Picus Security Reviews (229)

Reviews

Picus Security Reviews (229)

4.8
229 reviews

What do users say?

Generated using AI from real user reviews
Users consistently praise continuous security validation and realistic attack simulations that help identify vulnerabilities before they can be exploited. The platform's intuitive interface and actionable insights make it easy for teams to improve their security posture. However, some users note that the initial setup can be complex and time-consuming.

Pros & Cons

Generated from real user reviews
View All Pros and Cons
Search reviews
Filter Reviews
Clear Results
G2 reviews are authentic and verified.
VM
Ved Prakash M.
VAPT/Bas Security Eniginear
Security and Investigations
Enterprise (> 1000 emp.)
"Picus Makes Our Security Stronger"
5/5
What do you like best about Picus Security?

However, Picus Security has made major progress when it comes to adding even more value to continuous threat simulation for security professionals. One of the most notable advancements that Picus made is that of deeper integration with the help of the use of generative AI, including solutions such as Picus AI Chaser, which is an ability to produce mitigation scripts and describe threat behavior in plain English almost immediately. In addition to this, the expansion into Cloud Strike capabilities means that one can easily perform attack simulation on multi-cloud infrastructures (such as AWS and Azure), as well as on-premise networks. With the addition of their threat library at breakneck speed and immediate simulations of ransomware and zero-day threats, they have become way more than a validation solution. Review collected by and hosted on G2.com.

What do you dislike about Picus Security?

Even though the platform is highly powerful at this point, it still has much room for development concerning friction within operations and maturity of its ecosystem. As Picus introduces new capabilities such as cloud security posture validation and identity threat detection, its UI can be confusing at times, which makes the setup and dashboard navigation not very intuitive for small teams. Also, while Picus has expanded its list of native integrations, deep bi-directional integration with niche SIEM/SOAR products and EDR solutions would help to avoid switching between dashboards. Lastly, lowering the execution time for full-fledged simulation playbooks and introducing more detailed report templates would allow for better translation of technical risks to executives. Review collected by and hosted on G2.com.

RY
Rohit Y.
Cyber Security Analyst
Small-Business (50 or fewer emp.)
"A Proactive Approach to Threat Readiness"
4.5/5
What do you like best about Picus Security?

Picus Security has introduced several new features to enhance efficiency, visibility, within Breach and Attack Simulation (BAS) operations:

1. Share Agent Logs

Previously, troubleshooting required remote access to endpoints where the Picus agent was installed in order to manually collect logs. With the Share Agent Logs feature, logs can now be directly downloaded from the Picus dashboard. This eliminates the need for remote sessions, saving time and simplifying support processes.

2. Manage Execution User

This feature enables organizations to create and manage multiple users with different privilege levels and use them during simulations. While performing endpoint attack simulations, you can select the specific user context under which the simulation will run.

This allows attacks to be executed from the perspective of different user types—such as standard or privileged users—making scenarios more realistic.

3. Network Attack-Only Mode

Previously, when endpoint security solutions such as EDR were active, the results of simulations often appeared combined, making it difficult to clearly identify which security control—network or endpoint—had taken action. To evaluate network security controls in isolation, it was necessary to disable or remove the EDR.

With the introduction of Network Attack-Only Mode, this limitation has been addressed. Users can now exclude endpoint security directly from the Picus portal, allowing them to simulate attacks focused solely on network controls. This provides clear, independent visibility into the effectiveness of network defenses without the need to remove or disable EDR, ensuring both accurate evaluation and continuous endpoint protection.

4. Enhanced Visibility

In environments with multiple network security controls and endpoint protection solutions, Picus now provides clear visibility into which control has blocked an attack. When integrated with SIEM platforms, this capability helps security teams evaluate the effectiveness of each layer in their defense architecture.

5. Expanded SIEM/EDR/XDR Integrations

Picus has broadened its integration capabilities with a wider range of OEM solutions. Review collected by and hosted on G2.com.

What do you dislike about Picus Security?

Picus Security could further improve detection accuracy, particularly in concurrent simulation scenarios. When the same attack simulation is executed simultaneously on multiple systems at a same time and if system is unable to find logs for the intended machine, it may fetch logs from another system instead, leading to incorrect attribution of results. Review collected by and hosted on G2.com.

Sanjay K.
SK
Sanjay K.
Senior security engineer
Enterprise (> 1000 emp.)
"Streamlines Threat Detection with Ease"
4/5
What do you like best about Picus Security?

I like Picus Security's capability to validate different kinds of threats in infrastructure, identify gaps at the endpoint, and network level. It helps us pass network and endpoint tests and creates detection rules to deploy in our infrastructure, which helps identify trends in the future. I also found the installation process straightforward with a well-structured document. The agent can be installed easily as a service or a portable agent. Review collected by and hosted on G2.com.

What do you dislike about Picus Security?

In terms of improvement, Picus Security could offer well-established recommendations and provide ideas for detection rules when simulations detect threats. After the simulation is complete, it would be helpful if Picus could give detailed recommendations and ideas for tools to update infrastructure. Review collected by and hosted on G2.com.

Prashant S.
PS
Prashant S.
Managing Director
Mid-Market (51-1000 emp.)
"Empowers Security Posture, Needs Faster POC for WAF"
5/5
What do you like best about Picus Security?

