Featured

Wiz named a 2023 AWS EMEA Marketplace Partner of the Year

AWS has named Wiz a Marketplace Partner of the Year, recognizing our practice of helping customers drive innovation while keeping security top of mind. 

Introducing the Wiz extension: cloud security delivered to your AWS console

Wiz’s new Chrome browser extension brings cloud security to your fingertips and streamlines access to Wiz from your cloud console.

Extend Wiz to your Developers: Enable secure cloud development with agility.

New capabilities extend Wiz CNAPP to secure the entire software pipeline, enabling organizations to securely develop for the cloud.

Biden's AI Executive Order: What it says, and what it means for security teams

The 2023 Executive Order has far-reaching implications for companies relying on AI. Here is a breakdown of it through the lens of a Security Engineer, including an analysis, a summary of the impact on AI safety and privacy protection, and a look at how the order will affect security teams.

Wiz launches support for Google Cloud excessive access findings based on audit logs

Google Cloud customers can now detect excessive access in their GCP environment based on Google audit logs to effectively right-size permissions.

Unveiling eBPF: Harnessing Its Power to Solve Real-World Issues

Dive in a Kubernetes attack and see how eBPF and other security best practices can prevent these attacks.

Wiz becomes the first CNAPP to provide AI Security Posture Management

Wiz extends its platform to secure AI with AI-SPM capabilities, helping organizations accelerate their AI innovation in the cloud.

Unleashing the power of cloud security: drive business impact with Wiz 

Wiz has helped hundreds of organizations, including 40% of the Fortune 100, improve their security posture and gain operational efficiency

 5 Steps to Establishing a Zero Trust Foundation in the Cloud with Wiz 

Gain complete visibility into your environment and its risks to enable a Zero Trust strategy in the cloud 

Key takeaways from the Wiz 2023 Kubernetes Security Report

Today, Wiz published its 2023 Kubernetes Security Report. Here are some key takeaways.

PwC and Wiz form strategic alliance in the United Kingdom

PwC UK and Wiz have formed an alliance to bring enhanced security solutions to customers.

Ensuring Supply Chain Security: Verify container image integrity with the Wiz Admission Controller

The Wiz admission controller simplifies supply chain security by ensuring only trusted container images can be deployed in Kubernetes environments.

Eight questions to measure vulnerability remediation "pain"

What is it about certain vulnerabilities that makes them especially hard to deal with, and how can vendors make things easier for security teams?

Wiz inducted into the JPMorgan Chase Hall of Innovation  

We're excited to announce that JPMorgan Chase has made Wiz a new member of their Hall of Innovation!

Announcing the EKS Cluster Games

Test your investigation skills and K8s knowledge in a new Wiz-sponsored CTF event: the EKS Cluster Games!

Securing clouds, securely

Let's take a look at how Wiz designed the agentless workload scanner to be modular and scalable, and what security measures Wiz takes to protect sensitive customer data.

Linux rootkits explained – Part 2: Loadable kernel modules

Part 2 dives into the world of LKMs (Loadable Kernel Modules) and kernel-space rootkits to explore what LKMs are, how attackers abuse them, and how to detect them.

Wiz recognized as a 2023 Frost & Sullivan Radar Leader in Cloud Workload Protection Platform

In its 2023 Frost Radar™ analysis, Frost & Sullivan identified the top companies in the Global Cloud Workload Protection Platform (CWPP) market. Wiz is honored to be included on the list!

Clint Gibler on AI and cybersecurity: the current state of the art and where we’re headed

Wiz recently talked with security expert Clint Gibler about the many uses of AI in the cybersecurity space

Wiz launches data center in Mumbai, supporting the growing operations of global organizations in India

Wiz is proud to announce the opening of its data center in Mumbai, India

Wiz launches support for Google Workspace, helping organizations secure Google Cloud identities

Protect your Google Cloud identities with Wiz's new Google Workspace identity modeling and identify suspicious activity in Google Workspace with new threat detection rules

CVE-2023-38545 high severity vulnerability in cURL: everything you need to know

Detect and mitigate CVE-2023-38545, a high severity buffer overflow vulnerability in cURL. Organizations should upgrade to the patched version.

The good, the bad, and the vulnerable

Get the tl;dr on Wiz's methodology for cloud vulnerability triage in our new report, "The good, the bad, and the vulnerable."

Critical and high severity Exim vulnerabilities: everything you need to know

Detect and mitigate CVE-2023-42115, and 5 more vulnerabilities in Exim. Organizations using affected configurations should mitigate and patch the vulnerabilities urgently.

Critical vulnerabilities in media libraries exploited in the wild: everything you need to know

Delving into CVE-2023-4863 and CVE-2023-5217 - critical vulnerabilities in libwebp and libvpx exploited in the wild.

Unveiling eBPF: Revolutionizing Security and Observability

An Introduction to Extended BPF and Its Transformative Impact.

