Nir Ohfeld

Test your investigation skills and K8s knowledge in a new Wiz-sponsored CTF event: the EKS Cluster Games!

Put yourself to the test with our unique CTF challenge and boost your AWS IAM knowledge. Do you have what it takes to win The Big IAM Challenge?

How Wiz Research uncovered multiple related vulnerabilities in PostgreSQL-as-a-Service offerings from GCP, Azure, and others.

Affected organizations are required to update installed agents that use the OMI cloud middleware software

Wiz Research builds upon previous “OMIGOD” findings with a presentation at RSA Conference 2022; details how cloud middleware use across cloud service providers can expose customers' virtual machines to new attack vectors

Wiz Research discovers a chain of critical vulnerabilities in the widely used Azure Database for PostgreSQL Flexible Server.

This is the full story of the Azure ChaosDB Vulnerability that was discovered and disclosed by the Wiz Research Team, where we were able to gain complete unrestricted access to the databases of several thousand Microsoft Azure customers.

A summary and recording of Wiz's talk at BlackHat Europe 2021: the full extent of ChaosDB, the impact it had, and the questions it raises about security in managed cloud services.

Wiz Research recently found 4 critical vulnerabilities in OMI, which is one of Azure's most ubiquitous yet least known software agents and is deployed on a large portion of Linux VMs in Azure.

Wiz Research recently discovered a series of alarming vulnerabilities that highlight the supply chain risk of open source code, particularly for customers of cloud computing services.

As part of building a market-leading CNAPP, Wiz Research is constantly looking for new attack surfaces in the cloud. Two weeks ago we discovered an unprecedented breach that affects Azure’s flagship database service, Cosmos DB.