649 matches found
The Big IAM Challenge: Test Your Cloud Security Skills
Put yourself to the test with our unique CTF challenge and boost your AWS IAM knowledge. Do you have what it takes to win The Big IAM Challenge?...
Ta-da! Wiz launches Runtime Sensor to provide real-time detection and response
Agentless visibility and risk assessment paired with Wiz Runtime Sensor real-time detection for the best of both worlds...
CTO Point of View: Why Wiz is launching a Runtime Sensor
Today we are excited to announce the Wiz Runtime Sensor. The sensor collects signals in real-time from the workload runtime to simplify threat detection and response in the cloud as part of our Cloud Detection and Response CDR capabilities...
CVE-2023-34362 RCE vulnerability in MOVEit Transfer exploited in the wild: everything you need to know
Detect and mitigate CVE-2023-34362, a remote code execution vulnerability in MOVEit Transfer exploited in the wild. Organizations should patch urgently...
How to get rid of AWS access keys- Part 1: The easy wins
Learn how to identify unused and unnecessary long-lived IAM User access keys...
Bridging the Security Gap: Mitigating Lateral Movement Risks from On-Premises to Cloud Environments
This blog post will discuss lateral movement risks from on-prem to the cloud. We will explain attacker TTPs, and outline best practices for cloud builders and defenders to help secure their cloud environments and mitigate risk...
Exploitable and unpatched KeePass vulnerability: everything you need to know
Detect and mitigate CVE-2023-32784, a vulnerability in KeePass which allows the extraction of the master password in cleartext from the application's memory...
Wiz Receives 2023 Global Cloud Security Entrepreneurial Company of the Year Award
Frost & Sullivan applauds Wiz for its innovation and impact in the cloud security industry...
Top Security Talks from KubeCon Europe 2023
KubeCon Europe is the largest open-source community conference in Europe with hundreds of talks. We picked our favorite Kubernetes security sessions available online...
How to monitor, detect, and respond to cloud data risks faster with built-in security controls for cloud events
Wiz for DSPM: Additional enhancements to help you correlate suspicious events related to unprotected data in near real-time...
Here's what security teams need to know about the new Biden-Harris National Cybersecurity Strategy
The release of the National Cybersecurity Strategy by the Biden-Harris Administration is a significant development that will have an impact on security teams across the United States. What does it say?...
How to supercharge collaboration between your security, development, and DevOps teams
Industry-leading CISOs share advice and best practices to break down internal barriers and reinforce cloud security...
How secure is your public cloud? Quick wins & best practices
What is cross-tenant risk? How do you spot vulnerabilities? And how can the famous PEACH framework help?...
How to put your organization’s cloud security strategy into action
CISOs of Paramount, Aon and Wiz reveal their secrets for creating a future-proof approach to cloud security...
Deloitte and Wiz Announce a Strategic Alliance to Help their Mutual Clients Accelerate Digital Transformation with a Modern Cloud Security Strategy
New alliance to enable organizations to proactively identify, prioritize, remediate, and prevent risks in their cloud...
#BrokenSesame: Accidental ‘write’ permissions to private registry allowed potential RCE to Alibaba Cloud Database Services
A container escape vulnerability, combined with accidental 'write' permissions to a private registry, opened a backdoor for Wiz Research to access Alibaba Cloud databases and potentially compromise its services through a supply-chain attack...
Wiz: First agentless cloud security vendor to attain CIS SecureSuite Vendor Certification for cloud-managed Kubernetes
Confidently ensure your Kubernetes environments are compliant with CIS Benchmarks for cloud-managed Kubernetes. Quickly generate compliance reports and remediate any issues without hassle...
Wiz is on the FedRAMP Marketplace
What our “in process” milestone means, and why it’s great news for the public sector...
Microsoft April 2023 Patch Tuesday Highlights: everything you need to know
Detect and mitigate CVE-2023-28252, EoP vulnerability exploited in the wild, and CVE-2023-21554, a critical RCE vulnerability. Organizations should patch urgently...
Five ways to bolster security as cloud environments and budgets come under attack
Security experts share their insights for securing cloud environments as the pace and scale of threats accelerates...
Why data security capabilities should be integrated with CNAPP
To get ahead of data exposure in the cloud, CNAPPs need to understand data risks at scale...
How CNAPPs identify and prioritize excessive risk in a single platform, according to Gartner®
Insights from the March 2023 Gartner Market Guide for CNAPP...
Intro to forensics in the cloud: A container was compromised. What’s next?
Learn what tools and data sources you need to use in cloud forensics investigation and how they come into practice in a real-life example...
BingBang: How a simple developer mistake could have led to Bing.com takeover
How a misconfiguration in a Microsoft Bing.com application allowed Wiz Research to modify Bing’s search results – and potentially compromise the private data of millions of Bing users...
BingBang: AAD misconfiguration led to Bing.com results manipulation and account takeover
How Wiz Research found a common misconfiguration in Azure Active Directory that compromised multiple Microsoft applications, including a Bing management portal...
