• Home
  • Veracode vs. Wiz

Veracode vs Wiz comparison

Cancel
You must select at least 2 products to compare!
SentinelOne Logo
SentinelOne Singularity Cloud Security
Read 77 SentinelOne Singularity Cloud Security reviews
1,647 views|542 comparisons
98% willing to recommend
Veracode Logo
Veracode
Read 194 Veracode reviews
2,690 views|1,888 comparisons
90% willing to recommend
Wiz Logo
Wiz
Read 12 Wiz reviews
14,785 views|11,064 comparisons
100% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Veracode vs. Wiz
May 2024
Executive Summary
Updated on Jun 2, 2024

Veracode and Wiz have both received positive feedback on customer service and support. Wiz users have consistently praised data security and exposure prevention capabilities. Veracode users have found the pricing to be a key consideration, while Wiz users have focused on the ROI achieved. Both platforms have areas for improvement highlighted by users, with Veracode users mentioning the need for customizable reporting features, and Wiz users suggesting enhancements to advanced analytics tools.

  • Features: Veracode excels in accurate vulnerability detection, comprehensive security testing, and detailed reporting. In comparison, Wiz is praised for its intuitive interface, cloud security posture management, workload protection, vulnerability management, and agentless scanning.
  • Pricing and ROI: Veracode's setup cost is perceived as varying, with some reviewers considering it expensive while others find it reasonable. Wiz users appreciate the affordability, ease of installation, and licensing terms. Veracode focuses on preventing security breaches, reducing development costs, and maintaining certifications, while Wiz focuses on actionable insights.
  • Room for Improvement: Veracode users suggest improving the UI, customization, reporting, pricing transparency, and training resources. Wiz users highlight the need for more customization, clearer instructions, faster support, additional features, enhanced mobile app, robust reporting, system stability, and minimized downtime.
  • Deployment and customer support: Veracode users found the setup straightforward, with minimal technical skills needed. Wiz users had mixed experiences, some spent a significant amount of time on deployment and setup. Veracode's customer service has mixed reviews, with some praising responsiveness while others criticize slow response times. On the other hand, Wiz's customer service is consistently excellent, with users praising helpfulness and quick issue resolution.

The summary above is based on 190 interviews we conducted recently with Veracode and Wiz users. To access the review's full transcripts, download our report.

To learn more, read our detailed Veracode vs. Wiz Report (Updated: May 2024).
Download the complete report
772,679 professionals have used our research since 2012.
Featured Review
Sakshi Chalke
Helps reduce the number of false positives, and improves risk posture, but cloud filtering has a limitation
PingSafe has significantly reduced the number of false positives in our cloud-native security environment from 30 percent down to five percent.... Read more →
Everton Yoshitani
I like the ease of integration and onboarding
Veracode helps us improve our overall security and build trust with our customers. For example, some of our customers have strict security... Read more →
Eric Acosta
It's easy to do queries to find out how many servers we have and the applications installed on each
Wiz's biggest benefit is visibility. My organization acquired a few other companies, and we didn't know what we had. With Wiz, we only needed to... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Cloud Native Security offers a valuable tool called an offensive search engine.""It's helped free up staff time so that they can work on other projects.""The most valuable features of PingSafe are cloud misconfiguration, Kubernetes, and IaC scanning.""The visibility PingSafe provides into the Cloud environment is a valuable feature.""The user-friendly dashboard offers both convenience and security by providing quick access to solutions and keeping us informed of potential threats.""The remediation process is good.""The user interface is well-designed and easy to navigate.""PingSafe's graph explorer is a valuable tool that lets us visualize all connected services."

