Shaked Rotlevi

Shaked is a Technical Product Marketing Manager (PMM) focused on Wiz's core capabilities, including CSPM, CIEM, and Vulnerability Management which help organizations establish a secure foundation in the cloud. Previously, she's been part of Public Sector Solutions Architecture team at AWS as well as a Technical Program Manager on the AWS Config team. Outside work, Shaked loves playing volleyball, surfing and anything outdoors.

Shaked Rotlevi artículos

¿Qué es CSPM?

Shaked Rotlevi

14 de enero de 2026

La gestión de la postura de seguridad en la nube (CSPM) describe el proceso de detección y solución continua de riesgos en entornos y servicios en la nube (por ejemplo, contenedores S3 con acceso de lectura público). Las herramientas CSPM evalúan automáticamente las configuraciones de la nube en función de las mejores prácticas de la industria, los requisitos normativos y las políticas de seguridad para garantizar que los entornos en la nube sean seguros y estén gestionados de forma adecuada.

¿Qué es DSPM? [Data Security Posture Management]

Shaked Rotlevi

13 de enero de 2026

La gestión de la postura de seguridad de los datos (DSPM) es una solución diseñada para supervisar continuamente las políticas y procedimientos de seguridad de los datos de una organización con el fin de detectar vulnerabilidades y riesgos potenciales.

How to Build a Data Security Policy in 2026 (with Template)

Shaked Rotlevi

13 de enero de 2026

Learn how to build a strong data security policy in 2026 using DSPM and CIEM to protect your sensitive data, reduce risk, and simplify cloud compliance.

Explicación del cumplimiento de la seguridad de los datos

Shaked Rotlevi

8 de enero de 2026

El cumplimiento de la seguridad de los datos es un aspecto crítico de la gobernanza de datos que implica el cumplimiento de las normas y reglamentos centrados en la seguridad establecidos por los organismos supervisores y reguladores, incluidas las agencias federales.

Ver demostración de 12 minutos

Mira cómo Wiz convierte la visibilidad instantánea en una remediación rápida.

Cross-Site Request Forgery (CSRF): Examples and Prevention

Shaked Rotlevi

29 de diciembre de 2025

Discover how CSRF attacks work, identify common vulnerabilities, and learn the best methods for preventing CSRF attacks to keep your applications secure.

¿Qué es un Prompt Injection Attack?

Shaked Rotlevi

29 de diciembre de 2025

Los ataques de inyección de avisos son una amenaza para la seguridad de la IA en la que un atacante manipula el mensaje de entrada en los sistemas de procesamiento de lenguaje natural (NLP) para influir en la salida del sistema.

AI Data Security: Key Principles and Best Practices

Shaked Rotlevi

24 de diciembre de 2025

AI data security is a specialized practice at the intersection of data protection and AI security that’s aimed at safeguarding data used in AI and machine learning (ML) systems.

Tenable Competitors: Platforms and Approaches to Exposure Management

Shaked Rotlevi

15 de diciembre de 2025

Exposure Management vs Attack Surface Management (ASM)

Shaked Rotlevi

21 de noviembre de 2025

Attack Surface Management (ASM) vs Unified Vulnerability Management (UVM)

Shaked Rotlevi

21 de noviembre de 2025

AI-BOM: Building an AI Bill of Materials

Shaked Rotlevi

17 de noviembre de 2025

An AI bill of materials (AI-BOM) is a complete inventory of all the assets in your organization’s AI ecosystem. It documents datasets, models, software, hardware, and dependencies across the entire lifecycle of AI systems—from initial development to deployment and monitoring.

What is zero trust? A cloud security perspective

Shaked Rotlevi

31 de octubre de 2025

Zero trust is a dynamic, risk-based approach that protects against internal and external threats by eliminating implicit trust within the network.

Gobernanza de la IA: principios, regulaciones y consejos prácticos

Shaked Rotlevi

17 de octubre de 2025

En esta guía, analizaremos por qué la gobernanza de la IA se ha vuelto tan crucial para las organizaciones, destacaremos los principios y regulaciones clave que dan forma a este espacio y proporcionaremos pasos prácticos para crear su propio marco de gobernanza.

