Kali Linux vs. Metasploit vs. Wiz

Kali Linux is especially well suited in environments where high security is needed for your custom developed applications. This is well suited for offensive testing your high security in house developed applications. It is also very good for doing penetration testing on in house developed applications and safe guarding them from external attackers. Kali Linux is tough for use as a day to day Linux operating system as this was never intended to be used by beginners and occasional Linux users.

Incentivized

It is easy to use with sufficient documentation on how to use the tools for end users or newbies. Experienced testers will find it easy to customise and configure the test cases. Just wished that I could have taken up a course on using this tool in my study days so that I could had explored more and improved my familiarity with the tool, unlike when working where access and time to explore the other features of the tool is limited

Incentivized

Wiz is well-suited if you want to run real-time scans against resources that were recently patched or configured. It is good to keep track of vulnerabilities found and what can be done to resolve the issues without having to open up multiple tabs. Overall, it is good to keep an eye on how well cloud teams or cloud security teams are doing.

Incentivized

• Analyzing SSL certificates
• Analyzing SSL server configurations
• Vulnerability scanning
• Port scanning

Incentivized

• Easy to use.
• Many exploits available.
• Multi-platform.

Incentivized

• Multi-cloud: Ability of Wiz to integrate with all of our cloud platforms makes it easy to deploy and centralizes our insights into all environments
• UI/UX: Wiz's UI is one of, if not -- the best UI I have ever used in a security application. Wiz is able to make it easy to follow and use the application to simplify the normally overcomplicated process of parsing through security information and tools.
• Marketing: Hosting meetups such as Wizdom has demonstrated Wiz's investment into its customers by providing us with more encouragement to use the app. The merch, ads, and presentation are above and beyond many companies in the tech industry.
• Threat Intel: We rely on Wiz for the latest finds in vulnerabilities across all platforms, and since it is incorporated into the application, it makes this easy and fast to push out necessary steps without going through multiple layers of communication between vendors, cyber governance, security analysts, and developers.

Incentivized

• Option to deselect tools upon install
• Instructions for all the tools
• Lightweight install option

Incentivized

• More robust menus
• Better plugin inter-operation

Incentivized

• I would like to see the modification of the issue status to be wrapped in some form of a permission
• I would like to be able to show filtered queries on the Identity Entitlements screen also on the security graph.
• I wish I didn't have to create an automation rule (when the rule does just about the same thing in each) for each project (in Wiz).

Incentivized

The UI is very user-friendly, with documentation available on every page of the application. New users can learn about the product features as they navigate through several different pages, using the instructions at the top of each page, making it quite easy to use.

Incentivized

Never experience issue yet

Incentivized

No issues

Incentivized

We don't use it.

Incentivized

it great support very responsive up to the point

Incentivized

Multiple option with automation features as well

Incentivized

I will Stack Kali Linux at the top of among to its similar devices.

Incentivized

Metasploit is the most well-known tool in the average pen tester's toolkit. It's hard to compare to its neighbor's due to its size and following.

Incentivized

We previously used Lacework but transitioned to Wiz as part of our effort to improve cloud security visibility and streamline risk management. While Lacework provided useful insights, we found that Wiz offered a clearer, more intuitive interface and better collaboration features, making it easier for both Security and Engineering teams to work together.
The Security Graph and automated risk analysis in Wiz have been especially valuable, helping us quickly understand exposures and prioritise fixes. Overall, the transition to Wiz has improved how we manage security risks across our cloud environment.

Incentivized

flexible on over utilization and have fair prices

Incentivized

Robots front end API and ment for developer to use

Incentivized

base on our experience

Incentivized

• Costs
• Time taken to setup
• Configurations needed for each use

Incentivized

• Positive: Improves efficiency of our network penetration testing operations.
• Positive: Allows for collaboration and information sharing during a penetration test.

Incentivized

• Wiz has saved us a lot of money and headaches. It finds problems we didn't even know we had, like weak passwords and open ports. This helps us fix things before hackers can find them. It's like having a team of security experts working 24/7.
• Plus, Wiz can fix some problems itself, saving us time and money. It's a great investment for our business.
• Wiz has made our cloud much safer. It helps us find and fix problems quickly, which means we can focus on our core business. It's like having an extra layer of protection for our data and systems.