Lucene search
K
WizblogRecent

649 matches found

Wiz blog
Wiz blog
added 2023/06/06 5:22 p.m.16 views

The Big IAM Challenge: Test Your Cloud Security Skills

Put yourself to the test with our unique CTF challenge and boost your AWS IAM knowledge. Do you have what it takes to win The Big IAM Challenge?...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/06/05 12:57 p.m.14 views

Ta-da! Wiz launches Runtime Sensor to provide real-time detection and response

Agentless visibility and risk assessment paired with Wiz Runtime Sensor real-time detection for the best of both worlds...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/06/05 12:56 p.m.27 views

CTO Point of View: Why Wiz is launching a Runtime Sensor

Today we are excited to announce the Wiz Runtime Sensor. The sensor collects signals in real-time from the workload runtime to simplify threat detection and response in the cloud as part of our Cloud Detection and Response CDR capabilities...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/06/04 6:20 p.m.139 views

CVE-2023-34362 RCE vulnerability in MOVEit Transfer exploited in the wild: everything you need to know

Detect and mitigate CVE-2023-34362, a remote code execution vulnerability in MOVEit Transfer exploited in the wild. Organizations should patch urgently...

9.8CVSS7.9AI score0.99934EPSS
Exploits15
Wiz blog
Wiz blog
added 2023/05/31 5:41 p.m.14 views

How to get rid of AWS access keys- Part 1: The easy wins

Learn how to identify unused and unnecessary long-lived IAM User access keys...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/05/25 7:20 p.m.19 views

Bridging the Security Gap: Mitigating Lateral Movement Risks from On-Premises to Cloud Environments

This blog post will discuss lateral movement risks from on-prem to the cloud. We will explain attacker TTPs, and outline best practices for cloud builders and defenders to help secure their cloud environments and mitigate risk...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/05/23 1:49 p.m.24 views

Exploitable and unpatched KeePass vulnerability: everything you need to know

Detect and mitigate CVE-2023-32784, a vulnerability in KeePass which allows the extraction of the master password in cleartext from the application's memory...

7.5CVSS7AI score0.04655EPSS
Exploits5
Wiz blog
Wiz blog
added 2023/05/18 8:4 p.m.12 views

Wiz Receives 2023 Global Cloud Security Entrepreneurial Company of the Year Award

Frost & Sullivan applauds Wiz for its innovation and impact in the cloud security industry...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/05/11 2:32 p.m.9 views

Top Security Talks from KubeCon Europe 2023

KubeCon Europe is the largest open-source community conference in Europe with hundreds of talks. We picked our favorite Kubernetes security sessions available online...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/05/10 1:50 p.m.9 views

How to monitor, detect, and respond to cloud data risks faster with built-in security controls for cloud events

Wiz for DSPM: Additional enhancements to help you correlate suspicious events related to unprotected data in near real-time...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/05/04 7:43 p.m.14 views

Here's what security teams need to know about the new Biden-Harris National Cybersecurity Strategy

The release of the National Cybersecurity Strategy by the Biden-Harris Administration is a significant development that will have an impact on security teams across the United States. What does it say?...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/05/03 4:11 p.m.9 views

How to supercharge collaboration between your security, development, and DevOps teams

Industry-leading CISOs share advice and best practices to break down internal barriers and reinforce cloud security...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/04/27 3:0 p.m.11 views

How secure is your public cloud? Quick wins & best practices

What is cross-tenant risk? How do you spot vulnerabilities? And how can the famous PEACH framework help?...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/04/25 2:0 p.m.10 views

How to put your organization’s cloud security strategy into action

CISOs of Paramount, Aon and Wiz reveal their secrets for creating a future-proof approach to cloud security...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/04/24 3:2 p.m.12 views

Deloitte and Wiz Announce a Strategic Alliance to Help their Mutual Clients Accelerate Digital Transformation with a Modern Cloud Security Strategy

New alliance to enable organizations to proactively identify, prioritize, remediate, and prevent risks in their cloud...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/04/19 1:0 p.m.17 views

#BrokenSesame: Accidental ‘write’ permissions to private registry allowed potential RCE to Alibaba Cloud Database Services

A container escape vulnerability, combined with accidental 'write' permissions to a private registry, opened a backdoor for Wiz Research to access Alibaba Cloud databases and potentially compromise its services through a supply-chain attack...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/04/18 8:14 p.m.17 views

