Wiz and Google Cloud’s Security Command Center: Modern threat detection and response rooted in risk prioritization

Fully understand the impact and architecture behind any threat to streamline and speed effective response with a first-of-its-kind integration combining the Wiz Security Graph’s deep cloud and multi-cloud risk context with Google Cloud’s Security Command Center’s advanced threat detection.

3 min read

Earlier this summer, we extended the Wiz Security Graph to Security Operations Center (SOC) and Incident Response teams, so they could better simulate, detect, and respond to threats with Wiz Cloud Detection and Response. We have since released new Dynamic Scanner and integration capabilities that have resulted in a 10x improvement in the time that cloud defenders spend detecting and manually analyzing threats. Today, we’re proud to announce that we are now the first cloud security platform to integrate with Google Cloud’s Security Command Center (SCC) to bring these efficiency gains to Google Cloud workloads and expand our partnership with Google Cloud. Now, with just a quick glance at the Wiz Security Graph, organizations can quickly and fully understand the impact of an unfolding threat and prioritize the most effective response based on the underlying architecture and risk. 

Enable your Google Cloud defenders with context and prioritization 

Do your teams end up responding to and triaging a never-ending slew of alerts about brute force attacks? Or do they spend hours writing rules to ignore irrelevant detections? What if you could empower your teams with high fidelity context about cloud resources and associated risks, so that they can choose the most impactful remediation step for your business? In the below graph, Wiz shows you that this is a critical brute force attack detected by Google Cloud’s SCC that warrants your team’s immediate attention. The virtual machine under attack has a critical vulnerability with a known exploit and is actually publicly exposed to the internet. Furthermore, it has a lateral movement path to a production administrator role that has access to a critical database. This is the power of context. There is no doubt that this is an important threat with a significant blast radius that your team should work urgently to remediate. 

Wiz Security Graph visualization of an exposed Google Cloud Compute Instance with a critical vulnerability and a lateral movement finding on which Google Cloud’s Security Command Center has also detected potentially suspicious events.

With SCC’s best of breed protections for Google Cloud merged with the multi-cloud context that Wiz provides, customers and their security teams can secure and respond to threats on their cloud environment with increased efficiency.

Jess Leroy, Director, Security Product Management, Google Cloud

The combined power of Wiz Cloud Detection and Response and Google Cloud’s Security Command Center improves your readiness for the next threat in three key ways: 

  • Efficient threat investigation: Rapidly understand the impact and blast radius of each threat on your cloud environment with a unified layer of data and visibility across cloud risks, events and threats for Google Cloud and multi-cloud environments.

  • Focused threat response: Focus your teams on the most important issues to resolve during an unfolding threat by correlating threats with the underlying cloud risk by incorporating threats into the risk assessment across misconfigurations, vulnerabilities, network exposure, excessive permissions, and exposed secrets to build a single prioritized queue of issues.

  • Streamlined incident response: Automate cloud-native incident response with Google Cloud playbooks to investigate and isolate affected resources, enabling your teams to respond at scale for Google Cloud workloads involved in an unfolding threat.

Value for cloud defenders and builders 

Wiz gives your teams a solution that automatically correlates cloud events and threat detection information against all other cloud risk factors with a single deployment, single visibility layer with all context, a single policy layer spanning events, and a single prioritized view of issues. Faster investigation and response limits the blast radius of a threat and speeds hardening of the environment, reducing the mean-time-to-response (MTTR), the likelihood of a breach, and the potential cost of a breach. 

Risk context and prioritization for threats enables operational efficiency for your SOC and IR teams that no longer need to manually investigate alerts, comb through Google Cloud logs, and waste time triaging each issue. This extends further to your development teams that can remain focused on building instead of being pulled into tactical remediation of the affected cloud resources that they own. 

This integration is generally available and Wiz Advanced and Wiz CDR customers can begin using this functionality. 

To learn more about how you can modernize your approach to threat detection and response in your Google Cloud workloads, contact us to see a demo of the integration in action. 

Secure everything you build and run in the cloud

Organizations of all sizes and industries use Wiz to rapidly identify and remove the most critical risks in AWS, Azure, GCP, OCI, and Kubernetes so they can build faster and more securely.

Continue reading

Wiz introduces VMware vSphere support to provide a unified hybrid cloud security platform

vSphere integration makes Wiz the first cloud security platform to protect both on-premises and cloud environments without an agent.

OpenSSL vulnerabilities: Everything you need to know

On November 1st, 2022, the OpenSSL Project disclosed High severity vulnerabilities CVE-2022-3786 and CVE-2022-3602, affecting deployments of OpenSSL 3.0.0–3.0.6. Learn how to effectively manage your organization's patching efforts.

Wiz rapidly finds and removes risks across the container development lifecycle and entire cloud environment

New Wiz capabilities protect containerized applications by bringing deep cloud context and visibility to quickly identify and prioritize risks across containers, Kubernetes and cloud environments without agents