Tufin Orchestration Suite is praised for its comprehensive security automation and policy management features but criticized for its UI and reporting limitations. On the other hand, Wiz is commended for its data security and exposure prevention, actionable insights, and an agentless scanning. The pricing, ease of installation, and customer service for both products have been praised by users.
The summary above is based on 30 interviews we conducted recently with Tufin Orchestration Suite and Wiz users. To access the review's full transcripts, download our report.
"It is scalable, stable, and can detect any threat on a machine. It uses artificial intelligence and can lock down any virus."
"The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best features."
"PingSafe offers an intuitive user interface that lets us navigate quickly and easily."
"Cloud Native Security's best feature is its ability to identify hard-coded secrets during pull request reviews."
"PingSafe's most valuable feature is its unified console."
"PingSafe can integrate all your cloud accounts and resources you create in the AWS account, We have set it up to scan the AWS transfer services, EC2, security groups, and GitHub."
"PingSafe's graph explorer is a valuable tool that lets us visualize all connected services."
"The multi-cloud support is valuable. They are expanding to different clouds. It is not restricted to only AWS. It allows us to have different clouds on one platform."
"One of the biggest quick wins that we had with Tufin was cleaning up our firewall policies and rules. We cleaned out a lot of rules which helped our devices, longevity-wise, as well as speed-wise."
"Being able to customize your own clarity to that aspect of change management."
"The most valuable features are the Security Risks and Best Practices reporting/Rule base cleanup."
"We can get reports with Tufin at anytime. We can have automated reports, even with security and compliance."
"We were hit by the NotPetya attack. Therefore, our whole company and all its sites were down for several months. So, you don't have an attack like that and not need something like Tufin. Other companies can prevent these attacks, or at least slow them down, by having this type of a tool. We will never go back."
"SecureChange makes our lives easier with automation."
"We built the policy comparison reporting into our processes that before we push any change to production, an engineer will stage actual date rule changes and policy changes. Another engineer will go in and do a comparison report of the last push policy to the last save, making sure what has been changed is what is expected to. From an operational excellence, it's huge for us. We have huge policies. All it takes is one accidental right click, delete, or backspace button, which could impact our business. So, this is something that we use almost day in and day out."
"I don't think that we were ever slow, but we can now say that changes are completed within twenty-four hours."
"The product supports out-of-the-box reporting with context about the asset and allows us to perform complex custom queries on UI."
"I like Wiz's reporting, and it's easy to do queries. For example, it's pretty simple to find out how many servers we have and the applications installed on each. I like Wiz's security graph because you can use it to see the whole organization even if you have multiple accounts."
"The automation roles are essential because we ultimately want to do less work and automate more. The dashboards are easy to read and visually pleasing. You can understand things quickly, which makes it easy for our other teams. The network and infrastructure teams don't know as much about security as we do, so it helps to have a tool that's accessible and nice to look at."
"With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment."
"Our most important features are those around entitlement, external exposure, vulnerabilities, and container security."
"The security baseline and vulnerability assessments is the valuable feature."
"The solution is very user-friendly."
"The first thing that stood out was the ease of installation and the quick value we got out of the solution."
"PingSafe can improve by eliminating 100 percent of the false positives."
"here is a bit of a learning curve. However, you only need two to three days to identify options and get accustomed."
"The Kubernetes scanning on the Oracle Cloud needs to be improved. It's on the roadmap. AWS has this capability, but it's unavailable for Oracle Cloud."
"With Cloud Native Security, we can't selectively enable or disable alerts based on our specific use case."
"There's an array of upcoming versions with numerous features to be incorporated into the roadmap. Customers particularly appreciate the service's emphasis on intensive security, especially the secret scanning aspect. During the proof of concept (POC) phase, the system is required to gather logs from the customer's environment. This process entails obtaining specific permissions, especially in terms of gateway access. While most permissions for POC are manageable, the need for various permissions may need improvement, especially in the context of security."
"There is a bit of a learning curve for new users."
"Bugs need to be disclosed quickly."
"Cloud Native Security's reporting could be better. We are unable to see which images are impacted. Several thousand images have been deployed, so if we can see some application-specific information in the dashboard, we can directly send that report to the team that owns the application. We'd also like the option to download the report from the portal instead of waiting for the report to be sent to our email."
"The GUI is limited with respect to how much you can develop and visualize the process."
"The initial setup was complex. We have a big environment which contributed to the setup's complexity."
"Its price is reasonable, but it could be lower. It could have a more effective approach for creating and changing rules. It could provide advice or suggestions for a better understanding of rules and changing the rules. There should be suggestions for the rules that need to be changed to make them less risky."
"The firewall management is complex for beginners."
"We have had a couple issues with the VMs, but I think it was just because they were starving for resources. A recommendation on what the virtual appliances should have for resources would be appreciated."
"There are at least two things that need improvement. One is the business workflow and the second is the integration with logging solutions."
"We want to have the ability for a ticket requester to add somebody, or to give somebody view rights to their ticket."
"I needed more help getting the product to work in the lab."
"One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging."
"The solution's container security could be improved."
"The only thing that needs to be improved is the number of scans per day."
"We're looking at some of the data compliance stuff that they've got Jon offer. I know they're looking at container security, which we gonna be looking at next."
"Wiz's reporting capabilities could be refined a bit. They are making headway on that, but more executive-style dashboards would be nice. They just implemented a community aspect where you can share documents and feedback. This was something users had been requesting for a while. They are listening to customer feedback and making changes."
"The remediation workflow within the Wiz could be improved."
"Given the level of visibility into all the cloud environments Wiz provides, it would be nice if they could integrate some kind of mechanism to better manage tenants on multiple platforms. For example, let's say that some servers don't have an application they need, such as an antivirus. Wiz could include an API or something to push those applications out to the servers. It would be great if you could remedy these issues directly from the Wiz platform."
"We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade... We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
Tufin Orchestration Suite is ranked 22nd in Container Security with 180 reviews while Wiz is ranked 2nd in Container Security with 12 reviews. Tufin Orchestration Suite is rated 8.0, while Wiz is rated 9.2. The top reviewer of Tufin Orchestration Suite writes "A flexible, very secure solution that works well in Layer 2 environments". On the other hand, the top reviewer of Wiz writes "Multiple features help us prioritize remediation, and agentless implementation reduces overhead". Tufin Orchestration Suite is most compared with AlgoSec, FireMon Security Manager, Skybox Security Suite and Palo Alto Networks Panorama, whereas Wiz is most compared with Prisma Cloud by Palo Alto Networks, Orca Security, Microsoft Defender for Cloud, AWS Security Hub and Lacework. See our Tufin Orchestration Suite vs. Wiz report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.