Lucene search
K
WizblogRecent

649 matches found

Wiz blog
Wiz blog
added 2022/07/27 5:45 a.m.61 views

Wiz CDR and Amazon GuardDuty: Contextualize and prioritize threat detection

Wiz leverages its leading Cloud Security Graph to help Cloud Defenders quickly understand, with the click of a button— what happened, where it happened, and how to respond...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2022/07/26 5:42 a.m.12 views

Meet the Wiz Research team at fwd:cloudsec

We invite you to attend Wiz Research's four technical sessions as well as the Wiz party at Flight Club Boston...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2022/06/30 5:40 a.m.17 views

Wiz extends CNAPP leadership with protection for Alibaba Cloud

Support for Alibaba Cloud follows just weeks after launch of Oracle Cloud Infrastructure OCI integration, providing organizations the broadest coverage of any cloud native application protection platform CNAPP...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2022/06/09 5:38 a.m.8 views

The cloud gray zone—secret agents installed by cloud service providers

Wiz Research builds upon previous “OMIGOD” findings with a presentation at RSA Conference 2022; details how cloud middleware use across cloud service providers can expose customers' virtual machines to new attack vectors...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2022/06/07 5:36 a.m.9 views

A new vision for cloud security unites builders and defenders

Our introduction of attack path analysis APA and Cloud Detection and Response CDR further enriches the context provided by our foundational Wiz Security Graph...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2022/06/07 5:33 a.m.8 views

Wiz launches cloud detection and response to help organizations quickly identify threats and limit breach exposure

Wiz today unveiled new advancements to its cloud security platform...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2022/06/02 5:30 a.m.17 views

Wiz now integrates with Oracle Cloud Infrastructure, bringing a graph-based cloud security approach to all major providers

Fortune 500’s Avery Dennison among enterprises that operate securely on OCI and other cloud infrastructure with Wiz...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2022/05/24 5:26 a.m.13 views

Connect with Wiz at our first-ever RSA Conference

We can’t wait to see many of you at RSA Conference 2022 in San Francisco, June 6-9. Check out a demo at our booth, attend a Wiz speaking session, or unwind at our SFMOMA party!...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2022/05/10 5:15 a.m.18 views

Securing AWS Lambda function URLs

Learn about the security risks of misconfigured Lambda function URLs and how to properly secure them...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2022/04/29 5:12 a.m.12 views

Wiz Research discovers "ExtraReplica"— a cross-account database vulnerability in Azure PostgreSQL

Wiz Research discovers a chain of critical vulnerabilities in the widely used Azure Database for PostgreSQL Flexible Server...

7.1AI score
Exploits0
Wiz blog
Wiz blog
added 2022/04/01 5:0 a.m.70 views

Addressing the Spring4Shell and CVE-2022-22963 RCE vulnerabilities in cloud environments

Learn how to address Spring4Shell and CVE-2022-22963 RCE vulnerabilities in cloud environments...

9.8CVSS7AI score0.99939EPSS
Exploits36
Wiz blog
Wiz blog
added 2022/03/26 4:56 a.m.11 views

Hardening your cloud environment against LAPSUS$-like threat actors

Learn how to harden your cloud environment against LAPSUS$-like threat actors...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2022/03/01 3:58 p.m.30 views

Wiz and ServiceNow VR: Prioritize and respond to cloud vulnerabilities faster

Wiz is excited to announce its new integration with ServiceNow Vulnerability Response VR, creating a combined vulnerability management workflow that eliminates blind spots and prioritizes risks...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2022/02/10 4:7 p.m.14 views

Detect and prioritize CISA Known Exploited Vulnerabilities in the cloud with Wiz

For each CVE, the Wiz Research team maintains data from multiple threat intelligence sources and our own independent research. Now that we’ve added support for the new CISA KEV catalog, learn how you can use it in your cloud environment...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2022/02/08 4:4 p.m.7 views

Wiz and RegScale: Cloud security compliance management at scale

Learn how to achieve compliance security at scale with Wiz and RegScale, supporting a variety of compliance framework controls...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2022/02/03 5:42 a.m.6 views

5 reasons endpoint security agents are not enough

In this post, we discuss five security limitations of endpoint security agents and also explain how adding agentless solutions can improve your cloud environment security...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2022/01/18 5:36 a.m.8 views

The top cloud security threats to be aware of in 2022

As more organizations move to the cloud, so do attackers. What can you do to better protect your cloud environment in 2022? Wiz Research has compiled the most pressing cloud security threats and how you can protect against them...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2022/01/05 5:26 a.m.10 views

