Lucene search
K
WizblogRecent

645 matches found

Wiz blog
Wiz blog
added 2026/02/16 9:19 p.m.6 views

From Detection to Remediation: It’s Time to Rethink AppSec Around Exploitability and Root Cause Fixes

Learn how Wiz is fundamentally changing AppSec by using the Security Graph to connect validated runtime vulnerabilities directly back to source code. Stop chasing alerts and fix what’s truly exploitable...

5.5AI score
Exploits0
Wiz blog
Wiz blog
added 2026/02/13 12:0 p.m.8 views

The Agile FedRAMP Playbook, Part 1: Why Risk is Your Best Starting Point

Compliance shouldn't mean a standstill for innovation. The first of our four-part series explores how Wiz quickly reached FedRAMP High through a "risk-first" philosophy. In parts 2-4 we’ll explore how Wiz helps with FedRAMP requirements through proactive, preventative, and reactive risk managemen...

5.5AI score
Exploits0
Wiz blog
Wiz blog
added 2026/02/12 6:5 p.m.21 views

Introducing AI Cyber Model Arena: A Real-World Benchmark for AI Agents in Cybersecurity

Wiz Research’s AI Cyber Model Arena benchmarks offensive AI security on 257 real-world challenges zero-days, CVEs, API/web, and cloud across AWS/Azure/GCP/K8s demonstrating what AI models and agents can really do...

5.4AI score
Exploits0
Wiz blog
Wiz blog
added 2026/02/06 1:0 p.m.8 views

Wiz + Spotify Backstage: Security at the Developer’s Desk

Bring Wiz Issues directly into Backstage, so developers can act on security issues in the tools they use everyday...

5.3AI score
Exploits0
Wiz blog
Wiz blog
added 2026/02/02 3:29 p.m.8 views

Building AI Security Together: New Ways to Partner with Wiz for AI Security in 2026

Enhancing the Wiz Integration Network with a new WIN MCP, developer AI agent, WIN AI security category, and partner AI hackathon...

5.3AI score
Exploits0
Wiz blog
Wiz blog
added 2026/02/02 3:0 p.m.6 views

Hacking Moltbook: The AI Social Network Any Human Can Control

1 exposed database. 35,000 emails. 1.5M API keys. And 17,000 humans behind the not-so-autonomous AI network...

5.3AI score
Exploits0
Wiz blog
Wiz blog
added 2026/01/30 1:0 p.m.6 views

The Year in Wiz Research: 2025 Most Read Blogs

A look back at the cloud security investigations and vulnerabilities that defined the year, from AI breakthroughs to supply chain shifts...

5.9AI score
Exploits0
Wiz blog
Wiz blog
added 2026/01/29 6:0 p.m.12 views

AI Agents vs Humans: Who Wins at Web Hacking in 2026?

Wiz Research teamed up with Irregular, a frontier AI security lab, to settle this once and for all...

5.9AI score
Exploits0
Wiz blog
Wiz blog
added 2026/01/29 12:0 p.m.6 views

Introducing the WIN Partner Index: The Integrations That Powered Modern Cloud Security in 2025

A data-driven industry benchmark showing how integrations are adopted, gain traction, and deliver value across modern cloud security programs...

5.9AI score
Exploits0
Wiz blog
Wiz blog
added 2026/01/27 2:12 p.m.6 views

AI-Powered Forensics, at Cloud Speed

Reviewing Wiz’s approach to forensics in the cloud era, and announcing the public preview of AI-powered, context-aware forensics capabilities...

5.9AI score
Exploits0
Wiz blog
Wiz blog
added 2026/01/26 5:25 p.m.6 views

Introducing SITF: The First Threat Framework Dedicated to SDLC Infrastructure

Moving beyond simple checklists to visualize, map, and block attacks on production SDLC infrastructure...

5.9AI score
Exploits0
Wiz blog
Wiz blog
added 2026/01/21 1:56 p.m.5 views

WizExtend is Here: AI and Cloud Security Insights in Your Daily Workflow

Get risk insights and take remediation actions right from your in-browser CSP portal, VCS console, or as you’re reading up on the latest threat research...

5.4AI score
Exploits0
Wiz blog
Wiz blog
added 2026/01/20 2:8 p.m.6 views

From Detection to Remediation: Wiz in Your JetBrains IDE

The Wiz JetBrains IDE plugin is now generally available, enabling developers to fix risks before code leaves their local environment...