AI Compliance in 2026: Definition, Standards, and Frameworks

Shaked Rotlevi

16 de octubre de 2025

AI compliance standards are changing fast, yet 85% of organizations still use AI tools. Get best practices and frameworks to protect your cloud environment.

What are zero-day exploits?

Shaked Rotlevi

10 de octubre de 2025

Zero-day exploits target unknown vulnerabilities before patches exist, which often makes traditional signature-based defenses ineffective.

Essential AI Security Best Practices

Shaked Rotlevi

18 de septiembre de 2025

To manage risks associated with AI, organizations need a strategic and well-coordinated security approach that extends traditional cybersecurity measures to the unique needs of AI.

¿Qué es CIEM? Casos de uso, desafíos y beneficios de la gestión de derechos de infraestructura en la nube

Shaked Rotlevi

17 de septiembre de 2025

La gestión de derechos de infraestructura en la nube (CIEM) es un proceso de seguridad que ayuda a las organizaciones a gestionar y controlar los derechos de acceso a los recursos en la nube.

Rapid7 vs. Tenable: How Their Cloud Security Approaches Compare

Shaked Rotlevi

1 de septiembre de 2025

Rapid7 vs. Tenable: Compare cloud security capabilities, vulnerability management, and threat detection to see which platform better protects your cloud environment.

What is cloud security testing?

Shaked Rotlevi

29 de agosto de 2025

Cloud security testing is the process of evaluating your entire cloud infrastructure for security risks and misconfigurations—proactively, systematically, and continuously.

Top 10 cloud compliance tools in 2026

Shaked Rotlevi

14 de agosto de 2025

When selecting a cloud compliance tool, look for features like comprehensive framework coverage, multi- and hybrid cloud visibility, context-aware risk prioritization, developer workflow integration, and automated evidence collection and reporting.

Vulnerability Prioritization: Building a Maximum Security Strategy

Shaked Rotlevi

13 de agosto de 2025

Vulnerability prioritization helps you manage your cloud risk efficiently. Discover how to pinpoint threats with context, automation, and real-time insights.

Operationalizing Cloud Governance Best Practices

Shaked Rotlevi

8 de agosto de 2025

In this article we'll cover a tried-and-true governance strategy, a practical five-layer operating model, and guidance on how to operationalize it using the right people, processes, and platforms.

Top Palo Alto Networks Competitors & Alternatives 2026

Shaked Rotlevi

8 de agosto de 2025

In this article, we’ll go through six of today’s leading cloud security platforms so you can see which one offers the best fit for your organization's unique security needs.

Herramientas de seguridad de IA: el kit de herramientas de código abierto

Shaked Rotlevi

31 de julio de 2025

Profundizaremos en el panorama de las herramientas de MLSecOps revisando las cinco áreas fundamentales de MLSecOps, explorando la creciente importancia de MLSecOps para las organizaciones y presentando seis interesantes herramientas de código abierto para revisar

Cloud Entitlement Management: How to reduce identity risk with context

Shaked Rotlevi

11 de julio de 2025

Cloud entitlements are access and administrative privileges that define what resources users can access and how they can interact with those resources.

Data Leakage: riesgos, causas y prevención

Shaked Rotlevi

8 de julio de 2025

La fuga de datos es la exfiltración incontrolada de datos de la organización a un tercero. Se produce a través de varios medios, como bases de datos mal configuradas, servidores de red mal protegidos, ataques de phishing o incluso un manejo de datos descuidado.

ChatGPT Security for Enterprises: Risks and Best Practices

Shaked Rotlevi

2 de julio de 2025

ChatGPT security is the process of protecting an organization from the compliance, brand image, customer experience, and general safety risks that ChatGPT introduces into applications.

What is Cyber Asset Attack Surface Management (CAASM)?

