Today, we proudly announce an integration with Microsoft that enables joint customers to integrate our offerings in the cloud successfully. The Wiz integration with Microsoft Sentinel (formerly Azure Sentinel) can enrich findings, correlate across the security stack, and query and analyze issues over time. Mutual customers can also run automation rules to seamlessly synchronize remediation steps. Ultimately, this integration is another pillar in the goal to help joint customers securely build and run everything in the cloud.
Microsoft Sentinel is a cloud-native Security Information and Event Management (SIEM) and Response (SOAR) solution. It is part of the Microsoft Azure cloud computing platform and is designed to help organizations collect, detect, investigate, and respond to cybersecurity threats across their entire enterprise. Microsoft Sentinel can improve security response times with better correlation across security vectors, which are common stumbling blocks to achieving effective cloud security with most traditional SIEMs.
Security data is everywhere but it’s hard to make sense of it all
Cloud security correlation faces several challenges that make it a complex and demanding task. The diverse nature of cloud environments, characterized by multiple cloud providers and services, results in varying logging formats and APIs, making data integration and standardization difficult. The sheer volume and velocity of security event data generated in real-time within cloud infrastructures overwhelm traditional correlation systems, necessitating advanced processing capabilities. Additionally, the complexity of multi-cloud setups further complicates the aggregation and correlation of security events across different cloud environments. Maintaining visibility and control over security event data in some cloud services proves challenging, limiting the efficacy of correlation efforts. Lack of context, concerns over data privacy and compliance, alert fatigue, and the need for advanced threat detection techniques add further difficulty to cloud security correlation. Ultimately, getting ahead of these challenges requires specialized cloud-aware SIEM solutions and a proactive approach to adapt to the ever-evolving cloud security landscape continuously.
The Wiz Integration with Microsoft Sentinel
The new Wiz integration with Microsoft Sentinel helps organizations connect their existing platforms for cloud security and SIEM to break down security silos and bring together the entire security picture. Organizations can use the integration to unlock the following use cases:
Risk and Vulnerability Management: Consolidate all your Wiz issues, vulnerabilities and audit logs in a single repository in the correct data format that your security team and tools can leverage. Enrich your cloud security investigations with context from Wiz and Azure to construct the whole picture. When investigating a suspected breach, gather all the details you need to know including impacted vulnerabilities, workloads, identities and much more at the time of the initial incident.
Query and Analyze: Use a rich query language to investigate your event and log data to develop a deep understanding of cloud security issues, misconfigurations, and attack paths requiring further remediation. Construct an incident timeline to answer every question you might have.
Analyze Security Metrics over time: Get the complete picture of your cloud footprint and security issues. Track metrics to Identify, Protect, Detect, Respond, and Recover and see how your team progresses over time. Drill down reporting to specific groups, business units, or projects. Security teams can easily report on robust metrics such as the number of outstanding issues, gather the number of open vulnerability issues filtered, and many more.
Remediation Workflows: Wiz provides immediate visibility into a customer’s cloud inventory anomalies and vulnerabilities. Wiz then passes this information through to Microsoft Sentinel to perform the exact remediation steps you want to take automatically - for example, notifying the owner, paging an on-call team, or documenting the event in a case management system such as Jira.
Wiz has created a strong collaboration with Microsoft, improving the way cloud security teams function. A deep integration between the two products facilitates a strong cloud security program that not only enables securing everything that runs in the cloud but also improves how teams respond to threats and actively reduce risk.
Oron Noah, Director of Product Management, Wiz
Wiz integration with Microsoft Sentinel elevates how organizations detect and respond to cloud risk by enriching their security findings and synchronizing response steps with a few clicks. This integration is a win-win for our customers.
Eric Burkholder, Senior Program Manager, Microsoft for Sentinel
Wiz collaboration with Microsoft setup to drive success in the cloud
Wiz collaboration with Microsoft is built on a solid foundation that has grown from strength to strength. Some of the highlights include:
Wiz has been a Microsoft partner since 2020, achieving a Top Tier partner status in 2022 and IP Co-Sell ready to provide its seamless cloud security to strategic Azure customers.
Wiz is an enabled ISV on the Microsoft Azure Consumption Commitment (MACC) program, which allows us to sell to strategic Microsoft customers with digital procurement through the Azure Marketplace.
Multiple product level integrations across Azure and various security services including the Wiz integration with Microsoft Sentinel.
Customers can enrich findings, run effective security investigations, automate response, and track security metrics. This integration is available today to all customers. Getting started is simple. Joint customers can get started in a few easy steps. All you need is outlined in the Wiz docs (login required). This integration is just the start. Questions? We’d love to hear from you. Reach out and our team will be glad to assist.
Learn about the process of preventing security issues by changing things outside of your environment by looking at how a misconfiguration was occurring when Github Actions were integrated with AWS IAM roles and the improvements made that have now made this misconfiguration much less likely.
Get a personalized demo
Ready to see Wiz in action?
“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Greg PoniatowskiHead of Threat and Vulnerability Management