Featured
3 OAuth TTPs Seen This Month — and How to Detect Them with Entra ID Logs
How OAuth tokens, JWT fields and Entra sign-in logs reveal attacker behavior, and how to turn those signals into reliable detections.
Blog
Mastering Software Governance with Hosted Technologies Inventory
Gain visibility into every technology in your environment and eliminate governance gaps.
Shai-Hulud 2.0 Supply Chain Attack: 25K+ Repos Exposing Secrets
Detect and mitigate malicious npm packages linked to the recent Shai-Hulud-style campaign. Over 25,000 affected repositories across ~350 unique users.
Get Certified on Wiz Defend for Threat Detection and Response
Wiz Defend Certification validates skills in cloud threat detection and response for SOC, IT, and security professionals.
Blueprint for Security: A Guide to Code, Governance, and Response Frameworks
Building a Foundation for Security and Compliance
Google Unified Security Recommended Program Names Wiz Among First 3 Strategic Partners
Inaugural partner program reflects commitment to building an open, unified future for security.
Introducing Posture Issues: Transform Security Findings into Actionable Outcomes
Streamline Security Backlogs by Grouping Vulnerabilities, Secrets, and Data Findings into Posture Issues
Empower and Accelerate Your SOC with the Wiz SecOps AI Agent
Meet the SecOps AI Agent: AI-powered threat triage built on the Wiz platform. Investigate every threat with speed and transparency
Exposure Report: 65% of Leading AI Companies Found with Verified Secret Leaks
How secure are top private AI companies? Find out from our scans and disclosures.
Wizdom 2025 Product Announcements: Extending the Cloud Operating Model
At Wizdom 2025, we’re unveiling two new AI agents alongside new product innovations that deepen and extend the graph across SaaS, workloads, AI infrastructure, and external exposures. Together, these advances enable teams to secure everything they build and run in the cloud and beyond.
When AI Becomes the Heart of Security: Powering a Future You Can Trust
Helping teams see clearly, decide wisely, and move safely.
AI-Powered Wiz: From Agents to Everyday Intelligence
How Wiz AI Agents and Integrations Meet You Where You Work
Defend Agentless Workload Detection: Bringing Visibility to Blind Spots in Threat Detection
Providing unconditional visibility into your environment
Securing AI Agents with Wiz AI-SPM
How Wiz brings visibility, context, and continuous defense to the new era of intelligent automation.
Meet Wiz for M365: Bringing SaaS into the Security Graph
Secure Microsoft 365 and the cloud it powers — one platform, one graph, complete context.
Introducing Wiz ASM: Context-Driven Attack Surface Management
Wiz launches Attack Surface Scanner to bring context, ownership, and prioritization to every exposure, anywhere.
Securing Critical Infrastructure in the Cloud Era: A Policy and Technology Blueprint
Why Securing Critical Infrastructure Requires a Modern Approach
How CISOs Should Plan Security Budgets for 2026
Build a defensible 2026 security budget with data, not guesswork. We share practical tips, ROI levers, and fresh insights from our survey of 300+ CISOs and security leaders.
Beyond the Checkbox: How Wiz Transforms SOC 2 into a Security Powerhouse
Turning compliance chaos into continuous confidence.
Bringing Visibility to Kubernetes: Unified Inventory and Network Insight
Bridge the gap between Platform and Security teams with unified inventory and network visibility across Kubernetes clusters.
The Foundation Modern AppSec Is Still Missing: Code to Cloud, Rebuilt the Right Way
See every risk, from the first line of code to what’s running in production. No resource tagging. No CI/CD hacks. Just automatic, reliable traceability both developers and security teams can act on.
Dismantling a Critical Supply Chain Risk in VSCode Extension Marketplaces
Wiz Research has uncovered 550+ secrets hiding in plain sight. We worked with Microsoft to shut the door.
Introducing HoneyBee: How We Automate Honeypot Deployment for Threat Research
Turning attacker insights into stronger cloud security protections.
RediShell: Critical Remote Code Execution Vulnerability (CVE-2025-49844) in Redis, 10 CVSS score
Wiz Research discovers vulnerability stemming from 13-year-old bug present in all Redis versions, used in 75% of cloud environments.
Defending against database ransomware attacks
How attackers exploit exposed databases for extortion—and the defenses that work.