Wiz extends vulnerability scanning support to MacOS instances

Wiz customers can now detect vulnerabilities in MacOS workloads and their software components with agentless scanning, and assess their secure configurations against built-in CIS Benchmarks for Apple MacOS

2 minutes read

We are excited to announce that Wiz is extending our vulnerability scanning support to MacOS instances. With this addition, customers running MacOS workloads can detect vulnerabilities across their cloud environments without having to deploy agents. The EC2 Mac instances for macOS enable AWS customers to run macOS workloads in the cloud and leverage its many benefits such as scalability, flexibility, and cost efficiency. Developers can set up MacOS instances within minutes to build apps for different Apple products. Prior to EC2 Mac instances, organizations had to handle procurement and management of the MacOS infrastructure on prem; now they can simply launch instances with the click of a button.  

Staying protected against vulnerabilities in the cloud, regardless of the machine’s operating system, remains a priority for security organizations. The Wiz Research team found that 71% of MacOS machines in cloud environments are vulnerable to at least one high/critical vulnerability. Wiz is extending our support to MacOS instances to continue addressing the evolving security needs of modern organizations.

Now customers can gain visibility into any MacOS instances running in their environment on the Inventory page, as well as visualize them on the Wiz Security Graph. Extending our vulnerability scanning to MacOS allows customers to determine whether a macOS package, application, or operating system is susceptible to a vulnerability. By adding MacOS support, organizations gain a unified approach that empowers them to identify and prioritize vulnerabilities across all platforms, regardless of their operating system. 

Wiz’s agentless vulnerability scanning 

The new MacOS scanning is done using Wiz’s agentless vulnerability scanning technology, which provides complete visibility using a single cloud-native API connector to continuously assess workloads — without needing any ongoing maintenance. Wiz’s vulnerability catalog consists of over 70k+ supported vulnerabilities, with vulnerabilities sourced from Wiz Research along with numerous third-party threat intelligence feeds.  

You can leverage the Wiz Threat Center to immediately identify workload exposure to the latest vulnerabilities in your environment. Information in the Threat Center is sourced from Wiz Research, along with numerous third-party threat intelligence feeds. Any vulnerabilities detected in your MacOS workloads are modeled on the Wiz Security Graph, which gives you greater context around vulnerability prioritization such as network exposures, high-privileges or excessive permissions, access to sensitive data, exposed secrets, and misconfigurations. 

Assess your MacOS host configuration  

Hardening any operating system involves a complex process of defining, monitoring, and enforcing secure configuration. The approach is unique for each operating system used. To help you streamline this process, we're excited to add new host configuration rules to Wiz that help you align with CIS for MacOS Benchmarks. You can leverage our host configuration checks without having to set up agents, allowing you to quickly gain visibility into your MacOS configuration and ensure that it follows security best practicesץ

Get started now with agentless vulnerability scanning for MacOS, learn more in the Wiz Docs (login required). If you prefer a live demo, we would love to connect with you. 



Continue reading

Proof of storage crypto miners

We explore “proof-of-storage" cryptocurrencies like Chia, the potential for proof-of-storage cryptojacking attacks, and steps defenders can take to detect them.

Get a personalized demo

Ready to see Wiz in action?

“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Greg PoniatowskiHead of Threat and Vulnerability Management