Towards a better cloud vulnerability response model

Who is responsible for doing what when a new cloud vulnerability is disclosed? Right now, it can be hard to know...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2021/12/21 5:19 a.m.8 views

Log4Shell: Wrap all your Log4j fixes before the holidays

The main challenge with Log4j is understanding your existing infrastructure, and identifying the location of all vulnerable Log4j libraries. Follow Wiz's recommendations to wrap it all before the Holidays!...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2021/12/21 5:8 a.m.16 views

NotLegit: Azure App Service vulnerability exposed hundreds of source code repositories

Read about the NotLegit vulnerability discovered by the Wiz Research Team, where the Azure App Service exposed hundreds of source code repositories...

7.4AI score
Exploits0
Wiz blog
Wiz blog
added 2021/12/21 4:52 a.m.16 views

Log4Shell 10 days later: Enterprises halfway through patching

Wiz and EY Ernest & Young analyzed more than 200 enterprise cloud environments with thousands of cloud accounts. The results were striking: While 93% of all cloud environments are at risk from Log4Shell, on average organizations have patched 45% of their vulnerable cloud resources by Day 10...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2021/12/10 4:25 a.m.8 views

Log4Shell Meltdown: How to protect your cloud from this critical RCE threat

Log4Shell Meltdown: How to protect your cloud from this critical RCE threat. In this post, we’ll provide a quick overview of Log4Shell: what it is, its impact, and recommendations for security teams...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2021/12/09 4:16 a.m.10 views

Wiz magic shifts left

Fixing vulnerabilities and misconfigurations in the pipeline before deployment makes perfect sense - it reduces the overall threat footprint and saves time. Wiz offers customers a straightforward way to operationalize a Shift Left strategy...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2021/12/01 4:13 a.m.11 views

Assess your cloud compliance posture in minutes

With Wiz, you can assess your compliance posture across industry standards and business units at a glance to immediately pinpoint your weak spots...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2021/11/30 4:9 a.m.18 views

Wiz integrates with the new Amazon Inspector for enhanced security insights, context, and accuracy

Wiz is excited to announce it is a launch partner for the new Amazon Inspector, bringing Amazon Inspector findings together with Wiz insights to give our customers actionable, prioritized and contextually rich security insights...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2021/11/12 4:6 a.m.16 views

Security industry call to action: we need a cloud vulnerability database

In the pre-cloud era, the responsibility for security was fully in the hands of the users. As we uncover new types of vulnerabilities, we discover more and more issues that do not fit the current model. Solution: we need a centralized cloud vulnerabilities database...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2021/11/11 3:57 a.m.10 views

ChaosDB explained: Azure's Cosmos DB vulnerability walkthrough

This is the full story of the Azure ChaosDB Vulnerability that was discovered and disclosed by the Wiz Research Team, where we were able to gain complete unrestricted access to the databases of several thousand Microsoft Azure customers...

7.1AI score
Exploits0
Wiz blog
Wiz blog
added 2021/11/11 3:18 a.m.8 views

How we broke the cloud with two lines of code: the full story of ChaosDB

A summary and recording of Wiz's talk at BlackHat Europe 2021: the full extent of ChaosDB, the impact it had, and the questions it raises about security in managed cloud services...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2021/10/12 2:15 a.m.7 views

Celebrating Our Series C: Zero to $6 Billion in 18 Months

Customers have come to realize ignorance isn’t bliss. Cloud has gotten too big and unwieldy for most companies to effectively manage on their own. That’s where Wiz comes in...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2021/10/08 2:13 a.m.6 views

Protecting cloud environments from the new critical Apache HTTP Server vulnerability

Learn how to protect cloud environments from the new critical Apache HTTP Server vulnerability...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2021/10/06 5:29 p.m.9 views

How to Protect Your Cloud Environment from Supply Chain Attacks

Learn how to protect your cloud environment from supply chain attacks...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2021/09/28 5:26 p.m.9 views

Agents are not enough: Why cloud security needs agentless deep scanning

In this post, we’re going to dive into the role and limitations of security agents in the cloud, and put forth a different approach for cloud infrastructure security: agentless deep scanning...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2021/09/14 5:21 p.m.17 views

OMIGOD: Critical Vulnerabilities in OMI Affecting Countless Azure Customers

Wiz Research recently found 4 critical vulnerabilities in OMI, which is one of Azure's most ubiquitous yet least known software agents and is deployed on a large portion of Linux VMs in Azure...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2021/09/14 5:5 p.m.7 views

