Lucene search
K
WizblogRecent

647 matches found

Wiz blog
Wiz blog
added 2023/11/02 4:19 p.m.23 views

Wiz inducted into the JPMorgan Chase Hall of Innovation

We're excited to announce that JPMorgan Chase has made Wiz a new member of their Hall of Innovation!...

7.2AI score
Exploits0
Wiz blog
Wiz blog
added 2023/11/01 3:29 p.m.68 views

Announcing the EKS Cluster Games

Test your investigation skills and K8s knowledge in a new Wiz-sponsored CTF event: the EKS Cluster Games!...

7.2AI score
Exploits0
Wiz blog
Wiz blog
added 2023/10/31 12:8 a.m.23 views

Securing clouds, securely

Let's take a look at how Wiz designed the agentless workload scanner to be modular and scalable, and what security measures Wiz takes to protect sensitive customer data...

7.1AI score
Exploits0
Wiz blog
Wiz blog
added 2023/10/24 5:52 p.m.15 views

Linux rootkits explained – Part 2: Loadable kernel modules

Part 2 dives into the world of LKMs Loadable Kernel Modules and kernel-space rootkits to explore what LKMs are, how attackers abuse them, and how to detect them...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/10/23 4:34 p.m.32 views

Wiz recognized as a 2023 Frost & Sullivan Radar Leader in Cloud Workload Protection Platform

In its 2023 Frost Radar™ analysis, Frost & Sullivan identified the top companies in the Global Cloud Workload Protection Platform CWPP market. Wiz is honored to be included on the list!...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/10/19 5:55 p.m.19 views

Clint Gibler on AI and cybersecurity: the current state of the art and where we’re headed

Wiz recently talked with security expert Clint Gibler about the many uses of AI in the cybersecurity space...

7.3AI score
Exploits0
Wiz blog
Wiz blog
added 2023/10/18 4:7 p.m.17 views

Wiz launches data center in Mumbai, supporting the growing operations of global organizations in India

Wiz is proud to announce the opening of its data center in Mumbai, India...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/10/16 1:54 p.m.25 views

Wiz launches support for Google Workspace, helping organizations secure Google Cloud identities

Protect your Google Cloud identities with Wiz's new Google Workspace identity modeling and identify suspicious activity in Google Workspace with new threat detection rules...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2023/10/11 4:56 p.m.74 views

CVE-2023-38545 high severity vulnerability in cURL: everything you need to know

Detect and mitigate CVE-2023-38545, a high severity buffer overflow vulnerability in cURL. Organizations should upgrade to the patched version...

9.8CVSS7.2AI score0.78483EPSS
Exploits6
Wiz blog
Wiz blog
added 2023/10/10 1:37 p.m.10 views

The good, the bad, and the vulnerable

Get the tl;dr on Wiz's methodology for cloud vulnerability triage in our new report, "The good, the bad, and the vulnerable."...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/10/02 1:53 p.m.43 views

Critical and high severity Exim vulnerabilities: everything you need to know

Detect and mitigate CVE-2023-42115, and 5 more vulnerabilities in Exim. Organizations using affected configurations should mitigate and patch the vulnerabilities urgently...

9.8CVSS7AI score0.10042EPSS
Exploits5
Wiz blog
Wiz blog
added 2023/10/01 1:31 p.m.36 views

Critical vulnerabilities in media libraries exploited in the wild: everything you need to know

Delving into CVE-2023-4863 and CVE-2023-5217 - critical vulnerabilities in libwebp and libvpx exploited in the wild...

8.8CVSS8.6AI score0.99735EPSS
Exploits12
Wiz blog
Wiz blog
added 2023/09/27 5:0 p.m.23 views

Unveiling eBPF: Revolutionizing Security and Observability

An Introduction to Extended BPF and Its Transformative Impact...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/09/21 2:5 p.m.21 views

Wiz launches support for Amazon SageMaker, helping organizations innovate faster and more securely with AI

Wiz helps accelerate the machine learning journey for practitioners by protecting their generative AI applications...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/09/20 4:24 p.m.16 views

Inside the vault: how financial institutions protect their cloud environments

As part of our monthly CISO webinar series, Wiz’s VP of Product Strategy, Raaz Herzberg, spoke with three security experts to learn how each of them prioritize cloud security, and how they extend the reach of good security practices across their organizations...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/09/19 2:31 p.m.16 views

GAO Study Reveals: Government Faces Challenges with Continuous Monitoring

Learn how government agencies can meet the GAO’s recommended cloud security best practices by establishing continuous risk and compliance monitoring in the cloud...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/09/18 1:1 p.m.10 views

