility into our resource configurations, vulnerability posture, network configurations, identities and roles, all without having to deploy a single thing. I manage the security operations team, but Wiz makes it easy for our compliance team to check IAM roles, look up compliance against different standards like ISO and CIS. Our AppSec team uses it too to see ingress paths. We even have our architecture teams with access so that they can perform searches using the Security Graph.
showing 451 - 460