Until today, CSPM tools offered visibility and risk analysis for only supported cloud services. We are excited to announce that starting today, Wiz provides full visibility to *all* cloud services your company may use, regardless of whether we fully support them for risk assessment or not. This means that our customers can now get a complete picture of their cloud infrastructure to prevent shadow IT. This provides our customers with even greater insight and security for their cloud usage.
Shadow IT is a concern for every organization. As cloud providers add more and more services on a regular basis, security teams have a hard time keeping track of what is even in use. Recently at AWS re:invent, AWS announced 50+ new and updated cloud services. Cloud builders may begin testing and using these new services without the knowledge and approval of security. This introduces several security and compliance risks as it is difficult for security to detect or review these technologies. Generation 1 CSPM tools can’t keep pace with new additions in real-time, so security often must wait months or longer for vendors to prioritize and develop support for each new technology, leaving them without a full inventory and a huge blind spot.
The Wiz inventory already gives customers deep visibility into what cloud resources, applications, operating systems, and packages exist in their environment in minutes. We’re excited to release enhancements to the Wiz inventory to provide full coverage to detect cloud services to give customers:
Full visibility into what cloud services are in use and where, including new services that may have just been released days ago.
Governance over what cloud services can and cannot be used along with enforcement of related security policies.
Shine a light on shadow IT
Customers can now see any cloud service provider’s services in use with newly released services automatically detected. If someone in your organization begins to use a new cloud service (such as the newly announced Amazon OpenSearch Serverless), Wiz will automatically show that technology and map it to where it is being used in your environment. This enables security, DevOps, and FinOps teams to get rapid visibility over all technology usage and the ability to drill down into the region, account, or business unit it is being used in.
Take control and prevent usage of unwanted cloud services
In addition to visibility to prevent shadow IT, security teams also need the ability to control and govern cloud service usage. Wiz enables organizations to create and enforce different security policies based on business requirements. For example, you may require your teams to only use specific services that have been evaluated and approved by security and disallow all other services in your production environment. With Wiz, all new services will appear as unreviewed and you can mark the status as required, approved, or unwanted once security has reviewed it. Teams can then set up alerting or automation when policies are violated. In this case, as soon as an unwanted or unreviewed service is detected in the production environment, an alert will be automatically triggered so your teams can act quickly.
Security and GRC teams can now review and manage all the services deployed in their cloud from a single location. Further, removal of unwanted and redundant technologies enables organizations to remove risk, ensure compliance, and reduce the costs associated with shadow IT.
The enhanced Wiz inventory is available now to all customers to better understand and control shadow IT. To learn more about Wiz and how you can gain full visibility over the cloud services deployed in your environment, contact us to see a demo.