38TB of data accidentally exposed by Microsoft AI researchers

Wiz Research found a data exposure incident on Microsoft’s AI GitHub repository, including over 30,000 internal Microsoft Teams messages – all caused by one misconfigured SAS token...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/09/14 2:57 p.m.17 views

Fortify your cloud security with Wiz as it integrates with Microsoft Sentinel

Lock down your cloud infrastructure with the new Wiz integration with Microsoft Sentinel. Gain full context, support thorough investigations, and automate your response for ultimate security...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/09/12 2:55 p.m.37 views

Wiz enhances real-time threat detection and response capabilities to stop threats from becoming incidents

The Wiz Runtime Sensor for Kubernetes graduates to general availability with proven ability to detect cloud attacks, greater customization for detections, and new cloud-native response capabilities...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/09/11 12:55 p.m.15 views

Wiz and Fortinet announce partnership to deliver cloud-native security protection

Joint customers can now detect and prioritize public exposures with Wiz and automatically remediate unwanted exposures with FortiGate NGFW...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/09/08 6:47 p.m.23 views

A security community success story of mitigating a misconfiguration

Learn about the process of preventing security issues by changing things outside of your environment by looking at how a misconfiguration was occurring when Github Actions were integrated with AWS IAM roles and the improvements made that have now made this misconfiguration much less likely...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/09/07 7:42 p.m.20 views

Storm-0558 Update: Takeaways from Microsoft's recent report

The Wiz research team examines Microsoft's latest Storm-0558 findings and summarizes the key learnings cloud customers should take away from the incident...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/09/06 1:49 p.m.17 views

I know what you mined last summer: summarizing Summer '23 cryptomining activity

During the summer of 2023, using the Wiz Sensor, Wiz Research detected several different cryptomining campaigns targeting cloud workloads. Learn about these campaigns and their associated IoCs, and how to detect and prevent similar threats...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/08/31 1:50 p.m.26 views

Recap: Wiz innovations at Google Cloud NEXT ‘23

The integration of Wiz’s CNAPP and Google Cloud helps both cloud defenders and builders improve security and innovate faster...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/08/21 4:55 p.m.35 views

Docker and Kubernetes, we have got you covered: Wiz simplifies compliance and security posture management for Docker and Kubernetes environments.

Ensure that your Docker and Kubernetes environments are secure and compliant with CIS benchmarks. Generate reports quickly and easily and remediate any issues with actionable insights...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/08/08 1:58 p.m.20 views

Wiz is the #1 Cloud Security Company on the 2023 Forbes Cloud 100

Wiz is the 1 cloud security company on the list and one of the biggest movers from last year, alongside OpenAI. What an honor!...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/08/07 12:8 p.m.24 views

5 Cloud Security Predictions for 2023

COVID's impact still resonates. Remote work, AI, and a turbulent economy have made the future unpredictable, including the future of cloud security. But we still have best practices for you! Let's examine 5 cloud security predictions to be aware of in 2023...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/08/02 2:20 p.m.19 views

Wiz helps organizations innovate with AI securely and responsibly, launching support for Google Cloud Vertex AI

Wiz protects AI infrastructure against cloud attacks, allowing data scientists and engineers to focus on deploying more AI applications...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/08/01 3:14 p.m.12 views

The Magic of Branding: ​Creating an Optimistic Identity for a Security Product

In the world of security, the dominant approach to branding is often based on fear and intimidation. But at Wiz, we're taking a different approach. We believe in the power of optimism and positivity, and we're building a brand that reflects those values...

7.2AI score
Exploits0
Wiz blog
Wiz blog
added 2023/07/31 6:56 p.m.14 views

Wiz's agentless approach to cloud-native vulnerability management

Prioritize critical vulnerabilities based on business impact with Wiz’s agentless Vulnerability Management solution...

7.2AI score
Exploits0
Wiz blog
Wiz blog
added 2023/07/27 7:33 p.m.152 views

GameOver(lay): Easy-to-exploit local privilege escalation vulnerabilities in Ubuntu Linux affect 40% of Ubuntu cloud workloads

Wiz Research discovered CVE-2023-2640 and CVE-2023-32629, two easy-to-exploit privilege escalation vulnerabilities in the OverlayFS module in Ubuntu affecting 40% of Ubuntu cloud workloads...

7.8CVSS6.9AI score0.15783EPSS
Exploits14
Wiz blog
Wiz blog
added 2023/07/26 7:35 p.m.49 views

Zenbleed: cross-process infoleak vulnerability in AMD Zen 2 Processors - everything you need to know

Learn about the impact in cloud environments of CVE-2023-20593, a cross-process information leak vulnerability in AMD Zen 2 Processors...

