Wiz integrates with the new Amazon Inspector for enhanced security insights, context, and accuracy

Wiz is excited to announce it is a launch partner for the new Amazon Inspector, bringing Amazon Inspector findings together with Wiz insights to give our customers actionable, prioritized and contextually rich security insights.

1 minutes read

Wiz strives to help its customers rapidly identify and mitigate risks in their Cloud-based applications. Today, Wiz is excited to announce it is a launch partner for the new Amazon Inspector, bringing Amazon Inspector findings together with Wiz insights to give our customers actionable, prioritized and contextually rich security insights. These insights enable our customers to proactively mitigate risks and prevent them from becoming breaches.

Building on our existing breadth of integrations, this capability will help our mutual customers gain immediate value from the latest security innovations AWS has to offer. By ingesting Amazon Inspector findings, Wiz provides its customers a single pane of glass that verifies that all running Amazon EC2 instances and container images residing in Amazon Elastic Container Registry (ECR) are secure, and even ensures that Amazon Inspector runs on the right workloads. ‍

Amazon Inspector can be enabled with just a few clicks in the AWS management console, across all accounts within a customer’s organization. As new Amazon EC2 instances are launched, Inspector automatically discovers these workloads along with any container images residing in Amazon Elastic Container Registry (ECR). It then assesses these resources for vulnerabilities and ensures they align with security best practices. ‍

Wiz also connects in just minutes and augments Inspector findings with a 100% API-based approach that scans both cloud configurations as well as the workloads using a unique agentless technology. Using only a single read connection for each AWS organization, Wiz provides a full risk assessment of the cloud resources and the workloads running such as PaaS resources, EC2, ECR, and Lambda. By correlating configuration findings, vulnerabilities, exposure paths, machine identities, effective permissions, secrets, malware, and other critical risk vectors, Wiz delivers insights that security and engineering teams can act upon without wasting time.

Tags 
#News

Continue reading

Security industry call to action: we need a cloud vulnerability database

In the pre-cloud era, the responsibility for security was fully in the hands of the users. As we uncover new types of vulnerabilities, we discover more and more issues that do not fit the current model. Solution: we need a centralized cloud vulnerabilities database.

ChaosDB explained: Azure's Cosmos DB vulnerability walkthrough

This is the full story of the Azure ChaosDB Vulnerability that was discovered and disclosed by the Wiz Research Team, where we were able to gain complete unrestricted access to the databases of several thousand Microsoft Azure customers.

How we broke the cloud with two lines of code: the full story of ChaosDB

A summary and recording of Wiz's talk at BlackHat Europe 2021: the full extent of ChaosDB, the impact it had, and the questions it raises about security in managed cloud services.
Even more to discoverReady to see for yourself?
“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
Chipotle Logo
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Blackstone Logo
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Mars Logo
Greg PoniatowskiHead of Threat and Vulnerability Management