Partnering and prioritization: Lessons learned when building security operations at hyperspeed
CISOs share their experiences ensuring security in fast-growth environments...
Everything you ❤ about Wiz, now deployed in a new Canadian data center
Wiz launches a new Canadian data center and adds support for CSE Information Technology Security Guidance ITSG 33 framework helping organizations simplify cloud security and compliance...
Detect critical application misconfiguration risks
Some application misconfigurations are equivalent to remote code execution or information disclosure vulnerabilities, but often go unnoticed. Wiz’s agentless capabilities detect these and correlate them to attack surface and business impact risks, highlighting the most critical misconfigurations...
Using Service Control Policies to protect security baselines
Service Control Policies SCPs can be a great way to prevent actions from happening in AWS accounts. In this post, we will illustrate a specific use case of SCPs that protects the security baseline, or landing zone, configuration you’ve created for accounts...
Shift left with Wiz Guardrails: New Wiz Admission Controller capabilities enable security policy checks at deployment time
Wiz CLI and Wiz Admission Controller enable developers to leverage a single security policy throughout the software pipeline for cloud-native environments...
Compliance made easy with Wiz
Stay compliant with Wiz’s 100+ compliance frameworks, generate quick compliance reports, and remediate issues faster with remediation guidance and auto-remediation...
CVE-2023-25610 a critical RCE vulnerability in FortiOS: everything you need to know
CVE-2023-25610 is a critical RCE vulnerability in FortiOS. This vulnerability is a buffer underwrite bug in the administrative interface which could allow a remote unauthenticated attacker to execute code using specially crafted requests. Affected customers should patch immediately...
From Pod Security Policies to Pod Security Standards – a Migration Guide
Pod Security Policies were removed in Kubernetes v1.25 — learn how to migrate from Pod Security Policies to Pod Security Standards...
Wiz enhances its industry leading data security solution with broader cloud data coverage and customizable platform capabilities
Wiz for DSPM, now generally available, helps customers reduce the time it takes to discover and fix cloud data exposure before it becomes a costly breach...
Wiz and SentinelOne announce exclusive partnership to deliver end to end cloud security
Leading cybersecurity companies partner to increase customer value and disrupt the enterprise security industry...
The benefits of a customer-centric cloud security mindset
Why a customer focus unlocks new levels of innovation and enables security team success...
Securing a successful merger: Insights from MGM Studios
Hear from John Visneski, CISO of MGM Studios about how the organization fosters collaboration and transparency across business units using Wiz...
What are the biggest cyberthreats heading our way in 2023?
Wiz and Procter & Gamble experts share their security insights and tips...
Redirection Roulette: Thousands of hijacked websites in East Asia redirecting visitors to other sites
Since early September 2022, tens of thousands of websites aimed at East Asian audiences have been hacked, redirecting hundreds of thousands of their users to adult-themed content...
Enhanced policy management with GitOps and Terraform
Wiz announces new GitOps workflows and Terraform provider, enabling customers to manage policies as code...
Wiz becomes the world’s largest cybersecurity unicorn
Just three years since its launch, Wiz becomes the world’s largest cyber unicorn and fastest SaaS company to reach a $10B valuation...
Lateral movement risks in the cloud and how to prevent them – Part 3: from compromised cloud resource to Kubernetes cluster takeover
In this third blog post, we will discuss lateral movement risks from the cloud to Kubernetes. We will explain attacker TTPs, and outline best practices for cloud builders and defenders to help secure their cloud environments and mitigate risk...
A Brief History of Wiz Socks
From the Big Bang to Leonardo da Vinci, these socks have protected the cloud throughout history...
Adapt to endure: navigating the current economic environment
Learn how CISOs are preparing for what’s ahead by embracing consolidation and continuing to invest in security...
Let it snow! Wiz and Snowflake join forces to power insights with actionable intelligence
Automatically push Wiz-identified cloud security issues to Snowflake to analyze and accurately report on your cloud security metrics...
Ransomware attacks targeting VMware ESXi servers: everything you need to know
Recent attacks leverage CVE-2021-21974 to install ransomware on VMWare ESXi servers. Security teams are advised to patch and stay vigilant for indicators of compromise...
The State of the Cloud 2023
Wiz's State of the Cloud 2023 report provides analysis of trends in cloud usage such as multi-cloud, use of managed services and more. In addition, the report highlights notable cloud risks based on insights from 30% of Fortune 100 enterprise cloud environments...
Getting started with Open Policy Agent (OPA) to improve your cloud security
Learn Rego basics from Wiz to express policy as code for your cloud security...
Wiz and AWS CloudTrail Lake: Cloud security and compliance posture audits made easy
Simplify and centralize security and compliance management by sending audit-worthy events from Wiz into AWS CloudTrail Lake...
Streamlining OS and Application Hardening: Revealing Misconfigurations with Wiz’s Agentless Custom Host Configuration Rules
Shell commands that once had to be run manually now can be coded into a custom rule and run daily using Wiz agentless workload scanning...