Wiz: First agentless cloud security vendor to attain CIS SecureSuite Vendor Certification for cloud-managed Kubernetes

Confidently ensure your Kubernetes environments are compliant with CIS Benchmarks for cloud-managed Kubernetes. Quickly generate compliance reports and remediate any issues without hassle...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/04/17 12:55 p.m.18 views

Wiz is on the FedRAMP Marketplace

What our “in process” milestone means, and why it’s great news for the public sector...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/04/13 7:20 p.m.74 views

Microsoft April 2023 Patch Tuesday Highlights: everything you need to know

Detect and mitigate CVE-2023-28252, EoP vulnerability exploited in the wild, and CVE-2023-21554, a critical RCE vulnerability. Organizations should patch urgently...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/04/13 2:19 p.m.11 views

Five ways to bolster security as cloud environments and budgets come under attack

Security experts share their insights for securing cloud environments as the pace and scale of threats accelerates...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/04/12 2:57 p.m.9 views

Why data security capabilities should be integrated with CNAPP

To get ahead of data exposure in the cloud, CNAPPs need to understand data risks at scale...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/04/11 3:25 p.m.11 views

How CNAPPs identify and prioritize excessive risk in a single platform, according to Gartner®

Insights from the March 2023 Gartner Market Guide for CNAPP...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/04/06 3:43 p.m.7 views

Intro to forensics in the cloud: A container was compromised. What’s next?

Learn what tools and data sources you need to use in cloud forensics investigation and how they come into practice in a real-life example...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2023/03/29 4:18 p.m.13 views

BingBang: How a simple developer mistake could have led to Bing.com takeover

How a misconfiguration in a Microsoft Bing.com application allowed Wiz Research to modify Bing’s search results – and potentially compromise the private data of millions of Bing users...

6.7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/03/29 4:18 p.m.13 views

BingBang: AAD misconfiguration led to Bing.com results manipulation and account takeover

How Wiz Research found a common misconfiguration in Azure Active Directory that compromised multiple Microsoft applications, including a Bing management portal...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/03/29 2:40 p.m.10 views

Partnering and prioritization: Lessons learned when building security operations at hyperspeed

CISOs share their experiences ensuring security in fast-growth environments...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/03/23 3:56 p.m.13 views

Everything you ❤ about Wiz, now deployed in a new Canadian data center

Wiz launches a new Canadian data center and adds support for CSE Information Technology Security Guidance ITSG 33 framework helping organizations simplify cloud security and compliance...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/03/22 4:29 p.m.10 views

Detect critical application misconfiguration risks

Some application misconfigurations are equivalent to remote code execution or information disclosure vulnerabilities, but often go unnoticed. Wiz’s agentless capabilities detect these and correlate them to attack surface and business impact risks, highlighting the most critical misconfigurations...

7.7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/03/20 5:19 p.m.8 views

Using Service Control Policies to protect security baselines

Service Control Policies SCPs can be a great way to prevent actions from happening in AWS accounts. In this post, we will illustrate a specific use case of SCPs that protects the security baseline, or landing zone, configuration you’ve created for accounts...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2023/03/15 7:31 p.m.41 views

Shift left with Wiz Guardrails: New Wiz Admission Controller capabilities enable security policy checks at deployment time

Wiz CLI and Wiz Admission Controller enable developers to leverage a single security policy throughout the software pipeline for cloud-native environments...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2023/03/13 4:37 p.m.11 views

Compliance made easy with Wiz

Stay compliant with Wiz’s 100+ compliance frameworks, generate quick compliance reports, and remediate issues faster with remediation guidance and auto-remediation...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/03/13 12:39 p.m.55 views

CVE-2023-25610 a critical RCE vulnerability in FortiOS: everything you need to know

CVE-2023-25610 is a critical RCE vulnerability in FortiOS. This vulnerability is a buffer underwrite bug in the administrative interface which could allow a remote unauthenticated attacker to execute code using specially crafted requests. Affected customers should patch immediately...