5.5AI score
Exploits0
Wiz blog
Wiz blog
added 2026/01/16 5:23 p.m.8 views

Agentic Browser Security: 2025 Year-End Review

Are agentic browsers the new Flash? A 2025 review of new attacks, vendor security layers, and a roadmap for navigating AI browser risks...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/01/15 3:0 p.m.15 views

CodeBreach: Infiltrating the AWS Console Supply Chain and Hijacking AWS GitHub Repositories via CodeBuild

Wiz Research discovered a critical supply chain vulnerability that abused a CodeBuild misconfiguration to take over key AWS GitHub repositories - including the JavaScript SDK powering the AWS Console...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2026/01/14 5:36 p.m.5 views

A 90-Day Action Plan to Turn Resolutions into Results with Wiz

Whether you’re new to Wiz or early in your cloud security journey, start the year strong by turning cloud security resolutions into real impact in your first 90 days with Wiz...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2026/01/14 2:0 p.m.9 views

Introducing the Wiz Partner Alliance: A New Chapter for Partner Success

Building the future of cloud security, together...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2026/01/08 2:51 p.m.3 views

Preparing for Post-Quantum Cryptography

Learn what you can do today to prepare for Q-Day...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2026/01/06 2:0 p.m.20 views

Wiz Recognized as a 2025 Customers’ Choice in the Gartner® Peer Insights™ Voice of the Customer for CNAPP

Wiz is proud to be the only vendor recognized as a Customers’ Choice for two consecutive years...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2025/12/31 1:49 p.m.6 views

Expanding the Zero Critical Club to set a new standard for AppSec and SecOps teams

We are introducing Zero Code Criticals and Zero Time to Respond clubs to give every team a clear north star for secure development and rapid response...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2025/12/30 3:21 p.m.9 views

Snipping the Long Tail of Shai-Hulud 2.0

Wiz Research reveals the data behind Shai-Hulud's 2.0 long tail, the massive gap in cloud credential rotation, a potential link to the Trust Wallet incident, and how we finally "snipped the tail" on a month of ongoing infections...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2025/12/30 12:49 p.m.8 views

Protecting Against Zero-Day Vulnerabilities with SOC-Level ASM Alert

Outpacing React2Shell using pre-breach alerts from Wiz ASM to eliminate exploitable risk before attackers find them...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2025/12/28 9:24 a.m.13 views

MongoBleed (CVE-2025-14847) exploited in the wild: everything you need to know

Detect and mitigate CVE-2025-14847, an unauthenticated information leak vulnerability in MongoDB. Exploitation has been observed in the wild. Organizations should patch urgently...

8.7CVSS6.8AI score0.83007EPSS
Exploits39
Wiz blog
Wiz blog
added 2025/12/23 12:41 p.m.7 views

The Kenna Transition: Your Strategic Shift to Exposure Management

How the Kenna sunset is giving security leaders the opportunity to outgrow vulnerability silos and adopt a unified exposure management model...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2025/12/22 1:0 p.m.14 views

From MCP to Vibe Coding: Full Endpoint Visibility in Wiz AI Security

How Wiz AI-SPM delivers a complete view of exposed AI application endpoints — from Vibe Coding to MCP — and why that visibility matters...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2025/12/22 1:0 p.m.27 views

Bringing Oracle Cloud Identity to Wiz

Unified visibility into OCI identities, permissions, and policies — mapped into Wiz’s Security Graph...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2025/12/16 3:30 p.m.7 views

Zero‑Days in the Age of AI: Behind the Scenes of ZeroDay.cloud 2025, with a Record High of CVEs in Critical Cloud Infra

ZDC awarded hackers $320,000 and uncovered a record‑breaking tally of critical CVEs for core cloud infrastructure, underscoring the scale and urgency of securing the open‑source software that underpins the modern cloud...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2025/12/10 3:0 p.m.8 views

Gogs 0-Day Exploited in the Wild

Wiz Threat Research has observed exploitation in-the-wild of CVE-2025-8110...

8.8CVSS7AI score0.7654EPSS
Exploits15
Wiz blog
Wiz blog
added 2025/12/09 1:0 p.m.7 views

Code to Cloud Attacks: From Github PAT to Cloud Control Plane

How attackers are leveraging compromised employee GitHub Personal Access Tokens to compromise cloud environments...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2025/12/08 9:54 p.m.4 views

Top AWS re:Invent Announcements for Security Teams in 2025

The re:Invent announcements that are most impactful to security teams...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2025/12/08 5:18 p.m.10 views

React2Shell: Technical Deep-Dive & In-the-Wild Exploitation of CVE-2025-55182

We break down the exploit mechanics and detail active in-the-wild attacks observed by our team, from credential harvesting to sophisticated cloud backdoors...

