This blog post will discuss lateral movement risks from on-prem to the cloud. We will explain attacker TTPs, and outline best practices for cloud builders and defenders to help secure their cloud environments and mitigate risk.
Detect and mitigate CVE-2023-32784, a vulnerability in KeePass which allows the extraction of the master password in cleartext from the application's memory.
KubeCon Europe is the largest open-source community conference in Europe with hundreds of talks. We picked our favorite Kubernetes security sessions available online.
The release of the National Cybersecurity Strategy by the Biden-Harris Administration is a significant development that will have an impact on security teams across the United States. What does it say?
A container escape vulnerability, combined with accidental 'write' permissions to a private registry, opened a backdoor for Wiz Research to access Alibaba Cloud databases and potentially compromise its services through a supply-chain attack
Confidently ensure your Kubernetes environments are compliant with CIS Benchmarks for cloud-managed Kubernetes. Quickly generate compliance reports and remediate any issues without hassle.
Detect and mitigate CVE-2023-28252, EoP vulnerability exploited in the wild, and CVE-2023-21554, a critical RCE vulnerability. Organizations should patch urgently.
How a misconfiguration in a Microsoft Bing.com application allowed Wiz Research to modify Bing’s search results – and potentially compromise the private data of millions of Bing users
How Wiz Research found a common misconfiguration in Azure Active Directory that compromised multiple Microsoft applications, including a Bing management portal
Wiz launches a new Canadian data center and adds support for CSE Information Technology Security Guidance (ITSG) 33 framework helping organizations simplify cloud security and compliance.
Some application misconfigurations are equivalent to remote code execution or information disclosure vulnerabilities, but often go unnoticed. Wiz’s agentless capabilities detect these and correlate them to attack surface and business impact risks, highlighting the most critical misconfigurations.
Service Control Policies (SCPs) can be a great way to prevent actions from happening in AWS accounts. In this post, we will illustrate a specific use case of SCPs that protects the security baseline, or landing zone, configuration you’ve created for accounts
Wiz CLI and Wiz Admission Controller enable developers to leverage a single security policy throughout the software pipeline for cloud-native environments.
Stay compliant with Wiz’s 100+ compliance frameworks, generate quick compliance reports, and remediate issues faster with remediation guidance and auto-remediation.
CVE-2023-25610 is a critical RCE vulnerability in FortiOS. This vulnerability is a buffer underwrite bug in the administrative interface which could allow a remote unauthenticated attacker to execute code using specially crafted requests. Affected customers should patch immediately.
Wiz for DSPM, now generally available, helps customers reduce the time it takes to discover and fix cloud data exposure before it becomes a costly breach
Since early September 2022, tens of thousands of websites aimed at East Asian audiences have been hacked, redirecting hundreds of thousands of their users to adult-themed content.
In this third blog post, we will discuss lateral movement risks from the cloud to Kubernetes. We will explain attacker TTPs, and outline best practices for cloud builders and defenders to help secure their cloud environments and mitigate risk.
Recent attacks leverage CVE-2021-21974 to install ransomware on VMWare ESXi servers. Security teams are advised to patch and stay vigilant for indicators of compromise.
Wiz's State of the Cloud 2023 report provides analysis of trends in cloud usage such as multi-cloud, use of managed services and more. In addition, the report highlights notable cloud risks based on insights from 30% of Fortune 100 enterprise cloud environments
Detect and mitigate CVE-2022-44877, a CentOS Control Web Panel (CWP) unauthenticated RCE exploited in the wild. Security teams are advised to patch urgently.
In this second blog post, we will discuss lateral movement risks from Kubernetes to the cloud. We will explain attacker TTPs, and outline best practices for security practitioners and cloud builders to help secure their cloud environments and mitigate risk.
The developers of PyTorch (a popular machine-learning framework) recently identified a malicious dependency confusion attack on the open-source project. Security teams are advised to check for infected resources and rotate any exposed keys.
Critical RCE vulnerability found in Linux kernel's `ksmbd` module: remote attackers can execute code without authentication. The module is not enabled by default on most operating systems.
