• Home
  • JFrog Xray vs. Wiz

JFrog Xray vs Wiz comparison

Cancel
You must select at least 2 products to compare!
JFrog Logo

JFrog Xray

Read 7 JFrog Xray reviews
208 views|159 comparisons
100% willing to recommend
Wiz Logo

Wiz

Read 11 Wiz reviews
8,467 views|6,277 comparisons
100% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
JFrog Xray vs. Wiz
March 2024
Executive Summary

We performed a comparison between JFrog Xray and Wiz based on real PeerSpot user reviews.

Find out in this report how the two Vulnerability Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed JFrog Xray vs. Wiz Report (Updated: March 2024).
Download the complete report
768,857 professionals have used our research since 2012.
Featured Review
Narendra-Singh
Useful dependencies hierarchy view and scales well
JFrog Xray has helped us improve our architecture.
Eric Acosta
It's easy to do queries to find out how many servers we have and the applications installed on each
Wiz's biggest benefit is visibility. My organization acquired a few other companies, and we didn't know what we had. With Wiz, we only needed to... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"JFrog Xray shows us a list of vulnerabilities that can impact our code.""Good reporting functionalities.""The most valuable feature of JFrog Xray is the display of the entire internal dependencies hierarchy.""If multiple dependencies and vulnerabilities are found in a project, JFrog Xray is intelligent enough to tell you which vulnerability to target first.""The solution is stable and reliable.""I would say that this solution has helped our organization by allowing us to automate a lot of the processes.""JFrog Xray's reporting feature has a lot of options in it, including scanning."

More JFrog Xray Pros →

"With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment.""The product supports out-of-the-box reporting with context about the asset and allows us to perform complex custom queries on UI.""The vulnerability management modules and the discovery and inventory are the most valuable features. Before using Wiz, it was a very manual process for both. After implementing it, we're able to get all of the analytics into a single platform that gives us visibility across all the systems in our cloud. We're able to correspond and understand what the vulnerability landscape looks like a lot faster.""The first thing that stood out was the ease of installation and the quick value we got out of the solution.""I like Wiz's reporting, and it's easy to do queries. For example, it's pretty simple to find out how many servers we have and the applications installed on each. I like Wiz's security graph because you can use it to see the whole organization even if you have multiple accounts.""The solution is very user-friendly.""The security baseline and vulnerability assessments is the valuable feature.""Our most important features are those around entitlement, external exposure, vulnerabilities, and container security."

More Wiz Pros →

Cons
"Lacks deeper reporting, the ability to compare things.""JFrog Xray's documentation and error logging could be improved.""Since we have been using the solution via APIs, there are some limitations in the APIs.""JFrog Xray does not have a dashboard.""The speed of JFrog Xray should improve. Other solutions have better performance.""I think that the user interface should be expanded to provide customers with a better dashboard for reviewing their feedback regarding their images and the vulnerabilities that are associated with the images.""Reporting is crucial, but it is lacking in the current tool. Every organization seeks specific data points rather than general information. Therefore, we require customized reports from the Xray tool."

More JFrog Xray Cons →

"The only small pain point has been around some of the logging integrations. Some of the complexities of the script integrations aren't supported with some of the more automated infrastructure components. So, it's not as universal. For example, they have great support for cloud formation and other services, but if you're using another type of management utility or governance language for your infrastructure-as-code automation components, it becomes a little bit trickier to navigate that.""The only thing that needs to be improved is the number of scans per day.""We would like to see improvements to executive-level reporting and data reporting in general, which we understand is being rolled out to the platform.""Given the level of visibility into all the cloud environments Wiz provides, it would be nice if they could integrate some kind of mechanism to better manage tenants on multiple platforms. For example, let's say that some servers don't have an application they need, such as an antivirus. Wiz could include an API or something to push those applications out to the servers. It would be great if you could remedy these issues directly from the Wiz platform.""The solution's container security could be improved.""One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging.""We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade... We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately.""The remediation workflow within the Wiz could be improved."

