Tufin Orchestration Suite is praised for its comprehensive security automation and policy management features but criticized for its UI and reporting limitations. On the other hand, Wiz is commended for its data security and exposure prevention, actionable insights, and an agentless scanning. The pricing, ease of installation, and customer service for both products have been praised by users.
The summary above is based on 30 interviews we conducted recently with Tufin Orchestration Suite and Wiz users. To access the review's full transcripts, download our report.
"It is scalable, stable, and can detect any threat on a machine. It uses artificial intelligence and can lock down any virus."
"Our previous product took a lot of man hours to manage. Once we got Singularity Cloud Workload Security, it freed up our time to work on other tasks."
"We really appreciate the Slack integration. When we have an incident, we get an instant notification. We also use Joe Sandbox, which Singularity can integrate with, so we can verify if a threat is legitimate."
"The mean time to detect has been reduced."
"There's real-time threat detection. It can show threats and find issues based on their severity and helps us with real-time monitoring."
"PingSafe offers comprehensive security posture management."
"PingSafe provides email alerts and ranks issues based on severity, such as high, critical, etc., that help us prioritize issues."
"The visibility is the best part of the solution."
"The most valuable feature of this solution is that it reduces both the time required and the number of errors when making changes."
"The change workflow process is flexible and customizable... If we have a firewall completed and we want to redo it, if we need to re-engineer a particular firewall and open a different destination, we can do that by creating a break-fix... That is one of its useful tools."
"We find it to be flexible. If we have a change that needs to be done, it will go ahead and do it for all our devices, regardless of the manufacturer that we have associated with it."
"This solution has helped our clients because it allows them to leverage the tools so that they can actually reduce their overall expenses for the environment."
"One of the things that came up this week was the ability to decommission a server, which we thought was interesting. We had a workshop recently that talked about all the things that need to be thought about when managing firewalls. People said, "A lot of times, things get forgotten when you are decommissioning a server." E.g., making sure rules are taken away and taking out the rule set. The fact that there is an automated workload for that can be helpful."
"The visibility is very good. We have managers who are overseeing it, and they are approving things through it."
"The most valuable features are the Security Risks and Best Practices reporting/Rule base cleanup."
"Its ability to detect changes within our firewall."
"The automation roles are essential because we ultimately want to do less work and automate more. The dashboards are easy to read and visually pleasing. You can understand things quickly, which makes it easy for our other teams. The network and infrastructure teams don't know as much about security as we do, so it helps to have a tool that's accessible and nice to look at."
"The first thing that stood out was the ease of installation and the quick value we got out of the solution."
"With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment."
"I like Wiz's reporting, and it's easy to do queries. For example, it's pretty simple to find out how many servers we have and the applications installed on each. I like Wiz's security graph because you can use it to see the whole organization even if you have multiple accounts."
"The security baseline and vulnerability assessments is the valuable feature."
"The CSPM module has been the most effective. It was easy to deploy and covered all our accounts through APIs, requiring no agents. Wiz provides instant visibility into high-level risks that we need to address."
"Our most important features are those around entitlement, external exposure, vulnerabilities, and container security."
"Out of all the features, the one item that has been most valuable is the fact that Wiz puts into context all the pieces that create an issue, and applies a particular risk evaluation that helps us prioritize when we need to address a misconfiguration, vulnerability, or any issue that would put our environment into risk."
"Currently, we would have to export our vulnerability report to an .xlsx file, and review it in an Excel spreadsheet, and then we sort of compile a list from there. It would be cool if there was a way to actually toggle multiple applications for review and then see those file paths on multiple users rather than only one user at a time or only one application at a time."
"While PingSafe offers real-time response, there is room for improvement in alert accuracy."
"Their search feature could be better."
"Scanning capabilities should be added for the dark web."
"There's an array of upcoming versions with numerous features to be incorporated into the roadmap. Customers particularly appreciate the service's emphasis on intensive security, especially the secret scanning aspect. During the proof of concept (POC) phase, the system is required to gather logs from the customer's environment. This process entails obtaining specific permissions, especially in terms of gateway access. While most permissions for POC are manageable, the need for various permissions may need improvement, especially in the context of security."
"The categorization of the results from the vulnerability assessment could be improved."
"The could improve their mean time to detect."
"There is no break-glass account feature. They should implement this as soon as possible because we can't implement SSO without a break-glass feature."
"We actually had a key issue, which was a bug, that the development team didn't want to fix. We escalated it, then it got fixed. So, the management level seems very responsive at least, but at a support level, they are just regular support people and not outstanding."
"The two main negative points with Tufin Orca are the absence of full support and that accommodation of files and tools is not provided in a good way."
"There was some complexity during the initial setup"
"The GUI needs more visibility in terms of licensing because it is hard to tell which products and licensed and which are not."
"The firewall management is complex for beginners."
"Currently, we have to get different data from different sections of the site. It would be nice if it was all combined into one."
"We would like Tufin to have interoperability with Juniper products, along with official support."
"There is room for improvement in the speed of Tufin. It is using so many of my VM resources and yet it is still a bit slow... Even though we are allocating 130 gigs of RAM, we still have to wait for a few minutes for a single report to be generated. Otherwise it would be a perfect tool."
"Wiz's reporting capabilities could be refined a bit. They are making headway on that, but more executive-style dashboards would be nice. They just implemented a community aspect where you can share documents and feedback. This was something users had been requesting for a while. They are listening to customer feedback and making changes."
"We would like to see improvements to executive-level reporting and data reporting in general, which we understand is being rolled out to the platform."
"The reporting isn't that great. They have executive summaries, but it's only a compliance report that maps all current issues to specific controls. Whether you look at one subscription or project, regardless of the size, you will get a multipage report on how the issues in that account map to that control. Our CSO isn't going to read through that. He won't filter that out or show that to his leadership and say, "Here's what we're doing." It isn't a helpful report. They're working on it, but it's a poor executive summary."
"The remediation workflow within the Wiz could be improved."
"We're looking at some of the data compliance stuff that they've got Jon offer. I know they're looking at container security, which we gonna be looking at next."
"The solution's container security could be improved."
"The only small pain point has been around some of the logging integrations. Some of the complexities of the script integrations aren't supported with some of the more automated infrastructure components. So, it's not as universal. For example, they have great support for cloud formation and other services, but if you're using another type of management utility or governance language for your infrastructure-as-code automation components, it becomes a little bit trickier to navigate that."
"The only thing that needs to be improved is the number of scans per day."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
Tufin Orchestration Suite is ranked 22nd in Container Security with 180 reviews while Wiz is ranked 2nd in Container Security with 12 reviews. Tufin Orchestration Suite is rated 8.0, while Wiz is rated 9.2. The top reviewer of Tufin Orchestration Suite writes "A flexible, very secure solution that works well in Layer 2 environments". On the other hand, the top reviewer of Wiz writes "Multiple features help us prioritize remediation, and agentless implementation reduces overhead". Tufin Orchestration Suite is most compared with AlgoSec, FireMon Security Manager, Skybox Security Suite and Palo Alto Networks Panorama, whereas Wiz is most compared with Prisma Cloud by Palo Alto Networks, Orca Security, Microsoft Defender for Cloud, AWS Security Hub and Lacework. See our Tufin Orchestration Suite vs. Wiz report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.