9.8CVSS7.7AI score0.17797EPSS
Exploits1
Wiz blog
Wiz blog
added 2023/03/09 5:27 p.m.10 views

From Pod Security Policies to Pod Security Standards – a Migration Guide

Pod Security Policies were removed in Kubernetes v1.25 — learn how to migrate from Pod Security Policies to Pod Security Standards...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/03/09 1:55 p.m.6 views

Wiz enhances its industry leading data security solution with broader cloud data coverage and customizable platform capabilities

Wiz for DSPM, now generally available, helps customers reduce the time it takes to discover and fix cloud data exposure before it becomes a costly breach...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/03/07 3:34 p.m.11 views

Wiz and SentinelOne announce exclusive partnership to deliver end to end cloud security

Leading cybersecurity companies partner to increase customer value and disrupt the enterprise security industry...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/03/06 5:59 p.m.8 views

The benefits of a customer-centric cloud security mindset

Why a customer focus unlocks new levels of innovation and enables security team success...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/03/03 5:0 p.m.12 views

Securing a successful merger: Insights from MGM Studios

Hear from John Visneski, CISO of MGM Studios about how the organization fosters collaboration and transparency across business units using Wiz...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/03/03 2:0 p.m.8 views

What are the biggest cyberthreats heading our way in 2023?

Wiz and Procter & Gamble experts share their security insights and tips...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/03/02 4:20 p.m.10 views

Redirection Roulette: Thousands of hijacked websites in East Asia redirecting visitors to other sites

Since early September 2022, tens of thousands of websites aimed at East Asian audiences have been hacked, redirecting hundreds of thousands of their users to adult-themed content...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/02/28 4:34 p.m.9 views

Enhanced policy management with GitOps and Terraform

Wiz announces new GitOps workflows and Terraform provider, enabling customers to manage policies as code...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/02/27 11:33 a.m.9 views

Wiz becomes the world’s largest cybersecurity unicorn

Just three years since its launch, Wiz becomes the world’s largest cyber unicorn and fastest SaaS company to reach a $10B valuation...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/02/23 4:22 p.m.6 views

Lateral movement risks in the cloud and how to prevent them – Part 3: from compromised cloud resource to Kubernetes cluster takeover

In this third blog post, we will discuss lateral movement risks from the cloud to Kubernetes. We will explain attacker TTPs, and outline best practices for cloud builders and defenders to help secure their cloud environments and mitigate risk...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/02/21 5:9 p.m.11 views

A Brief History of Wiz Socks

From the Big Bang to Leonardo da Vinci, these socks have protected the cloud throughout history...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/02/13 5:0 p.m.5 views

Adapt to endure: navigating the current economic environment

Learn how CISOs are preparing for what’s ahead by embracing consolidation and continuing to invest in security...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/02/07 4:2 p.m.14 views

Let it snow! Wiz and Snowflake join forces to power insights with actionable intelligence

Automatically push Wiz-identified cloud security issues to Snowflake to analyze and accurately report on your cloud security metrics...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/02/07 12:26 p.m.42 views

Ransomware attacks targeting VMware ESXi servers: everything you need to know

Recent attacks leverage CVE-2021-21974 to install ransomware on VMWare ESXi servers. Security teams are advised to patch and stay vigilant for indicators of compromise...

8.8CVSS6.9AI score0.45063EPSS
Exploits7
Wiz blog
Wiz blog
added 2023/02/06 4:59 p.m.12 views

The State of the Cloud 2023

Wiz's State of the Cloud 2023 report provides analysis of trends in cloud usage such as multi-cloud, use of managed services and more. In addition, the report highlights notable cloud risks based on insights from 30% of Fortune 100 enterprise cloud environments...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/02/02 3:53 p.m.15 views

Getting started with Open Policy Agent (OPA) to improve your cloud security

Learn Rego basics from Wiz to express policy as code for your cloud security...

7.1AI score
Exploits0
Wiz blog
Wiz blog
added 2023/01/31 8:13 p.m.16 views

Wiz and AWS CloudTrail Lake: Cloud security and compliance posture audits made easy

Simplify and centralize security and compliance management by sending audit-worthy events from Wiz into AWS CloudTrail Lake...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2023/01/26 5:46 p.m.12 views

Streamlining OS and Application Hardening: Revealing Misconfigurations with Wiz’s Agentless Custom Host Configuration Rules

Shell commands that once had to be run manually now can be coded into a custom rule and run daily using Wiz agentless workload scanning...

7AI score
Exploits0
Total number of security vulnerabilities649