Shaked Rotlevi

26 de junio de 2025

Cyber asset attack surface management (CAASM) is a security practice that gives teams unified visibility and control over all enterprise assets—cloud, SaaS, on-prem, and beyond. It helps eliminate blind spots and reduce risk by correlating asset data from across your environment and tools. CAASM enables teams to query, prioritize, and act from a single source of truth.

Rapid7 vs CrowdStrike: Cloud Security Detection Compared

Shaked Rotlevi

4 de junio de 2025

Compare Rapid7 and CrowdStrike: features, threat detection, endpoint protection, and performance to help you choose the right solution for your team.

¿Qué es Cloud Compliance (Cloud Compliance) ?

Shaked Rotlevi

31 de mayo de 2025

El cumplimiento de la nube es el conjunto de procedimientos, controles y medidas organizativas que debe implementar para garantizar que sus activos basados en la nube cumplan con los requisitos de las regulaciones, estándares y marcos de protección de datos que son relevantes para su organización.

7 Serious AI Security Risks and How to Mitigate Them

Shaked Rotlevi

28 de marzo de 2025

There are many sneaky AI security risks that could impact your organization. Learn practical steps to protect your systems and data while still leveraging AI's benefits.

Zero Trust Security: Checklist to Implement, Tools to Use, and Key Challenges

Shaked Rotlevi

26 de marzo de 2025

Understanding how to implement zero trust architecture is crucial for protecting against the complexities of modern cyber threats.

AWS AI Security: Securing AI workloads on AWS

Shaked Rotlevi

24 de marzo de 2025

AWS offers a complete, scalable suite for AI that covers everything from data prep to model deployment, making it easier for developers to innovate quickly.

13 Essential AWS IAM Best Practices

Shaked Rotlevi

13 de marzo de 2025

13 essential best practices for every organization + the common tools and services that can support them

Mastering AWS Security Groups: Essential Best Practices

Shaked Rotlevi

12 de marzo de 2025

AWS security groups (SGs) are virtual firewalls for your EC2 instances that control both inbound and outbound traffic.

¿Qué es AI-SPM? [Gestión de la postura de seguridad de la IA]

Shaked Rotlevi

7 de febrero de 2025

AI-SPM (gestión de la postura de seguridad de la IA) es un componente nuevo y crítico de la ciberseguridad empresarial que protege los modelos, las canalizaciones, los datos y los servicios de IA.

13 Essential Data Security Best Practices in the Cloud

Shaked Rotlevi

19 de diciembre de 2024

Cloud data security is the practice of safeguarding sensitive data, intellectual property, and secrets from unauthorized access, tampering, and data breaches. It involves implementing security policies, applying controls, and adopting technologies to secure all data in cloud environments.

What is Data Risk Management?

Shaked Rotlevi

13 de diciembre de 2024

Data risk management involves detecting, assessing, and remediating critical risks associated with data. We're talking about risks like exposure, misconfigurations, leakage, and a general lack of visibility.

What is Data Detection and Response?

Shaked Rotlevi

12 de diciembre de 2024

Data detection and response (DDR) is a cybersecurity solution that uses real-time data monitoring, analysis, and automated response to protect sensitive data from sophisticated attacks that traditional security measures might miss, such as insider threats, advanced persistent threats (APTs), and supply chain attacks.

What is Data Flow Mapping?

Shaked Rotlevi

22 de noviembre de 2024

In this article, we’ll take a closer look at everything you need to know about data flow mapping: its huge benefits, how to create one, and best practices, and we’ll also provide sample templates using real-life examples.

What is Data Sprawl? Causes, Risks, and Management

Shaked Rotlevi

25 de octubre de 2024

Data sprawl refers to the dramatic proliferation of enterprise data across IT environments, which can lead to management challenges and security risks.

AI Risk Management: Essential AI SecOps Guide

Shaked Rotlevi

11 de septiembre de 2024

AI risk management is a set of tools and practices for assessing and securing artificial intelligence environments. Because of the non-deterministic, fast-evolving, and deep-tech nature of AI, effective AI risk management and SecOps requires more than just reactive measures.

