Overview
Product Information on Wiz CNAPP
What is Wiz CNAPP?
Wiz CNAPP Pricing
Overall experience with Wiz CNAPP
“Unified Cloud and Code Security Platform That Delivers Deep Context and Real Time Insight”
“Centralized Cloud Visibility Offers Value But Alert Overload Requires Careful Tuning”
Badges
Cloud Security Posture Management Tools
About Company
Company Description
Wiz is a company that aids organizations across various sizes and sectors to swiftly detect and eliminate crucial risks in AWS, Azure, GCP, OCI, Alibaba Cloud, and Kubernetes. This enables these organizations to develop quicker and with enhanced security.
Company Details
Do You Manage Peer Insights at Wiz?
Access Vendor Portal to update and manage your profile.
Key Insights
A Snapshot of What Matters - Based on Validated User Reviews
User Sentiment About Wiz CNAPP
Reviewer Insights for: Wiz CNAPP
Deciding Factors: Wiz CNAPP Vs. Market Average
Performance of Wiz CNAPP Across Market Features
Wiz CNAPP Likes & Dislikes
Wiz provides unmatched end-to-end visibility from code to cloud with a powerful Cloud Graph and near real-time threat detection, allowing us to quickly identify, prioritize and resolve security issues without jumping between tools. It also provides a seamless ability to click through each resource and immediately see deep context; an intuitive way to navigate from cloud resources high-level overview into its associated threats, risks, governance details and operational context. This makes it easy to fully understand each asset, assess its security posture and take informed action without leaving the platform.
Wiz gives you a single pane of glass view of your cloud environments, plus code repos. It's a great capability to bring all your alerting and intelligence into one place. Bonus features like cloud cost visibility add to the value.
The features we like most are the IAC code scanning that enabled us to check Terraform, CF and K8s manifests files and the ability to identify open-source libraries that are vulnerable and another feature we like most is its secret detection in the code repos and container images which helps us to prevent accidental exposure of API keys and tokens.
I don't have any significant dislikes at the moment. If anything, I'd like to see even more customization in views. We create projects to provide tailored views for each team, allowing security champions to govern their cloud resources and drive remediation efforts. While this is possible in Wiz, it can be challenging for the central security team to oversee all cloud resources across team views because duplicate resources appear in multiple projects. This duplication can create inefficiencies when trying to get a consolidated picture. The core product is exceptional, but a feature streamline oversight across projects would make it even easier for the security team to maintain and strengthen the overall security posture
There's a long learning curve to mastering alerting - until then you can easily be bombarded with thousands of alarms. It's easy to get lost in all the alerts, and as a smaller company you will need to be very pragmatic about your strategy and invest time in tuning things to get the right signal to noise ratio.
One of the main dislikes is its price. Also, the interface, while clean, is so dense with telemetry and features that it takes a few months to understand and master.
Top Wiz CNAPP Alternatives
Peer Discussions
Wiz CNAPP Reviews and Ratings
- Lead Security Engineer50M-1B USDIT ServicesReview Source
Unified Cloud and Code Security Platform That Delivers Deep Context and Real Time Insight
Implementing Wiz for our organization was remarkably straightforward, even with the multi-module setup of Wiz Defend, Wiz Code and Wiz Cloud. The deployment process was smooth and required minimal overhead, enabling us to quickly start leveraging its capabilities. The Wiz Code + Wiz Code integration, especially the Security Graph Explorer, is outstanding. It clearly visualizes connections from source code all the way to associated cloud resources. The end-to-end visibility has been instrumental in identifying resource distribution and pinpointing vulnerabilities across each layer of our environment. Wiz Defend stands out for its near real-time detection and contextual insights. It provides deep visibility into cloud, system and runtime events, enabling faster investigations without the inefficiency of querying multiple systems. Significantly reduced our MTTI and MTTR. Integration capabilities are another major strength. Wiz seamlessly connects with a wide range of tools across the stack - from IDEs, version control and CI/CD pipelines to Kubernetes, cloud platforms, SOAR, ticketing tools and messaging platforms. This interoperability allows us to embed Wiz into our security and development workflows. Wiz Cloud's issue prioritization capabilities are another strength. The platform helps focus on the most critical misconfigurations and vulnerabilities, identify external attack surfaces, and implement targeted mitigations to strengthen the security posture. Overall, Wiz has delivered a unified, insightful and efficient security solution that bridges development and cloud operations, enabling us to proactively manage risk and improve our security maturity. - Associate Consultant50M-1B USDBankingReview Source
WIZ CNAPP: Complex Interface Present Challenges Despite Strong Scanning Capabilities
Wiz CNAPP helps us secure everything we build and run in the cloud. Because it is agent-less, we don't have to worry about agent installation or issues where the agent prevents something from reporting correctly. We are using it to scan the resources running on AWS and it has performed exceptionally well under our current demand. Its support for IAC scanning is a standout feature which allows us to check the manifests for any misconfiguration. Since moving to microservices, we particularly value its ability to identify vulnerable open-source libraries and dependencies in our code. - IT SECURITY & RISK MANAGEMENT ASSOCIATE<50M USDSoftwareReview Source
Cloud Security Platform Eases Compliance but Faces Cost and Alert Challenges
Wiz is the most comprehensive cloud-native security platform I have worked with. The agentless design enables smooth deployment across multi-cloud environments, eliminating the overhead of traditional agents. Overall it makes it easier for engineers and security teams to understand context quickly. - IT SECURITY & RISK MANAGEMENT ASSOCIATE50M-1B USDSoftwareReview Source
Efficient Multi-Cloud Security Hampered by Scalability and Configuration Complexity
Powerful Cloud Security platform with Deep visibility of threats and vulnerabilities on the organization's exposed surface - Director, IT Security and Risk Management1B-10B USDBankingReview Source
Game Changing Success in the Cloud Security Visibility and Container Runtime Realm
My organization has had game-changing success with WIZ. The amount of clear and easily digestible cloud visibility we were able to gain has provided much better insight into the questions, "what is our cloud security posture" and "what truly poses a risk to our organization".