Wiz introduces agentless solution for detecting host and application misconfigurations

Wiz extends its risk assessment to support host and application level misconfigurations, enabling customers to ensure security and compliance posture for applications.

2 minutes read

Editor’s note: We also published a deep dive blog on custom host configuration rules, learn more here. 

Assessing and remediating application and host misconfigurations is key to enhancing compliance and reducing risks in the cloud. Traditional agent-based tools require security teams to sift through lots of noisy alerts, searching through thousands of issues without any other context to find misconfigurations that matter. Relying on agents also prevents full coverage for workloads as Wiz research shows that only 20% of virtual machines even have an endpoint protection agent deployed. On the other hand, Cloud Security Posture Management (CSPMs) tools have made it simpler to achieve compliance at the cloud level, but configuration analysis at the host level has remained a blind spot and creates a consistency gap between the cloud level and host level. 

Organizations want to safeguard their cloud infrastructure and applications using security architecture best practices. Until now, they’ve lacked a simple approach that comprehensively assesses security posture from the application and the host operating system down to the workload it runs on. Identifying risky misconfigurations requires time-intensive manual effort and tedious agent enforcement that prevents teams from actually improving compliance. 

Extending risk assessment to host configurations 

Today, I’m excited to share that we’re extending our capabilities around cloud configuration rules to the host level. Our solution follows the same easy-to-deploy and non-intrusive agentless approach that Wiz is known for. With this new feature, you can easily see OS and app-level configuration issues and write host configuration rules like you do for Wiz cloud configuration rules from a single pane of glass.  

To get started, you can either leverage Wiz’s existing built-in host configuration rules, or simply create your own custom rule. The built-in rules and assessment is powered by a flexible query-based engine that can detect files, patterns, and content. Our Host Configuration Rule editor allows you to easily define a custom rule using the official OVAL engine schema. 

Wiz includes support for more than 7,000 rules across frameworks such as the CIS Benchmark for Red Hat Enterprise Linux, Ubuntu Linux, NGINX, and Microsoft Windows Server. If a host resource has a failed check against a rule, it will generate a host configuration finding. 

Host configuration assessment brings a new layer of context that allows organizations to focus their efforts with the variety of policies on the compliance posture score. For example, the assessment can not only help identify how many of your VMs are not compliant according to the official CIS Debian Family Linux Benchmark, but also help detect weak areas in the compliance heatmap. 

Start assessing host configurations today 

Our goal is to give you the right solutions to easily secure everything you build and run in the cloud. Starting today, host configuration assessment is available for all Wiz Advanced customers. For details, check out our solutions page to see how Wiz can help you ensure compliance. If you prefer a live demo, we would love to connect with you. 

Secure everything you build and run in the cloud

Organizations of all sizes and industries use Wiz to rapidly identify and remove the most critical risks in AWS, Azure, GCP, OCI, and Kubernetes so they can build faster and more securely.

Continue reading

Giving thanks for a more secure cloud

We'd like to take a moment this holiday season to recognize our greatest asset—our customers.

Wiz at re:Invent 2022 (event recap)

Get all the news from Las Vegas and learn about how Wiz and AWS continue to strengthen a strategic relationship to secure customers’ AWS environments.

Hell’s Keychain: Supply-chain vulnerability in IBM Cloud Databases for PostgreSQL allows potential unauthorized database access

How IBM Cloud caught us exploring its infrastructure and how a hardcoded secret eventually led to build artifact access and manipulation