I recently attended a tech sales demo for Wiz, and I used to believe their product was completely agentless. It seemed to just analyze AWS environments for vulnerabilities and misconfigurations. However, during the demo, I was shown some agent-based features and automation tools for fixing issues. Has anyone here experienced this change? Also, what specific use cases have you found for Wiz in your organization, especially regarding threats that you care about?
7 Answers
If you're not keen on using agents at all, you can still gain insights without them. Wiz is beneficial in poorly managed systems or those with legacy workloads. However, in well-managed environments, the added value mostly comes from correlation of data, which is accessible via APIs anyway. So the real question is about the actionable insights you can glean, and that often requires integration into your existing workflows.
The term 'agent' is changing in this context. Wiz started as agentless but has added a lightweight runtime sensor for better workload visibility. The core vulnerability management still relies on APIs, but if you want real-time detection and auto-remediation, you need the sensor. Just keep your options open.
Funny enough, when I initially reached out for a demo, they told me I wasn’t a big enough customer to be considered. Seems like they could be missing opportunities!
They really need to understand their market better!
Their loss! I’m actually working on an open-source alternative called subimage.io, focused on security graphs.
Their Kubernetes agent is closed-source and requires privileged permissions, which makes me uneasy. I prefer using solutions that are open-source or have third-party audits to ensure security. I've switched to alternatives like Datadog Security instead.
Wiz offers both agentless and agent options now. The installed agents can actively block and monitor the servers where they’re deployed, but I’ve heard mixed reviews about their effectiveness.
My team decided against using their agent since it felt immature and way overpriced for what it offered. We’re looking for more robust solutions out there.
Yeah, the whole agent thing can be confusing. They market themselves as agentless, but now they’re using eBPF sensors that some might consider agents. These sensors can provide awesome runtime visibility, but I’ve seen instances where the resource usage wasn’t as light as they claim. It’s good to have the extra insights, though, if you can manage the overhead.
I totally agree! I pointed this out during a sales pitch, and it didn't go over well. They need to be clear about what they're selling.
I requested a trial several months back and didn’t even get a follow-up.