Wiz launches support for Amazon SageMaker, helping organizations innovate faster and more securely with AI

Wiz helps accelerate the machine learning journey for practitioners by protecting their generative AI applications

Inside the vault: how financial institutions protect their cloud environments

As part of our monthly CISO webinar series, Wiz’s VP of Product Strategy, Raaz Herzberg, spoke with three security experts to learn how each of them prioritize cloud security, and how they extend the reach of good security practices across their organizations.

GAO Study Reveals: Government Faces Challenges with Continuous Monitoring

Learn how government agencies can meet the GAO’s recommended cloud security best practices by establishing continuous risk and compliance monitoring in the cloud

38TB of data accidentally exposed by Microsoft AI researchers

Wiz Research found a data exposure incident on Microsoft’s AI GitHub repository, including over 30,000 internal Microsoft Teams messages – all caused by one misconfigured SAS token

Fortify your cloud security with Wiz as it integrates with Microsoft Sentinel

Lock down your cloud infrastructure with the new Wiz integration with Microsoft Sentinel. Gain full context, support thorough investigations, and automate your response for ultimate security.

Wiz enhances real-time threat detection and response capabilities to stop threats from becoming incidents

The Wiz Runtime Sensor for Kubernetes graduates to general availability with proven ability to detect cloud attacks, greater customization for detections, and new cloud-native response capabilities

Wiz and Fortinet announce partnership to deliver cloud-native security protection

Joint customers can now detect and prioritize public exposures with Wiz and automatically remediate unwanted exposures with FortiGate NGFW.

A security community success story of mitigating a misconfiguration

Learn about the process of preventing security issues by changing things outside of your environment by looking at how a misconfiguration was occurring when Github Actions were integrated with AWS IAM roles and the improvements made that have now made this misconfiguration much less likely. 

Storm-0558 Update: Takeaways from Microsoft's recent report

The Wiz research team examines Microsoft's latest Storm-0558 findings and summarizes the key learnings cloud customers should take away from the incident.

I know what you mined last summer: summarizing Summer '23 cryptomining activity

During the summer of 2023, using the Wiz Sensor, Wiz Research detected several different cryptomining campaigns targeting cloud workloads. Learn about these campaigns and their associated IoCs, and how to detect and prevent similar threats.

Recap: Wiz innovations at Google Cloud NEXT ‘23

The integration of Wiz’s CNAPP and Google Cloud helps both cloud defenders and builders improve security and innovate faster.

Docker and Kubernetes, we have got you covered: Wiz simplifies compliance and security posture management for Docker and Kubernetes environments.

Ensure that your Docker and Kubernetes environments are secure and compliant with CIS benchmarks. Generate reports quickly and easily and remediate any issues with actionable insights.

Wiz is the #1 Cloud Security Company on the 2023 Forbes Cloud 100

Wiz is the #1 cloud security company on the list and one of the biggest movers from last year, alongside OpenAI. What an honor!

5 Cloud Security Predictions for 2023

COVID's impact still resonates. Remote work, AI, and a turbulent economy have made the future unpredictable, including the future of cloud security. But we still have best practices for you! Let's examine 5 cloud security predictions to be aware of in 2023

Wiz helps organizations innovate with AI securely and responsibly, launching support for Google Cloud Vertex AI

Wiz protects AI infrastructure against cloud attacks, allowing data scientists and engineers to focus on deploying more AI applications.

The Magic of Branding: Creating an Optimistic Identity for a Security Product

In the world of security, the dominant approach to branding is often based on fear and intimidation. But at Wiz, we're taking a different approach. We believe in the power of optimism and positivity, and we're building a brand that reflects those values.

Wiz's agentless approach to cloud-native vulnerability management

Prioritize critical vulnerabilities based on business impact with Wiz’s agentless Vulnerability Management solution.

GameOver(lay): Easy-to-exploit local privilege escalation vulnerabilities in Ubuntu Linux affect 40% of Ubuntu cloud workloads

Wiz Research discovered CVE-2023-2640 and CVE-2023-32629, two easy-to-exploit privilege escalation vulnerabilities in the OverlayFS module in Ubuntu affecting 40% of Ubuntu cloud workloads.

Zenbleed: cross-process infoleak vulnerability in AMD Zen 2 Processors - everything you need to know

Learn about the impact in cloud environments of CVE-2023-20593, a cross-process information leak vulnerability in AMD Zen 2 Processors.

Top 16 cloud security experts you should follow in 2023

Handpicked by our research team: The annual list of 16 thought leaders you need on your feed.

Streamline Software Bill of Materials (SBOM) Generation with Wiz's Agentless SBOM

Enhance software security and supply chain risk management with Wiz's agentless scanning technology for effortless SBOM creation

Compromised Microsoft Key: More Impactful Than We Thought

Our investigation of the security incident disclosed by Microsoft and CISA and attributed to Chinese threat actor Storm-0558, found that this incident seems to have a broader scope than originally assumed. Organizations using Microsoft and Azure services should take steps to assess potential impact.

Kubernetes API limitations in finding non-standard pods and containers

Gain a deeper understanding of why it's essential to monitor non-standard pods and containers, including static pods, mirror pods, init containers, pause containers, and ephemeral containers within your Kubernetes environment.