More SentinelOne Singularity Cloud Security Pros →

"There have been a lot of benefits gained from Veracode. Compared to other tools, Veracode has good flexibility with an easy way to run a scan. We get in-depth details on how to fix things and go through the process. They provide good process documents, community, and consultation for any issues that occur during the use of Veracode.""The security team can track the remediation and risk acceptance statistics.""I like its integration with GitHub. I like using it from GitHub. I can use the GitHub URL and find out the vulnerabilities.""Veracode creates a list of issues. You can go through them one by one and click through to a new window with all the information about the issue discovered.""I contacted the solution's technical support during the automation part, and it went well, after which I never faced any issues.""I don't have much experience with the solution yet. We're looking at integrating Manual Penetration Testing with JIRA and Bamboo and then building that into a CICD model, so the integration is the most valuable feature so far.""Our development team use this solution for static code analysis and pen testing.""It eases integration into our workflow. Veracode is part of our Jenkins build, so whenever we build our software, Jenkins will automatically submit the code bundle over to Veracode, which automatically kicks off the static analysis. It sends an email when it's done, and we look at the report."

More Veracode Pros →

"With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment.""The CSPM module has been the most effective. It was easy to deploy and covered all our accounts through APIs, requiring no agents. Wiz provides instant visibility into high-level risks that we need to address.""The vulnerability management modules and the discovery and inventory are the most valuable features. Before using Wiz, it was a very manual process for both. After implementing it, we're able to get all of the analytics into a single platform that gives us visibility across all the systems in our cloud. We're able to correspond and understand what the vulnerability landscape looks like a lot faster.""The automation roles are essential because we ultimately want to do less work and automate more. The dashboards are easy to read and visually pleasing. You can understand things quickly, which makes it easy for our other teams. The network and infrastructure teams don't know as much about security as we do, so it helps to have a tool that's accessible and nice to look at.""The solution is very user-friendly.""The product supports out-of-the-box reporting with context about the asset and allows us to perform complex custom queries on UI.""Our most important features are those around entitlement, external exposure, vulnerabilities, and container security.""Out of all the features, the one item that has been most valuable is the fact that Wiz puts into context all the pieces that create an issue, and applies a particular risk evaluation that helps us prioritize when we need to address a misconfiguration, vulnerability, or any issue that would put our environment into risk."

More Wiz Pros →

Cons
"With Cloud Native Security, we can't selectively enable or disable alerts based on our specific use case.""The could improve their mean time to detect.""PingSafe is an excellent CSPM tool, but the CWPP features need to improve, and there is a scope for more application security posture management features. There aren't many ASPM solutions on the market, and existing ones are costly. I would like to see PingSafe develop into a single pane of glass for ASPM, CSPM, and CWPP. Another feature I'd like to see is runtime protection.""Some of the navigation and some aspects of the portal may be a little bit confusing.""The alerting system of the product is an area that I look at and sometimes get confused about. I feel the alerting feature needs improvement.""There's room for improvement in the graphic explorer.""It would be really helpful if the solution improves its agent deployment process.""PingSafe can be improved by developing a comprehensive set of features that allow for automated workflows."

More SentinelOne Singularity Cloud Security Cons →

"It's very expensive for a small organization.""The UI is not user-friendly and can be improved.""The scanning could be improved, because some scans take a bit of time.""There are times when certain modules cannot be scanned automatically, requiring us to manually select these modules and initiate the scanning process on our side.""One of the most important areas that need improvement for Veracode is its DaaS. Veracode's DAST engines are primitive.""In the last month or so, I had a problem with the APIs when doing some implementations. The Veracode support team could be more specific and give me more examples. They shouldn't just copy the URL for a doc and send it to me.""The runtime code analysis could be improved so that we can see every element in one place.""Maybe the pipeline scanning doesn't support enough languages. It might only support Java and Python only, so that could be improved."