“Secret” Agent Exposes Azure Customers To Unauthorized Code Execution

Wiz Research recently discovered a series of alarming vulnerabilities that highlight the supply chain risk of open source code, particularly for customers of cloud computing services...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2021/09/14 4:59 p.m.8 views

Wiz goes (even more) global

The first half of 2021 has been incredible for Wiz. Fueled by an additional $250M in funding $350M total from Sequoia, Index Ventures, Insight, Salesforce, Blackstone, Advent, Greenoaks, and Aglaé Wiz has grown at a blistering pace, going from 25 employees at the start of the year to 120 today...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2021/08/29 4:52 p.m.10 views

ChaosDB: How to discover your vulnerable Azure Cosmos DBs and protect them

Wiz Research found an unprecedented critical vulnerability in Azure Cosmos DB. The vulnerability gives any Azure user full admin access read, write, delete to another customers Cosmos DB instances without authorization...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2021/08/26 4:42 p.m.12 views

ChaosDB: How we hacked thousands of Azure customers’ databases

As part of building a market-leading CNAPP, Wiz Research is constantly looking for new attack surfaces in the cloud. Two weeks ago we discovered an unprecedented breach that affects Azure’s flagship database service, Cosmos DB...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2021/08/19 4:30 p.m.12 views

What is a Cloud-Native Application Protection Platform (CNAPP)?

CNAPP stands for Cloud-Native Application Protection Platform. The term was coined by Gartner, who recognized the expanding needs that go into securing applications in the cloud...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2021/08/06 4:25 p.m.13 views

Is your organization leaking sensitive Dynamic DNS data? Here’s how to find out

At Black Hat on Wednesday, Wiz researchers disclosed a vulnerability in DNS hosting services that affects millions of corporate endpoints...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2021/08/04 4:21 p.m.6 views

Black Hat 2021: How isolated is your AWS cloud environment?

Last November, Wiz Research mapped all the services in AWS that allow access from other accounts to see if any of them might inadvertently expose customers and discovered 3 vulnerabilities in different AWS services that allowed anyone to read or write into the accounts of other AWS customers...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2021/08/04 4:15 p.m.13 views

Black Hat 2021: DNS loophole makes nation-state level spying as easy as registering a domain

Wiz CTO Ami Luttwak discusses a new class of vulnerabilities discovered by Wiz Research, which exposed valuable dynamic DNS data from millions of endpoints worldwide...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2021/06/24 4:15 p.m.11 views

The 10 must-attend sessions at Black Hat 2021

The 10 must-attend sessions at Black Hat 2021...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2021/06/10 12:37 p.m.12 views

Salesforce Ventures, Blackstone, and Aglaé Join Team Wiz!

Last week Wiz closed its Series B, which we had previously announced in March, with an additional $120 million investment from Salesforce Ventures and Blackstone with participation from Aglaé Ventures...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2021/05/24 11:0 a.m.11 views

New 451 Research report analyzes Wiz and the cloud security market

The report breaks down the current state of the cloud security market and provides an analysis of Wiz’s product strategy, technology, competitors, and more. It’s essential reading for anyone looking for an objective third-party perspective on Wiz and the rapidly developing cloud security market...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2021/03/22 5:58 p.m.10 views

Wiz becomes fastest growing security startup ever with new $1.7B valuation

Wiz becomes fastest growing security startup ever with new $1.7B valuation...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2021/02/02 5:39 p.m.9 views

82% of companies unknowingly give 3rd parties access to all their cloud data

Cloud identity permissions are complex. So complex that innocent looking permissions provided to 3rd party vendors can lead to unintended exposure of all of your data...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2021/02/02 1:0 p.m.9 views

Recent Linux sudo vulnerability affects a major percent of cloud workloads

With an estimated 90% of cloud workloads running Linux based OS, with sudo being common across distributions, many Linux cloud assets are at risk and may be affected. Versions released as far back as 2011 are affected by this vulnerability...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2021/02/01 12:52 p.m.8 views

The SolarWinds Attack

SolarWinds attack explained by Wiz CTO Ami Luttwak...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2020/12/09 10:11 p.m.12 views

Wiz comes out of stealth with $100M Series A funding to reinvent cloud security

Today, we’re announcing a milestone in that journey: a $100M Series A funding round led by Index Ventures, Sequoia Capital, Insight Partners, and Cyberstarts...

6.8AI score
Exploits0
Total number of security vulnerabilities649