647 matches found
Wiz inducted into the JPMorgan Chase Hall of Innovation
We're excited to announce that JPMorgan Chase has made Wiz a new member of their Hall of Innovation!...
Announcing the EKS Cluster Games
Test your investigation skills and K8s knowledge in a new Wiz-sponsored CTF event: the EKS Cluster Games!...
Securing clouds, securely
Let's take a look at how Wiz designed the agentless workload scanner to be modular and scalable, and what security measures Wiz takes to protect sensitive customer data...
Linux rootkits explained – Part 2: Loadable kernel modules
Part 2 dives into the world of LKMs Loadable Kernel Modules and kernel-space rootkits to explore what LKMs are, how attackers abuse them, and how to detect them...
Wiz recognized as a 2023 Frost & Sullivan Radar Leader in Cloud Workload Protection Platform
In its 2023 Frost Radar™ analysis, Frost & Sullivan identified the top companies in the Global Cloud Workload Protection Platform CWPP market. Wiz is honored to be included on the list!...
Clint Gibler on AI and cybersecurity: the current state of the art and where we’re headed
Wiz recently talked with security expert Clint Gibler about the many uses of AI in the cybersecurity space...
Wiz launches data center in Mumbai, supporting the growing operations of global organizations in India
Wiz is proud to announce the opening of its data center in Mumbai, India...
Wiz launches support for Google Workspace, helping organizations secure Google Cloud identities
Protect your Google Cloud identities with Wiz's new Google Workspace identity modeling and identify suspicious activity in Google Workspace with new threat detection rules...
CVE-2023-38545 high severity vulnerability in cURL: everything you need to know
Detect and mitigate CVE-2023-38545, a high severity buffer overflow vulnerability in cURL. Organizations should upgrade to the patched version...
The good, the bad, and the vulnerable
Get the tl;dr on Wiz's methodology for cloud vulnerability triage in our new report, "The good, the bad, and the vulnerable."...
Critical and high severity Exim vulnerabilities: everything you need to know
Detect and mitigate CVE-2023-42115, and 5 more vulnerabilities in Exim. Organizations using affected configurations should mitigate and patch the vulnerabilities urgently...
Critical vulnerabilities in media libraries exploited in the wild: everything you need to know
Delving into CVE-2023-4863 and CVE-2023-5217 - critical vulnerabilities in libwebp and libvpx exploited in the wild...
Unveiling eBPF: Revolutionizing Security and Observability
An Introduction to Extended BPF and Its Transformative Impact...
Wiz launches support for Amazon SageMaker, helping organizations innovate faster and more securely with AI
Wiz helps accelerate the machine learning journey for practitioners by protecting their generative AI applications...
Inside the vault: how financial institutions protect their cloud environments
As part of our monthly CISO webinar series, Wiz’s VP of Product Strategy, Raaz Herzberg, spoke with three security experts to learn how each of them prioritize cloud security, and how they extend the reach of good security practices across their organizations...
GAO Study Reveals: Government Faces Challenges with Continuous Monitoring
Learn how government agencies can meet the GAO’s recommended cloud security best practices by establishing continuous risk and compliance monitoring in the cloud...
38TB of data accidentally exposed by Microsoft AI researchers
Wiz Research found a data exposure incident on Microsoft’s AI GitHub repository, including over 30,000 internal Microsoft Teams messages – all caused by one misconfigured SAS token...
Fortify your cloud security with Wiz as it integrates with Microsoft Sentinel
Lock down your cloud infrastructure with the new Wiz integration with Microsoft Sentinel. Gain full context, support thorough investigations, and automate your response for ultimate security...
Wiz enhances real-time threat detection and response capabilities to stop threats from becoming incidents
The Wiz Runtime Sensor for Kubernetes graduates to general availability with proven ability to detect cloud attacks, greater customization for detections, and new cloud-native response capabilities...
Wiz and Fortinet announce partnership to deliver cloud-native security protection
Joint customers can now detect and prioritize public exposures with Wiz and automatically remediate unwanted exposures with FortiGate NGFW...
A security community success story of mitigating a misconfiguration
Learn about the process of preventing security issues by changing things outside of your environment by looking at how a misconfiguration was occurring when Github Actions were integrated with AWS IAM roles and the improvements made that have now made this misconfiguration much less likely...
Storm-0558 Update: Takeaways from Microsoft's recent report
The Wiz research team examines Microsoft's latest Storm-0558 findings and summarizes the key learnings cloud customers should take away from the incident...
I know what you mined last summer: summarizing Summer '23 cryptomining activity
During the summer of 2023, using the Wiz Sensor, Wiz Research detected several different cryptomining campaigns targeting cloud workloads. Learn about these campaigns and their associated IoCs, and how to detect and prevent similar threats...
Recap: Wiz innovations at Google Cloud NEXT ‘23
The integration of Wiz’s CNAPP and Google Cloud helps both cloud defenders and builders improve security and innovate faster...
Docker and Kubernetes, we have got you covered: Wiz simplifies compliance and security posture management for Docker and Kubernetes environments.
Ensure that your Docker and Kubernetes environments are secure and compliant with CIS benchmarks. Generate reports quickly and easily and remediate any issues with actionable insights...