I like that Picus Security offers our customers a vendor-specific mitigation plan. It really helps them to instantly act upon the inputs provided in the report and improve their security posture. I also appreciate how easy the initial setup is, except for the web application firewall, but everything else is very easy. Additionally, the security controls are vendor-specific, guiding our customers on what to do, like downloading a particular signature or upgrading firmware. This feature is especially beneficial for our clients in banking, insurance, and finance. Review collected by and hosted on G2.com.

What do you dislike about Picus Security?

As a system integrator, when we do a proof of concept (POC) for our customers, it's really important for it to be fast. Picus Security can improve on how they approach the POC for the web application firewall. It's slightly time-consuming and requires a lot of approval from the customer side. Also, the initial setup was very easy, except for the web application firewall part. Review collected by and hosted on G2.com.

Furkan .
F
Furkan .
Siber Defans Uzmanı, Veri Koruma ve Güvenlik Operasyonları
Enterprise (> 1000 emp.)
"An effective platform that provides continuous visibility in cybersecurity controls"
5/5
What do you like best about Picus Security?

The best aspect of Picus Security is that it keeps our security controls active with continuously updated attack simulations. The platform is very user-friendly, and we can easily analyze vulnerabilities through the dashboard. Thanks to real-time reports, our team can take quick action. Additionally, the customer support team is extremely attentive and solution-oriented. Review collected by and hosted on G2.com.

What do you dislike about Picus Security?

Simulation scripts could be deployed automatically. Review collected by and hosted on G2.com.

MH
Mok H.
Project Engineer
Mid-Market (51-1000 emp.)
"Able to integrate with majority of market cybersecurity solutions"
5/5
What do you like best about Picus Security?

Picus Security SCV is able to support integration with the majority of cybersecurity solutions on the market to perform security assessments. In addition, by integrating only with SIEM/XDR/EDR to validate the logs, it makes security stack integration simpler overall. Review collected by and hosted on G2.com.

What do you dislike about Picus Security?

The solution training, it lack of post sales training in its Picus Academy portal. Review collected by and hosted on G2.com.

Khairul A.
KA
Khairul A.
Security Consultant
Enterprise (> 1000 emp.)
"Intuitive Security Validation with Fast Support"
4/5
What do you like best about Picus Security?

I like Picus Security's ease of use for each feature, especially the prebuilt attack simulation which is easier for us to utilize. The dashboard is intuitive and helps us understand the flow easily. I also appreciate the support provided by the Picus team as they respond quite fast whenever we encounter any hiccups. Additionally, Picus Security integrates well with our SIEM/EDR and other tools, enhancing our security setup. Review collected by and hosted on G2.com.

What do you dislike about Picus Security?

They have AI usage but quite limited with only several predetermined questions. But heard it is going to be improved alot. Review collected by and hosted on G2.com.

PV
Purvarajsinh V.
Security Analyst
Information Technology and Services
Enterprise (> 1000 emp.)
"BAS Simulation with Prevention and Mitigation - Technical Review"
5/5
What do you like best about Picus Security?

Picus Security is an outstanding platform for continuous security validation, providing clear visibility into which controls are active and what threats are being blocked.

Ease of Use: Very intuitive and user-friendly interface.

Ease of Implementation: Straightforward deployment with excellent documentation.

Customer Support: Responsive and knowledgeable support team, backed by strong resources.

Frequency of Use: Used regularly to validate and optimize security posture.

Number of Features: Rich feature set covering a wide range of security validation needs.

Ease of Integration: Seamlessly integrates with existing security tools and infrastructure.

Overall, Picus adds tremendous value by ensuring security controls remain effective and organizations stay resilient against evolving threats. Review collected by and hosted on G2.com.

What do you dislike about Picus Security?

Honestly, there isn’t much to dislike. The platform delivers strong value across usability, implementation, features, and support. If anything, the pace of updates and new feature releases makes it challenging to keep up, but this is more of a positive reflection of their innovation than a drawback. Review collected by and hosted on G2.com.

BHV S.
BS
BHV S.
Chief Operating Officer
Mid-Market (51-1000 emp.)
"Outstanding PICUS India Team and a Clearly Differentiated Solution"
5/5
What do you like best about Picus Security?

1. The PICUS India team, led by Harmeet Kalra. 2. The solution itself stands apart from other offerings and clearly demonstrates its value differentiator. Review collected by and hosted on G2.com.

What do you dislike about Picus Security?

Please do not discontinue the assessments. Many times, they’re the foot in the door for a very competitive account. Review collected by and hosted on G2.com.

Verified User in Information Technology and Services
CI
Verified User in Information Technology and Services
Mid-Market (51-1000 emp.)
"Simple Setup, Fast Validation of Your Cyber Infrastructure"
5/5
What do you like best about Picus Security?

Simplicity of installation and use, quick validation of the current invested cyber infrastructure for the customer. Assist in remediating or guidance to problems discovered Review collected by and hosted on G2.com.

What do you dislike about Picus Security?

Not really a traditional Breach and Attack Simulation solution. Cannot go into great depth on the problem and support. Just provides guidance. Require ongoing operational commitment. Not a set-and-forget solution as well not the cheapest compared to the competition. Review collected by and hosted on G2.com.