10CVSS6.9AI score0.99562EPSS
Exploits373
Wiz blog
Wiz blog
added 2025/12/03 3:57 p.m.28 views

React2Shell (CVE-2025-55182): Everything You Need to Know About the Critical React Vulnerability

Detect and mitigate React2Shell CVE-2025-55182, critical RCE vulnerability in React and Next.js exploited in the wild. Organizations should patch urgently...

10CVSS7.7AI score0.99562EPSS
Exploits373
Wiz blog
Wiz blog
added 2025/12/03 1:30 p.m.6 views

Wiz Product Announcements at re:Invent 2025: Expanding Visibility from Code to Cloud

Check out new product releases that help security and engineers work together to keep cloud environments secure...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2025/12/02 6:30 p.m.3 views

Introducing Wiz SAST: Where Code Risk Meets Cloud Context

Modern code runs in complex and distributed cloud environments. Wiz SAST meets this complexity by correlating code flaws with real cloud context–including where workloads run, what they can access, and how exposed they are...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2025/12/02 4:55 p.m.9 views

Wiz Becomes Fastest Security ISV to Reach $1 Billion in AWS Marketplace Lifetime Sales

A milestone fueled by customer trust and a partnership built for scale...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2025/12/02 2:2 p.m.14 views

It's Here! Wiz Exposure Management is Now GA

Moving beyond CVE counts to true exposure management everywhere with new UVM and ASM capabilities, now GA...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2025/12/01 5:52 p.m.4 views

Shai-Hulud 2.0 Aftermath: Trends, Victimology and Impact

A deeper look at the Shai-Hulud 2.0 supply chain attack: reviewing the infection spread, victimology, leaked secrets distribution, and community response so far...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2025/12/01 1:48 p.m.8 views

Service Catalog is Here: Expand Risk Visibility for Your Service and Its Dependencies, Simplify Issue Ownership

Give security and developers a shared view of cloud risk, aligned to the way applications are built and maintained...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2025/12/01 1:0 p.m.7 views

WizOS: Powering Secured Image Adoption with AI

WizOS is now GA to help every organization reduce CVEs and build on a trusted foundation...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2025/11/27 4:27 p.m.7 views

3 OAuth TTPs Seen This Month — and How to Detect Them with Entra ID Logs

How OAuth tokens, JWT fields and Entra sign-in logs reveal attacker behavior, and how to turn those signals into reliable detections...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2025/11/25 1:0 p.m.4 views

Mastering Software Governance with Hosted Technologies Inventory

Gain visibility into every technology in your environment and eliminate governance gaps...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2025/11/24 10:27 a.m.21 views

Shai-Hulud 2.0 Supply Chain Attack: 25K+ Repos Exposing Secrets

Detect and mitigate malicious npm packages linked to the recent Shai-Hulud-style campaign. Over 25,000 affected repositories across 350 unique users...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2025/11/21 2:7 p.m.5 views

Get Certified on Wiz Defend for Threat Detection and Response

Wiz Defend Certification validates skills in cloud threat detection and response for SOC, IT, and security professionals...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2025/11/19 1:0 p.m.8 views

Blueprint for Security: A Guide to Code, Governance, and Response Frameworks

Building a Foundation for Security and Compliance...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2025/11/13 5:0 p.m.5 views

Google Unified Security Recommended Program Names Wiz Among First 3 Strategic Partners

Inaugural partner program reflects commitment to building an open, unified future for security...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2025/11/12 2:3 p.m.17 views

Introducing Posture Issues: Transform Security Findings into Actionable Outcomes

Streamline Security Backlogs by Grouping Vulnerabilities, Secrets, and Data Findings into Posture Issues...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2025/11/10 2:39 p.m.5 views

Empower and Accelerate Your SOC with the Wiz SecOps AI Agent

Meet the SecOps AI Agent: AI-powered threat triage built on the Wiz platform. Investigate every threat with speed and transparency...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2025/11/10 2:39 p.m.3 views

Empower and Accelerate Your SOC with the Blue Agent

Meet the Blue Agent: AI-powered threat triage built on the Wiz platform. Investigate every threat with speed and transparency...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2025/11/10 1:34 p.m.3 views

Exposure Report: 65% of Leading AI Companies Found with Verified Secret Leaks

How secure are top private AI companies? Find out from our scans and disclosures...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2025/11/04 4:39 p.m.5 views

Wizdom 2025 Product Announcements: Extending the Cloud Operating Model

At Wizdom 2025, we’re unveiling two new AI agents alongside new product innovations that deepen and extend the graph across SaaS, workloads, AI infrastructure, and external exposures. Together, these advances enable teams to secure everything they build and run in the cloud and beyond...

7AI score
Exploits0
Total number of security vulnerabilities645