A new exploit method targeting CVE-2022-41080 and CVE-2022-41082 vulnerabilities in Exchange servers, which can bypass previous workarounds, has been discovered and exploited in the wild. Organizations should patch urgently.
Learn about how AWS's recently released Delegated Administrator for AWS Organization can be used to solve common problems at your company and the issues you might run into with it.
Detect and mitigate CVE-2022-27518, a Citrix ADC and Gateway unauthenticated RCE 0-day exploited in the wild by a nation state actor. Organizations should patch urgently.
CI/CD pipelines, as an essential part of the software development process, are an attractive target to malicious actors. Based on our research of cloud environments, we share common misconfigurations and provide tips on how to remediate them in order to prevent supply-chain attacks.
AWS re:Invent is the largest conference of the year for Amazon Web Services (AWS) with hundreds of talks. We picked our favorite cloud security talks that are available online.
Wiz extends its risk assessment to support host and application level misconfigurations, enabling customers to ensure security and compliance posture for applications.
Fully understand the impact and architecture behind any threat to streamline and speed effective response with a first-of-its-kind integration combining the Wiz Security Graph’s deep cloud and multi-cloud risk context with Google Cloud’s Security Command Center’s advanced threat detection.
On November 1st, 2022, the OpenSSL Project disclosed High severity vulnerabilities CVE-2022-3786 and CVE-2022-3602, affecting deployments of OpenSSL 3.0.0–3.0.6. Learn how to effectively manage your organization's patching efforts.
New Wiz capabilities protect containerized applications by bringing deep cloud context and visibility to quickly identify and prioritize risks across containers, Kubernetes and cloud environments without agents
KubeCon 2022 will be full of great presentations and content. Here's our take on the conference sessions (apart from our own) that you shouldn't miss, whether you're onsite or attending virtually.
Wiz will be attending and sponsoring KubeCon for the first time and we have a lot to share regarding how enterprises can better secure their container and Kubernetes environments. Come say hi!
In this first blog post, we will introduce lateral movement as it pertains to the VPC. We will discuss attacker TTPs, and outline best practices for security practitioners and cloud builders to help secure their cloud environment and reduce risk.
Before it was patched, #AttachMe could have allowed attackers to access and modify any other users' OCI storage volumes without authorization, thereby violating cloud isolation. Upon disclosure, the vulnerability was fixed within hours by Oracle. No customer action was required.
Leonid Belkind, CTO of Torq, and Itay Arbel, PM at Wiz, explain how organizations can build a coherent Cyber Security Incident Response Plan using Wiz CDR to analyze cloud events and threat alerts in their context together with Torq's next-generation orchestration and automation capabilities.
Just two years since its launch, Wiz protects hundreds of the world’s leading organizations by enabling them to build faster and more securely in the cloud
In just two years, Wiz helps hundreds of customers protect their cloud infrastructure and innovate more quickly. As a result, Wiz has become the fastest-growing software company ever, scaling from $1M ARR to $100M ARR in just 18 months.
Wiz is excited to be back in Las Vegas for Black Hat 2022 as a sponsor of this year's conference. At Black Hat, you'll have the opportunity to learn from our research and product experts, experience live demos in our booth, and mingle with us after the conference.
Wiz finds Azure customers remain unpatched from cloud middleware vulnerability and collaborates with Microsoft to introduce an auto-patching solution against cloud middleware security issues and make the cloud safer
Wiz leverages its leading Cloud Security Graph to help Cloud Defenders quickly understand, with the click of a button— what happened, where it happened, and how to respond.
Support for Alibaba Cloud follows just weeks after launch of Oracle Cloud Infrastructure (OCI) integration, providing organizations the broadest coverage of any cloud native application protection platform (CNAPP)
Wiz Research builds upon previous “OMIGOD” findings with a presentation at RSA Conference 2022; details how cloud middleware use across cloud service providers can expose customers' virtual machines to new attack vectors
Our introduction of attack path analysis (APA) and Cloud Detection and Response (CDR) further enriches the context provided by our foundational Wiz Security Graph.