5.5CVSS6.7AI score0.05794EPSS
Exploits1
Wiz blog
Wiz blog
added 2023/07/25 2:9 p.m.6 views

Top 16 cloud security experts you should follow in 2023

Handpicked by our research team: The annual list of 16 thought leaders you need on your feed...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/07/24 4:0 p.m.22 views

Streamline Software Bill of Materials (SBOM) Generation with Wiz's Agentless SBOM

Enhance software security and supply chain risk management with Wiz's agentless scanning technology for effortless SBOM creation...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/07/21 2:1 p.m.11 views

Compromised Microsoft Key: More Impactful Than We Thought

Our investigation of the security incident disclosed by Microsoft and CISA and attributed to Chinese threat actor Storm-0558, found that this incident seems to have a broader scope than originally assumed. Organizations using Microsoft and Azure services should take steps to assess potential impa...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2023/07/19 2:23 p.m.17 views

Kubernetes API limitations in finding non-standard pods and containers

Gain a deeper understanding of why it's essential to monitor non-standard pods and containers, including static pods, mirror pods, init containers, pause containers, and ephemeral containers within your Kubernetes environment...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2023/07/17 5:32 p.m.17 views

How to get rid of AWS access keys – Part 3: Replacing the authentication

In the earlier posts in this series, we showed not only how to get rid of unused access keys, but also how to minimize risk by applying a least-privilege strategy. In this final post, we’ll at last get into the discussion of alternative solutions to using access keys...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2023/07/11 1:39 p.m.13 views

PyLoose: Python-based fileless malware targets cloud workloads to deliver cryptominer

PyLoose is a newly discovered Python-based fileless malware targeting cloud workloads. Get a breakdown of how the attack unfolds and the steps to mitigate it...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/07/05 1:34 p.m.37 views

Linux rootkits explained – Part 1: Dynamic linker hijacking

Dynamic linker hijacking via LDPRELOAD is a Linux rootkit technique utilized by different threat actors in the wild. In part one of this series on Linux rootkits, we discuss this threat and explain how to detect it...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2023/06/29 3:11 p.m.18 views

How to get rid of AWS access keys – Part 2: Reducing Privileges

In the previous post in this series, we discussed how to do some basic cleaning of AWS access keys. In this post, we’ll show how to reduce the privileges in order to mitigate their risk...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/06/28 1:54 p.m.14 views

How to leverage generative AI in cloud apps without putting user data at risk

Learn security best practices to deploy generative AI models as part of your multi-tenant cloud applications and avoid putting your customers’ data at risk...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/06/21 2:22 p.m.15 views

Wiz becomes the first CNAPP to provide end-to-end cloud forensics experience

Wiz helps simplify incident response in the cloud for faster investigation of security incidents...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/06/14 3:37 p.m.7 views

Wiz at Re:Inforce 2023

See what is new with Wiz at Re:Inforce and learn about how Wiz and AWS continue to strengthen a strategic relationship to secure customers’ AWS environments...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/06/13 2:50 p.m.11 views

Winning together with Wiz: Introducing the Wiz Integration (WIN) platform for greater agility and flexibility to build best-of-breed cloud security programs

New integrations with industry-leading partners make Wiz the most composable and extensible cloud security platform in the market...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/06/12 3:42 p.m.16 views

Kubernetes Grey Zone: Risks in Managed Cluster Middleware

Are your managed Kubernetes clusters safe from the risks posed by middleware components? Learn how to secure your clusters and mitigate middleware risks...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/06/12 2:56 p.m.10 views

Crying Out Cloud: a magical podcast for cloud security enthusiasts

Join us for game-changing news, unique Wiz insights, and battle-tested advice from industry experts. Stay ahead of the cloud curve with our latest episodes and navigate the complex world of cloud security...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/06/09 5:21 p.m.14 views

Three tips for building your CISO career in today’s evolving security industry

CISOs share how to build effective, collaborative teams and land your next role...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/06/07 2:55 p.m.26 views

Wiz for CSPM: A modern approach to cloud security

Reduce noise of traditional CSPM tools with context-based deep risk assessment, enabling you to prioritize the misconfigurations that put your environment at critical risk...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/06/06 5:22 p.m.16 views

The Big IAM Challenge: Test Your Cloud Security Skills

Put yourself to the test with our unique CTF challenge and boost your AWS IAM knowledge. Do you have what it takes to win The Big IAM Challenge?...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/06/05 12:57 p.m.14 views

Ta-da! Wiz launches Runtime Sensor to provide real-time detection and response

Agentless visibility and risk assessment paired with Wiz Runtime Sensor real-time detection for the best of both worlds...

7AI score
Exploits0
Total number of security vulnerabilities647