More Veracode Cons →

"We're looking at some of the data compliance stuff that they've got Jon offer. I know they're looking at container security, which we gonna be looking at next.""Given the level of visibility into all the cloud environments Wiz provides, it would be nice if they could integrate some kind of mechanism to better manage tenants on multiple platforms. For example, let's say that some servers don't have an application they need, such as an antivirus. Wiz could include an API or something to push those applications out to the servers. It would be great if you could remedy these issues directly from the Wiz platform.""The only thing that needs to be improved is the number of scans per day.""One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging.""The remediation workflow within the Wiz could be improved.""The only small pain point has been around some of the logging integrations. Some of the complexities of the script integrations aren't supported with some of the more automated infrastructure components. So, it's not as universal. For example, they have great support for cloud formation and other services, but if you're using another type of management utility or governance language for your infrastructure-as-code automation components, it becomes a little bit trickier to navigate that.""The solution's container security could be improved.""We would like to see improvements to executive-level reporting and data reporting in general, which we understand is being rolled out to the platform."

More Wiz Cons →

Pricing and Cost Advice
  • "As a partner, we receive a discount on the licenses."
  • "It's a fair price for what you get. We are happy with the price as it stands."
  • "I wasn't sure what to expect from the pricing, but I was pleasantly surprised to find that it was a little less than I thought."
  • "Singularity Cloud Workload Security's pricing is good."
  • "Singularity Cloud Workload Security's licensing and price were cheaper than the other solutions we looked at."
  • "I understand that SentinelOne is a market leader, but the bill we received was astronomical."
  • "It's not expensive. The product is in its initial growth stages and appears more competitive compared to others. It comes in different variants, and I believe the enterprise version costs around $55 per user per year. I would rate it a five, somewhere fairly moderate."
  • "The pricing is fair. It is not inexpensive, and it is also not expensive. When managing a large organization, it is going to be costly, but it meets the business needs. In terms of what is out there on the market, it is fair and comparable to what I have seen, so I do not have any complaints about the cost"

    • More SentinelOne Singularity Cloud Security Pricing and Cost Advice →

  • "Its complexity makes it quite expensive, but it’s all worth it, with all the engineering in the background."
  • "The pricing is pretty high."
  • "The worst part about the product is that it does not scale at all. Also, microservices apps will cost you a fortune."
  • "I think licensing needs to be changed or updated so that it works with adjustments. Pricing is expensive compared to the amount of scanning we perform."
  • "It's worth the value"
  • "Pricing seems fair for what is offered, and licensing has been no problem. All developers are able to get the access they need."
  • "It can be expensive to do this, so I would just make sure that you're getting the proper number of licenses. Do your analysis. Make sure you know exactly what it is you need, going in."
  • "The licensing and prices were upfront and clear. They stand behind everything that is said during the commercial phase and during the onboarding phase. Even the most irrelevant "that can be done" was delivered, no matter how important the request was."

    • More Veracode Pricing and Cost Advice →

  • "The pricing seems pretty simple. We don't have to do a lot of calculations to figure out what the components are. They do it by enabling specific features, either basics or advanced, which makes it easy to select."
  • "The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing."
  • "The pricing is fair and comparable to their competitors. The cost seems to be going up, which is a concern. There are potential savings from consolidating tools, but we're uncertain how Wiz's pricing will change over time."
  • "I wish the pricing was more transparent."
  • "The cost of the other solutions is comparable to Wiz."
  • "Wiz is a moderately priced solution, where it is neither cheap nor costly."

    • More Wiz Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Container Security solutions are best for your needs.
    See Recommendations
    772,679 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about PingSafe?
    Top Answer:The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best… more »
    Read all 44 answers   →
    What is your experience regarding pricing and costs for PingSafe?
    Top Answer:I'm not aware of the exact pricing.
    Read all 31 answers   →
    What needs improvement with PingSafe?
    Top Answer:When I joined my organization, I saw that PingSafe was already implemented. I started to use the tool's alerting… more »
    Read all 44 answers   →
    Which gives you more for your money - SonarQube or Veracode?
    Top Answer:SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis… more »
    Read all 6 answers   →
    What do you like most about Veracode?
    Top Answer:The SAST and DAST modules are great.
    Read all 96 answers   →
    What is your experience regarding pricing and costs for Veracode?
    Top Answer:The product’s price is a bit higher compared to other solutions. However, the tool provides good vulnerability and… more »
    Read all 66 answers   →
    How would you compare Wiz vs Lacework?
    Top Answer:Wiz and Lacework sucks... Buy Orca. 
    AWS Cloud Security Posture tool - has anyone used either Wiz or Ermetic ...
    Top Answer:Whether or not the cost of third-party Cloud Security tools is justified would depend on your specific needs and budget… more »
    What do you like most about Wiz?
    Top Answer:With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment.
    Read all 7 answers   →
    Comparisons
    Also Known As
    PingSafe
    Crashtest Security , Veracode Detect
    Learn More
    SentinelOne
    Veracode
    Wiz
    Overview

