Wiz
Capability scores
Methodology →- Authentication
- 3.0
- SSO & Federation
- 3.0
- Authorization
- 4.5
- Lifecycle & Provisioning
- 2.5
- MFA & Passwordless
- 2.5
- Governance & Audit
- 4.5
- Developer Experience
- 4.5
- Deployment Flexibility
- 3.5
- Pricing Transparency
- 2.0
- Support & Ecosystem
- 4.5
Scored 0–5 against a published rubric. Independent analysis, no vendor sponsorship.
Overview
Wiz is a cloud security platform (CNAPP) that folded entitlement management into its broader graph-based approach. CIEM is one capability among many, sitting alongside CSPM, workload scanning, and exposure analysis. Wiz is one of the fastest-growing security vendors and a clear market leader in cloud security.
Capability deep-dive
The strength is context. The Wiz Security Graph maps identities, effective permissions, and resources together, so you see not just an over-privileged role but whether that role can actually reach sensitive data through a real attack path. Cross-cloud coverage (AWS, Azure, GCP) is strong, and the developer experience is good. The weakness is that CIEM is not Wiz's center of gravity. Remediation tends to be advisory rather than enforced, and there is no native just-in-time provisioning or access-request workflow. If you want active entitlement lifecycle management rather than visibility and prioritization, Wiz alone will not cover it.
Pricing
Quote-based and opaque. Pricing is typically tied to the number of cloud workloads/resources and which modules you license. Expect enterprise sales engagement, annual commitments, and no public price list. CIEM is generally bundled into broader CNAPP packaging rather than sold standalone.
Bottom line
Pick Wiz if you want entitlement risk understood inside a cloud security platform you already run, not if you need standalone CIEM with enforcement and access workflows.