More Wiz Cons →

Pricing and Cost Advice
Information Not Available
  • "The pricing seems pretty simple. We don't have to do a lot of calculations to figure out what the components are. They do it by enabling specific features, either basics or advanced, which makes it easy to select."
  • "The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing."
  • "The pricing is fair and comparable to their competitors. The cost seems to be going up, which is a concern. There are potential savings from consolidating tools, but we're uncertain how Wiz's pricing will change over time."
  • "I wish the pricing was more transparent."
  • "The cost of the other solutions is comparable to Wiz."
  • "Wiz is a moderately priced solution, where it is neither cheap nor costly."

    • More Wiz Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
    See Recommendations
    768,857 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about JFrog Xray?
    Top Answer:JFrog Xray shows us a list of vulnerabilities that can impact our code.
    Read all 5 answers   →
    What needs improvement with JFrog Xray?
    Top Answer:There is a tool called DefectDojo for reporting. Reporting is crucial, but it is lacking in the current tool. Every organization seeks specific data points rather than general information. Therefore… more »
    Read all 5 answers   →
    What is your primary use case for JFrog Xray?
    Top Answer:We use this solution to identify vulnerabilities in the dependency file. We have the Artifactory package which integrates with Xray-like plugins. We can automatically plug this tool into Xray to… more »
    Read all 5 answers   →
    How would you compare Wiz vs Lacework?
    Top Answer:Wiz and Lacework sucks... Buy Orca. 
    AWS Cloud Security Posture tool - has anyone used either Wiz or Ermetic ...
    Top Answer:Whether or not the cost of third-party Cloud Security tools is justified would depend on your specific needs and budget. Suppose you are looking for a comprehensive Cloud Security solution that can… more »
    What do you like most about Wiz?
    Top Answer:With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment.
    Read all 7 answers   →
    Ranking
    16th
    out of 110 in Vulnerability Management
    Views
    208
    Comparisons
    159
    Reviews
    6
    Average Words per Review
    495
    Rating
    8.2
    4th
    out of 110 in Vulnerability Management
    Views
    8,467
    Comparisons
    6,277
    Reviews
    11
    Average Words per Review
    1,370
    Rating
    9.2
    Comparisons
    Black Duck logo
    Black Duck vs. JFrog Xray
    Compared 29% of the time.
    Snyk logo
    Snyk vs. JFrog Xray
    Compared 11% of the time.
    Mend.io logo
    Mend.io vs. JFrog Xray
    Compared 8% of the time.
    Veracode logo
    Veracode vs. JFrog Xray
    Compared 8% of the time.
    Amazon Inspector logo
    Amazon Inspector vs. JFrog Xray
    Compared 1% of the time.
    More JFrog Xray Competitors   →
    Orca Security logo
    Orca Security vs. Wiz
    Compared 14% of the time.
    Microsoft Defender for Cloud logo
    Microsoft Defender for Cloud vs. Wiz
    Compared 9% of the time.
    AWS Security Hub logo
    AWS Security Hub vs. Wiz
    Compared 5% of the time.
    Lacework logo
    Lacework vs. Wiz
    Compared 5% of the time.
    More Wiz Competitors   →
    Also Known As
    JFrog Security Essentials
    Learn More
    JFrog
    Wiz
    Overview

    JFrog is on a mission to enable continuous updates through Liquid Software, empowering developers to code high-quality applications that securely flow to end-users with zero downtime. The world’s top brands such as Amazon, Facebook, Google, Netflix, Uber, VMware, and Spotify are among the 4500 companies that already depend on JFrog to manage binaries for their mission-critical applications. JFrog is a privately-held, global company, and is a proud sponsor of the Cloud Native Computing Foundation [CNCF].

    If you are a team player and you care and you play to WIN, we have just the job you're looking for.

    As we say at JFrog: "Once You Leap Forward You Won't Go Back!"​

    Wiz is a highly efficient solution for data security posture management (DSPM), with a 100% API-based approach that provides quick connectivity and comprehensive scans of platform configurations and workloads. The solution allows companies to automatically correlate sensitive data with relevant cloud context, such as public exposure, user identities, entitlements, and vulnerabilities.This integration enables them to understand data accessibility, configuration, usage, and movement within their internal environments.

    Wiz's Security Graph delivers automated alerts whenever risks emerge, allowing teams to prioritize and address the most critical issues before they escalate into breaches. Furthermore, Wiz ensures rapid and agentless visibility into critical data across various repositories, enabling organizations to easily determine the location of their data assets.