Wiz is the #1 Cloud Security Company on the 2023 Forbes Cloud 100
Wiz is the 1 cloud security company on the list and one of the biggest movers from last year, alongside OpenAI. What an honor!...
5 Cloud Security Predictions for 2023
COVID's impact still resonates. Remote work, AI, and a turbulent economy have made the future unpredictable, including the future of cloud security. But we still have best practices for you! Let's examine 5 cloud security predictions to be aware of in 2023...
Wiz helps organizations innovate with AI securely and responsibly, launching support for Google Cloud Vertex AI
Wiz protects AI infrastructure against cloud attacks, allowing data scientists and engineers to focus on deploying more AI applications...
The Magic of Branding: Creating an Optimistic Identity for a Security Product
In the world of security, the dominant approach to branding is often based on fear and intimidation. But at Wiz, we're taking a different approach. We believe in the power of optimism and positivity, and we're building a brand that reflects those values...
Wiz's agentless approach to cloud-native vulnerability management
Prioritize critical vulnerabilities based on business impact with Wiz’s agentless Vulnerability Management solution...
GameOver(lay): Easy-to-exploit local privilege escalation vulnerabilities in Ubuntu Linux affect 40% of Ubuntu cloud workloads
Wiz Research discovered CVE-2023-2640 and CVE-2023-32629, two easy-to-exploit privilege escalation vulnerabilities in the OverlayFS module in Ubuntu affecting 40% of Ubuntu cloud workloads...
Zenbleed: cross-process infoleak vulnerability in AMD Zen 2 Processors - everything you need to know
Learn about the impact in cloud environments of CVE-2023-20593, a cross-process information leak vulnerability in AMD Zen 2 Processors...
Top 16 cloud security experts you should follow in 2023
Handpicked by our research team: The annual list of 16 thought leaders you need on your feed...
Streamline Software Bill of Materials (SBOM) Generation with Wiz's Agentless SBOM
Enhance software security and supply chain risk management with Wiz's agentless scanning technology for effortless SBOM creation...
Compromised Microsoft Key: More Impactful Than We Thought
Our investigation of the security incident disclosed by Microsoft and CISA and attributed to Chinese threat actor Storm-0558, found that this incident seems to have a broader scope than originally assumed. Organizations using Microsoft and Azure services should take steps to assess potential impa...
Kubernetes API limitations in finding non-standard pods and containers
Gain a deeper understanding of why it's essential to monitor non-standard pods and containers, including static pods, mirror pods, init containers, pause containers, and ephemeral containers within your Kubernetes environment...
How to get rid of AWS access keys – Part 3: Replacing the authentication
In the earlier posts in this series, we showed not only how to get rid of unused access keys, but also how to minimize risk by applying a least-privilege strategy. In this final post, we’ll at last get into the discussion of alternative solutions to using access keys...
PyLoose: Python-based fileless malware targets cloud workloads to deliver cryptominer
PyLoose is a newly discovered Python-based fileless malware targeting cloud workloads. Get a breakdown of how the attack unfolds and the steps to mitigate it...
Linux rootkits explained – Part 1: Dynamic linker hijacking
Dynamic linker hijacking via LDPRELOAD is a Linux rootkit technique utilized by different threat actors in the wild. In part one of this series on Linux rootkits, we discuss this threat and explain how to detect it...
How to get rid of AWS access keys – Part 2: Reducing Privileges
In the previous post in this series, we discussed how to do some basic cleaning of AWS access keys. In this post, we’ll show how to reduce the privileges in order to mitigate their risk...
How to leverage generative AI in cloud apps without putting user data at risk
Learn security best practices to deploy generative AI models as part of your multi-tenant cloud applications and avoid putting your customers’ data at risk...
Wiz becomes the first CNAPP to provide end-to-end cloud forensics experience
Wiz helps simplify incident response in the cloud for faster investigation of security incidents...
Wiz at Re:Inforce 2023
See what is new with Wiz at Re:Inforce and learn about how Wiz and AWS continue to strengthen a strategic relationship to secure customers’ AWS environments...
Winning together with Wiz: Introducing the Wiz Integration (WIN) platform for greater agility and flexibility to build best-of-breed cloud security programs
New integrations with industry-leading partners make Wiz the most composable and extensible cloud security platform in the market...
Kubernetes Grey Zone: Risks in Managed Cluster Middleware
Are your managed Kubernetes clusters safe from the risks posed by middleware components? Learn how to secure your clusters and mitigate middleware risks...
Crying Out Cloud: a magical podcast for cloud security enthusiasts
Join us for game-changing news, unique Wiz insights, and battle-tested advice from industry experts. Stay ahead of the cloud curve with our latest episodes and navigate the complex world of cloud security...
Three tips for building your CISO career in today’s evolving security industry
CISOs share how to build effective, collaborative teams and land your next role...
Wiz for CSPM: A modern approach to cloud security
Reduce noise of traditional CSPM tools with context-based deep risk assessment, enabling you to prioritize the misconfigurations that put your environment at critical risk...
The Big IAM Challenge: Test Your Cloud Security Skills
Put yourself to the test with our unique CTF challenge and boost your AWS IAM knowledge. Do you have what it takes to win The Big IAM Challenge?...
Ta-da! Wiz launches Runtime Sensor to provide real-time detection and response
Agentless visibility and risk assessment paired with Wiz Runtime Sensor real-time detection for the best of both worlds...