Prisma versus Wiz

  • Prisma mainly looks at misconfiguration of resources - not really vulnerabilities
  • Agent based scans are not tied to CSPM reporting.
  • While prisma does OS level agent scans, those scans do not report back - so if a system has been switched off when you are doing your non-compliant report (and then switched on), those systems will not be reported as non-compliant.
  • Wiz Shows all the software installed - webservers, databases etc.
  • Kubernetes - just appears as another cloud for wiz. Shows whether external secrets are being read/exposed
  • Serverless - misconfigurations, privilege escalations on serverless resources, publicly exposed serverless.

How does Wiz Work?

No scanning agents. Agentless. Works by taking snapshots of VMs, serverless etc. The snapshots can go to the SaaS service of Wiz for analysis. Or it can go to a natively (customer) deployed cluster for analysis.

Wiz Two Winning Points

The amount of raw data scanned is more comprehensive. The analysis of the raw data is more meaningful.

Wiz new scan is triggered by events -  e.g. a new VM spin up.