    Wiz Features

    Wiz provides various features in the following categories:

    • Agentless Scanning: The solution can scan every layer of a cloud environment without requiring agents, managing the entire process and providing comprehensive visibility.

    • Workflow Integration: Users can create customized workflows within Wiz to identify and assign actions based on urgency, integrating them with ticketing systems for quick and efficient remediation.

    • Vulnerability Management: Wiz's vulnerability management modules provide detailed analytics and visibility across cloud systems, streamlining the manual process of vulnerability discovery. The automated attack path analysis helps identify risks and trace potential points of exposure, allowing users to understand and mitigate them effectively and proactively.

    • CSPM (Cloud Security Posture Management): Wiz's CSPM module offers instant visibility into high-level risks to an enterprise’s cloud environment, covering all accounts without the need for agents.

    • Out-of-the-Box Reporting and Custom Queries: The service supports comprehensive reporting with asset context, allowing users to perform complex custom queries on the solution’s user-friendly interface.

    • Automation Roles and Dashboards: The solution facilitates automation by providing essential roles and dedicated dashboards that enable teams to understand security information quickly, even those with limited expertise.

    • Contextual Risk Evaluation: The service contextualizes the various components contributing to an issue, providing a risk evaluation framework that helps prioritize remediation efforts.

    • Security Graph and Visibility: Wiz's security graph offers visibility across the entire organization, even with multiple accounts, enabling users to understand their environment and assets effectively.

    The Benefits of Wiz

    Wiz offers the following benefits:


    • Comprehensive agentless scanning

    • Effective identification and mitigation of vulnerabilities

    • Streamlined vulnerability management

    • Robust reporting capabilities and customizable queries

    • Enhanced automation and role-based access control

    • Prioritized risk evaluation for efficient remediation

    • Security posture across multiple accounts

    Reviews from Real Users

    Kamran Siddique, VP Information Security at boxed.com, remarks his company has seen a ROI while using Wiz, as it simplifies the process by integrating multiple useful tools into one solution.

    According to a Senior Security Architect at Deliveroo, Wiz has given their company a fresh approach to vulnerability management, as Wiz's native integrations are extremely useful and paramount to the operational success of their platform.



    Get a demo | Wiz

    Sample Customers
    google, amazon, cisco, netflix, oracle, vmware, facebook
    Wiz is the fastest growing software company ever - $100M ARR in 18 months: Wiz becomes the fastest-growing software company ever | Wiz Blog  Discover why companies, including Salesforce, Morgan Stanley, Fox, and Bridgewater choose Wiz as their cloud security partner. Read their success stories here: Customers | Wiz
    Top Industries
    VISITORS READING REVIEWS
    Financial Services Firm23%
    Manufacturing Company15%
    Computer Software Company12%
    Insurance Company5%
    REVIEWERS
    Computer Software Company38%
    Retailer13%
    Outsourcing Company13%
    Manufacturing Company13%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm14%
    Manufacturing Company9%
    Government6%
    Company Size
    REVIEWERS
    Midsize Enterprise29%
    Large Enterprise71%
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise10%
    Large Enterprise76%
    REVIEWERS
    Small Business17%
    Midsize Enterprise25%
    Large Enterprise58%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise15%
    Large Enterprise65%
    Buyer's Guide
    JFrog Xray vs. Wiz
    March 2024
    Free Report: JFrog Xray vs. Wiz
    Find out what your peers are saying about JFrog Xray vs. Wiz and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    768,857 professionals have used our research since 2012.

    JFrog Xray is ranked 16th in Vulnerability Management with 7 reviews while Wiz is ranked 4th in Vulnerability Management with 11 reviews. JFrog Xray is rated 8.2, while Wiz is rated 9.2. The top reviewer of JFrog Xray writes "An intelligent solution that prioritizes which vulnerability to target first in your project". On the other hand, the top reviewer of Wiz writes "Multiple features help us prioritize remediation, and agentless implementation reduces overhead". JFrog Xray is most compared with Black Duck, Snyk, Mend.io, Veracode and Amazon Inspector, whereas Wiz is most compared with Prisma Cloud by Palo Alto Networks, Orca Security, Microsoft Defender for Cloud, AWS Security Hub and Lacework. See our JFrog Xray vs. Wiz report.

    See our list of best Vulnerability Management vendors and best Container Security vendors.

    We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.