Attending fwd:cloudsec on July 25th? Be sure to check out one of our Research Team’s four sessions during the conference. Wiz is proud to have a series of sessions to explore how we discovered cloud vulnerabilities that affected thousands of cloud customers and organizations.
Meet us at our booth
Visit us at our table onsite where our Wiz Research Team will be available to answer any questions you have about the numerous research pieces they’ve published, including ChaosDB and OMIGOD.
Attend one of our sessions
Monday, July 25, 17:30 – 18:15 ET: “ Shifting Right” with policy code - In this talk, you'll learn the basics of policy-as-code, see some real-world examples, and learn how to get started applying the technology and techniques in your own environment.
Monday, July 25, 16:45 – 17:30 ET: We built a community of cloud vulnerability database, now what? - We will review the weaknesses of the cloud that the new central database unveils, and present novel findings about the security impact that the lack of an established cloud vulnerabilities model results in. We will make the case for extending the current CVE model to be more cloud friendly as the current model is broken and call everyone to join the movement for change.
Monday, July 25, 9:20 – 10:00 ET : Cloudy With a Chance of Vulnerabilities – Finding and exploiting vulnerabilities in the cloud - In this session, we share the methodologies and internally developed strategy we used to successfully uncover multiple critical vulnerabilities and design issues in the core of major CSPs. Covering the whole research process - from choosing a target to exploiting a remote code execution vulnerability on a managed service, we will explain how we found issues that affected thousands of cloud customers and organizations.
Monday, July 25, 16:00 – 16:20 ET: Secret Agents: Demystifying (and Pwning) Cloud Middleware - In this session, we will unveil new research on the unseen risk of "cloud middleware" - the proprietary software that bridges customers' virtual machines and cloud service providers' integrations. We found that this software is commonly installed on customers' virtual machines without the customer’s awareness or explicit consent and can often introduce new potential attack surfaces to cloud environments.
Wind Down with Wiz
Monday, July 25, 5:30 – 8:30pm ET
@ Flight Club Boston
Come join Wiz at Flight Club for an evening of darts and drinks after fwd:cloudsec. You’ll have an opportunity to mingle with our Research Team after their sessions, connect with peers, play some darts, and enjoy some food and drink at the infamous Flight Club! Reserve your spot here.
We hope to see you in Boston!