We can’t wait to see many of you at RSA Conference 2022 in San Francisco, June 6-9. Check out a demo at our booth, attend a Wiz speaking session, or unwind at our SFMOMA party!
Wiz is excited to announce its new integration with ServiceNow Vulnerability Response (VR), creating a combined vulnerability management workflow that eliminates blind spots and prioritizes risks.
For each CVE, the Wiz Research team maintains data from multiple threat intelligence sources and our own independent research. Now that we’ve added support for the new CISA KEV catalog, learn how you can use it in your cloud environment.
In this post, we discuss five security limitations of endpoint security agents and also explain how adding agentless solutions can improve your cloud environment security.
As more organizations move to the cloud, so do attackers. What can you do to better protect your cloud environment in 2022? Wiz Research has compiled the most pressing cloud security threats and how you can protect against them.
The main challenge with Log4j is understanding your existing infrastructure, and identifying the location of all vulnerable Log4j libraries. Follow Wiz's recommendations to wrap it all before the Holidays!
Wiz and EY (Ernest & Young) analyzed more than 200 enterprise cloud environments with thousands of cloud accounts. The results were striking: While 93% of all cloud environments are at risk from Log4Shell, on average organizations have patched 45% of their vulnerable cloud resources by Day 10.
Log4Shell Meltdown: How to protect your cloud from this critical RCE threat. In this post, we’ll provide a quick overview of Log4Shell: what it is, its impact, and recommendations for security teams.
Fixing vulnerabilities and misconfigurations in the pipeline before deployment makes perfect sense - it reduces the overall threat footprint and saves time. Wiz offers customers a straightforward way to operationalize a Shift Left strategy.
Wiz is excited to announce it is a launch partner for the new Amazon Inspector, bringing Amazon Inspector findings together with Wiz insights to give our customers actionable, prioritized and contextually rich security insights.
In the pre-cloud era, the responsibility for security was fully in the hands of the users. As we uncover new types of vulnerabilities, we discover more and more issues that do not fit the current model. Solution: we need a centralized cloud vulnerabilities database.
This is the full story of the Azure ChaosDB Vulnerability that was discovered and disclosed by the Wiz Research Team, where we were able to gain complete unrestricted access to the databases of several thousand Microsoft Azure customers.
A summary and recording of Wiz's talk at BlackHat Europe 2021: the full extent of ChaosDB, the impact it had, and the questions it raises about security in managed cloud services.
Customers have come to realize ignorance isn’t bliss. Cloud has gotten too big and unwieldy for most companies to effectively manage on their own. That’s where Wiz comes in.
In this post, we’re going to dive into the role and limitations of security agents in the cloud, and put forth a different approach for cloud infrastructure security: agentless deep scanning.
Wiz Research recently found 4 critical vulnerabilities in OMI, which is one of Azure's most ubiquitous yet least known software agents and is deployed on a large portion of Linux VMs in Azure.
Wiz Research recently discovered a series of alarming vulnerabilities that highlight the supply chain risk of open source code, particularly for customers of cloud computing services.
The first half of 2021 has been incredible for Wiz. Fueled by an additional $250M in funding ($350M total) from Sequoia, Index Ventures, Insight, Salesforce, Blackstone, Advent, Greenoaks, and Aglaé Wiz has grown at a blistering pace, going from 25 employees at the start of the year to 120 today.
Wiz Research found an unprecedented critical vulnerability in Azure Cosmos DB. The vulnerability gives any Azure user full admin access (read, write, delete) to another customers Cosmos DB instances without authorization.
As part of building a market-leading CNAPP, Wiz Research is constantly looking for new attack surfaces in the cloud. Two weeks ago we discovered an unprecedented breach that affects Azure’s flagship database service, Cosmos DB.
CNAPP stands for Cloud-Native Application Protection Platform. The term was coined by Gartner, who recognized the expanding needs that go into securing applications in the cloud.