Picus Security Reviews & Product Details

It can automatically and continuously validate and enhance the effectiveness of security controls. Review collected by and hosted on G2.com.

Unfortunately not all third-party security tools are supported. Review collected by and hosted on G2.com.

The solution is easy to use, with a clear and detailed knowledge base. The overall performance has minimal issues and operates efficiently. Review collected by and hosted on G2.com.

A little bit slow for initial case support but after assigning, support is great. Review collected by and hosted on G2.com.

What I like best about Picus Security is its ability to simulate real-world cyber threats in a safe and controlled environment, providing clear insights and actionable recommendations to strengthen our defenses. The platform is user-friendly, and the continuous updates ensure we’re always prepared for emerging threats. Review collected by and hosted on G2.com.

There’s very little to dislike about Picus Security. If anything, I would say that the breadth of features means there’s a bit of a learning curve at the beginning, but the available documentation and support quickly make the platform easy to use. Review collected by and hosted on G2.com.

What I like most is how easy it is to run realistic attack simulations and see right away where we’re exposed. The threat library is updated very often, so tests feel relevant to what’s actually happening out there. The platform also gives clear, practical advice on how to fix the issues, and it integrates well with the tools we already use. Review collected by and hosted on G2.com.

Setting it up in a complex environment takes some time, especially if you want to avoid any impact on production systems. The reports are detailed, but I wish there were more options to tailor them for specific compliance needs. It’s not the cheapest solution, so for smaller companies it could be a stretch. Review collected by and hosted on G2.com.

What I like best about Picus Security is its ability to emulate real-world cyber threats in a controlled environment, allowing security teams to proactively validate and fine-tune their defenses without waiting for an actual breach. Its continuous security control validation bridges the gap between detection and prevention, offering both strategic insights and tactical improvements in one unified platform. Review collected by and hosted on G2.com.

While Picus Security is great at simulating real-world threats, one downside is its dependence on predefined attack scenarios. These may not always cover new or highly targeted threats. Also, the platform's resource-heavy simulations can affect system performance during busy times. This requires careful planning and adjustment. Review collected by and hosted on G2.com.

Picus Security provides an end-to-end platform for validating security controls, attack paths, and detection rules in real time. I particularly value the breadth of its simulation library, covering thousands of up-to-date threat scenarios, and the clarity of its dashboards. The solutions including Security Control Validation, Attack Path Validation, and Detection Rule Validation, make it easy to identify gaps and provide actionable remediation guidance. The platform’s ease of use, straightforward implementation process, and strong integration capabilities mean I can run assessments frequently without impacting production environments. Their customer support team is highly responsive and knowledgeable, ensuring that any questions or challenges are addressed quickly and effectively. Review collected by and hosted on G2.com.

The Security Control Validation (SCV) product is excellent, but I would like to see even more products and capabilities added within the SCV offering in the future. That said, the current portfolio is already very strong and delivers significant value. Review collected by and hosted on G2.com.

I recently had the chance to use Picus’ BAS technology, and I was genuinely impressed. It continuously validates security controls with real-world attack simulations, helping organizations identify gaps, respond faster, and boost resilience.

It’s a smart, proactive way to make sure security investments truly deliver value — and I’m really glad I got to experience it firsthand. Review collected by and hosted on G2.com.

I don’t really have any negative points to mention — in fact, one of the most crucial strengths of Picus BAS is its constant threat scenario updates. This ensures simulations stay realistic and relevant, delivering resilience in a practical, ongoing way.

It also helps create true “muscle memory” for any SOC team, preparing them to detect and respond to real-world attacks with confidence. Review collected by and hosted on G2.com.

What I eppreciate most is how quickly we were able to intagrate Picus with our existing stack. Within days, we had clear insights on where our security controls were failing and where they were strong. The attack simulation library is very comprehensive, and the constant updates ensure we're not testing against outdated threats. I also like that it doesn't just a flug issues -- it offers mitigation advice that's actually practical. Review collected by and hosted on G2.com.

The reporting side could use some polishing, especially when it comes to exporting clean, executive-level summaries. There are lots of great insights, but not all of them are easily digestible for upper management. Also, while you can create custom attack scenarios, the process isn't as intuitive as it could be -- it requires some training and trial and error. Review collected by and hosted on G2.com.

What I like best about Picus Security is its innovative approach to proactive cybersecurity. The platform's ability to simulate real-world cyberattacks and provide actionable insights to continuously improve security posture sets it apart in the industry. I also really value the emphasis Picus places on automation and threat-centric validation it not only helps organizations stay ahead of emerging threats but also optimizes existing security investments. Additionally, the team’s deep expertise and commitment to cybersecurity excellence make it a truly inspiring environment to grow and contribute. Review collected by and hosted on G2.com.

Honestly, there’s nothing specific I dislike about Picus Security. Every company has areas where it can evolve, but overall, I’ve found Picus to be a forward-thinking, innovative, and collaborative organization. The company’s strong focus on continuous improvement and openness to feedback ensures that any potential challenges are addressed proactively. It’s rare to see such a balance between cutting-edge technology and a supportive culture. Review collected by and hosted on G2.com.

Picus Security is a powerful Breach and Attack Simulation (BAS) platform that continuously tests and validates an organization's security controls. It provides realistic attack simulations mapped to the MITRE ATT&CK framework, helping identify detection and prevention gaps. The platform is easy to use, integrates well with existing SIEM and EDR tools, and offers detailed reporting. Its Adversary Emulation capability allows teams to simulate advanced threats like APTs and ransomware. Notably, Picus also provides actionable SignatureID-level recommendations for security devices such as firewalls, IPS, and EDRs, enabling rapid tuning and enhanced threat detection. Overall, Picus significantly enhances threat readiness and SOC effectiveness. Review collected by and hosted on G2.com.

I don't have dislike. I don't have dislike. I don't have dislike. I don't have dislike. Review collected by and hosted on G2.com.