    Singularity Cloud Security is SentinelOne’s comprehensive, cloud-native application protection platform (CNAPP). It combines the best of agentless insights with AI-powered threat protection, to secure and protect your multi-cloud infrastructure, services, and containers from build time to runtime. SentinelOne’s CNAPP applies an attacker’s mindset to help security practitioners better prioritize their  remediation tasks with evidence-backed Verified Exploit Paths™. The efficient and scalable runtime protection, proven over 5 years and trusted by many of the world’s leading cloud enterprises, harnesses local, autonomous AI engines to detect and thwart runtime threats in real-time. CNAPP data and workload telemetry is recorded to SentinelOne’s unified security lake, for easy access and investigation.

    Singularity Cloud Security includes both agentless and AI-powered cloud security controls, which represent two halves of our strategy to keep public cloud and container environments safe. Radically reduce your cloud attack surface with Singularity Cloud Native Security, formerly PingSafe, with agentless insights and evidence-based prioritization; protect runtime compute and container with Singularity Cloud Workload Security, SentinelOne’s real-time CWPP, with AI-powered machine-speed blocking of threats.

    Veracode is a global leader in Application Risk Management for the AI era. Powered by trillions of lines of code scans and a proprietary AI-generated remediation engine, the Veracode platform is trusted by organizations worldwide to build and maintain secure software from code creation to cloud deployment. Thousands of the world’s leading development and security teams use Veracode every second of every day to get accurate, actionable visibility of exploitable risk, achievereal-time vulnerability remediation, and reduce their security debt at scale. Veracode is a multi-award-winning company offering capabilities to secure the entire software development life cycle, including Veracode Fix, Static Analysis, Dynamic Analysis, Software Composition Analysis, Container Security, Application Security Posture Management, and Penetration Testing.

    Learn more atwww.veracode.com, on theVeracode blog, and onLinkedInandTwitter.

    Wiz is a highly efficient solution for data security posture management (DSPM), with a 100% API-based approach that provides quick connectivity and comprehensive scans of platform configurations and workloads. The solution allows companies to automatically correlate sensitive data with relevant cloud context, such as public exposure, user identities, entitlements, and vulnerabilities.This integration enables them to understand data accessibility, configuration, usage, and movement within their internal environments.

    Wiz's Security Graph delivers automated alerts whenever risks emerge, allowing teams to prioritize and address the most critical issues before they escalate into breaches. Furthermore, Wiz ensures rapid and agentless visibility into critical data across various repositories, enabling organizations to easily determine the location of their data assets.

    Wiz Features

    Wiz provides various features in the following categories:

    • Agentless Scanning: The solution can scan every layer of a cloud environment without requiring agents, managing the entire process and providing comprehensive visibility.

    • Workflow Integration: Users can create customized workflows within Wiz to identify and assign actions based on urgency, integrating them with ticketing systems for quick and efficient remediation.

    • Vulnerability Management: Wiz's vulnerability management modules provide detailed analytics and visibility across cloud systems, streamlining the manual process of vulnerability discovery. The automated attack path analysis helps identify risks and trace potential points of exposure, allowing users to understand and mitigate them effectively and proactively.

    • CSPM (Cloud Security Posture Management): Wiz's CSPM module offers instant visibility into high-level risks to an enterprise’s cloud environment, covering all accounts without the need for agents.

