Earlier this summer, we extended the Wiz Security Graph to Security Operations Center (SOC) and Incident Response teams, so they could better simulate, detect, and respond to threats with Wiz Cloud Detection and Response. We have since released new Dynamic Scanner and integration capabilities that have resulted in a 10x improvement in the time that cloud defenders spend detecting and manually analyzing threats. Today, we’re proud to announce that we are now the first cloud security platform to integrate with Google Cloud’s Security Command Center (SCC) to bring these efficiency gains to Google Cloud workloads and expand our partnership with Google Cloud. Now, with just a quick glance at the Wiz Security Graph, organizations can quickly and fully understand the impact of an unfolding threat and prioritize the most effective response based on the underlying architecture and risk.
Enable your Google Cloud defenders with context and prioritization
Do your teams end up responding to and triaging a never-ending slew of alerts about brute force attacks? Or do they spend hours writing rules to ignore irrelevant detections? What if you could empower your teams with high fidelity context about cloud resources and associated risks, so that they can choose the most impactful remediation step for your business? In the below graph, Wiz shows you that this is a critical brute force attack detected by Google Cloud’s SCC that warrants your team’s immediate attention. The virtual machine under attack has a critical vulnerability with a known exploit and is actually publicly exposed to the internet. Furthermore, it has a lateral movement path to a production administrator role that has access to a critical database. This is the power of context. There is no doubt that this is an important threat with a significant blast radius that your team should work urgently to remediate.
With SCC’s best of breed protections for Google Cloud merged with the multi-cloud context that Wiz provides, customers and their security teams can secure and respond to threats on their cloud environment with increased efficiency.
Jess Leroy, Director, Security Product Management, Google Cloud
The combined power of cloud detection and response and Google Cloud’s Security Command Center improves your readiness for the next threat in three key ways:
Efficient threat investigation: Rapidly understand the impact and blast radius of each threat on your cloud environment with a unified layer of data and visibility across cloud risks, events and threats for Google Cloud and multi-cloud environments.
Focused threat response: Focus your teams on the most important issues to resolve during an unfolding threat by correlating threats with the underlying cloud risk by incorporating threats into the risk assessment across misconfigurations, vulnerabilities, network exposure, excessive permissions, and exposed secrets to build a single prioritized queue of issues.
Streamlined incident response: Automate cloud-native incident response with Google Cloud playbooks to investigate and isolate affected resources, enabling your teams to respond at scale for Google Cloud workloads involved in an unfolding threat.
Value for cloud defenders and builders
Wiz gives your teams a solution that automatically correlates cloud events and threat detection information against all other cloud risk factors with a single deployment, single visibility layer with all context, a single policy layer spanning events, and a single prioritized view of issues. Faster investigation and response limits the blast radius of a threat and speeds hardening of the environment, reducing the mean-time-to-response (MTTR), the likelihood of a breach, and the potential cost of a breach.
Risk context and prioritization for threats enables operational efficiency for your SOC and IR teams that no longer need to manually investigate alerts, comb through Google Cloud logs, and waste time triaging each issue. This extends further to your development teams that can remain focused on building instead of being pulled into tactical remediation of the affected cloud resources that they own.
This integration is generally available and Wiz Advanced and Wiz CDR customers can begin using this functionality.
To learn more about how you can modernize your approach to threat detection and response in your Google Cloud workloads, contact us to see a demo of the integration in action.