    • Out-of-the-Box Reporting and Custom Queries: The service supports comprehensive reporting with asset context, allowing users to perform complex custom queries on the solution’s user-friendly interface.

    • Automation Roles and Dashboards: The solution facilitates automation by providing essential roles and dedicated dashboards that enable teams to understand security information quickly, even those with limited expertise.

    • Contextual Risk Evaluation: The service contextualizes the various components contributing to an issue, providing a risk evaluation framework that helps prioritize remediation efforts.

    • Security Graph and Visibility: Wiz's security graph offers visibility across the entire organization, even with multiple accounts, enabling users to understand their environment and assets effectively.

    The Benefits of Wiz

    Wiz offers the following benefits:


    • Comprehensive agentless scanning

    • Effective identification and mitigation of vulnerabilities

    • Streamlined vulnerability management

    • Robust reporting capabilities and customizable queries

    • Enhanced automation and role-based access control

    • Prioritized risk evaluation for efficient remediation

    • Security posture across multiple accounts

    Reviews from Real Users

    Kamran Siddique, VP Information Security at boxed.com, remarks his company has seen a ROI while using Wiz, as it simplifies the process by integrating multiple useful tools into one solution.

    According to a Senior Security Architect at Deliveroo, Wiz has given their company a fresh approach to vulnerability management, as Wiz's native integrations are extremely useful and paramount to the operational success of their platform.



    Get a demo | Wiz

    Sample Customers
    Information Not Available
    Manhattan Associates, Azalea Health, Sabre, QAD, Floor & Decor, Prophecy International, SchoolCNXT, Keap, Rekner, Cox Automotive, Automation Anywhere, State of Missouri and others.
    Wiz is the fastest growing software company ever - $100M ARR in 18 months: Wiz becomes the fastest-growing software company ever | Wiz Blog  Discover why companies, including Salesforce, Morgan Stanley, Fox, and Bridgewater choose Wiz as their cloud security partner. Read their success stories here: Customers | Wiz
    Top Industries
    REVIEWERS
    Computer Software Company27%
    Construction Company13%
    Financial Services Firm10%
    Insurance Company8%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Financial Services Firm15%
    Manufacturing Company10%
    Insurance Company4%
    REVIEWERS
    Computer Software Company26%
    Financial Services Firm23%
    Insurance Company9%
    Comms Service Provider6%
    VISITORS READING REVIEWS
    Financial Services Firm18%
    Computer Software Company15%
    Manufacturing Company8%
    Government6%
    REVIEWERS
    Computer Software Company33%
    Outsourcing Company11%
    Manufacturing Company11%
    Financial Services Firm11%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm15%
    Manufacturing Company9%
    Government6%
    Company Size
    REVIEWERS
    Small Business39%
    Midsize Enterprise20%
    Large Enterprise41%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise13%
    Large Enterprise61%
    REVIEWERS
    Small Business31%
    Midsize Enterprise20%
    Large Enterprise49%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise14%
    Large Enterprise69%
    REVIEWERS
    Small Business15%
    Midsize Enterprise23%
    Large Enterprise62%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise15%
    Large Enterprise65%
    Buyer's Guide
    Veracode vs. Wiz
    May 2024
    Free Report: Veracode vs. Wiz
    Find out what your peers are saying about Veracode vs. Wiz and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    772,679 professionals have used our research since 2012.

    Veracode is ranked 4th in Container Security with 194 reviews while Wiz is ranked 2nd in Container Security with 12 reviews. Veracode is rated 8.2, while Wiz is rated 9.2. The top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". On the other hand, the top reviewer of Wiz writes "Multiple features help us prioritize remediation, and agentless implementation reduces overhead". Veracode is most compared with SonarQube, Checkmarx One, Fortify on Demand, Snyk and Fortify Static Code Analyzer, whereas Wiz is most compared with Prisma Cloud by Palo Alto Networks, Orca Security, Microsoft Defender for Cloud, AWS Security Hub and Lacework. See our Veracode vs. Wiz report.

    See our list of best Container Security vendors.

    We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.