What is LLM Jacking?

Shaked Rotlevi

5 de agosto de 2024

LLM jacking is an attack technique that cybercriminals use to manipulate and exploit an enterprise’s cloud-based LLMs (large language models).

Configuration Drift Explained

Shaked Rotlevi

6 de octubre de 2023

Configuration drift is when operating environments deviate from a baseline or standard configuration over time.

Shaked Rotlevi Mensajes

Protecting Against Zero-Day Vulnerabilities with SOC-Level ASM Alert

Mika Maymon, Gal Nagli, Shaked Rotlevi

30 de diciembre de 2025

Outpacing React2Shell using pre-breach alerts from Wiz ASM to eliminate exploitable risk before attackers find them

The Kenna Transition: Your Strategic Shift to Exposure Management

Oron Noah, Shaked Rotlevi

23 de diciembre de 2025

How the Kenna sunset is giving security leaders the opportunity to outgrow vulnerability silos and adopt a unified exposure management model.

It's Here! Wiz Exposure Management is Now GA

Eyal Golombek, Alon Weiss, Shaked Rotlevi

2 de diciembre de 2025

Moving beyond CVE counts to true exposure management everywhere with new UVM and ASM capabilities, now GA

Introducing Wiz ASM: Context-Driven Attack Surface Management

Mika Maymon, Alon Weiss, Gal Nagli, Shaked Rotlevi

3 de noviembre de 2025

Wiz launches Attack Surface Scanner to bring context, ownership, and prioritization to every exposure, anywhere.

Wiz MCP Server Now Available in the new AWS Marketplace AI Agents and Tools category

Dan Segev, Hen Perez, Shaked Rotlevi

17 de julio de 2025

Improve security posture and remediate risks faster using natural language workflows.

Wiz Integrates with NVIDIA Enterprise AI Factory Validated Design

Shaked Rotlevi, Alon Schindel, Nadav Tzuker

12 de junio de 2025

Wiz is now included in the NVIDIA Enterprise AI Factory validated design, integrating with NVIDIA AI to help developers securely build and deploy enterprise AI agents at scale.

CIEM and Secure Cloud Access: Best Practices from Wiz and CyberArk

Shaked Rotlevi, Sam Flaster

16 de abril de 2025

Learn how to secure your cloud identities and operationalize Zero Standing Privileges with the Wiz and CyberArk integration

Introducing new Slack AI App for Wiz and Bi-Directional Slack Integration

Shaked Rotlevi, Matan Haim, Nadav Tzuker

6 de marzo de 2025

Wiz enhances Slack integration to streamline risk investigation and response and bring security knowledge directly to Slack

The Basics of AWS Infrastructure Security

Shaked Rotlevi

30 de enero de 2025

Discover key strategies to strengthen your AWS security posture, from applying protection at all layers to understanding shared responsibility in the cloud.

Key Performance Indicators for Effective DSPM Implementation

Shaked Rotlevi

28 de enero de 2025

What are the most important KPI’s for a successful DSPM implementation? Let's explore what KPI’s to monitor, why they matter, and how you can take advantage of them for improved security at your org.

A Cloud-First Approach to Vulnerability Remediation: A Holistic Approach

Thomas Nuth, Shaked Rotlevi, Asaf Wiener

10 de diciembre de 2024

Learn about how Wiz helps organizations operationalize vulnerability remediation with true code-to-cloud visibility

Wiz at Re:Invent 2024

Nadav Tzuker, Shaked Rotlevi

9 de diciembre de 2024

See what’s new with Wiz at Re:Invent 2024 and learn about how Wiz and AWS continue to strengthen their strategic partnership, keeping AWS customers’ environments secure

Wiz collaborates with NVIDIA to advance ML research for data classification

Erez Harush, Nadav Tzuker, Shaked Rotlevi

26 de noviembre de 2024

Wiz Research taps Llama 3 model NVIDIA NIM microservices for sensitive data classification

Introducing new Amazon Q Developer plugin for Wiz

Shaked Rotlevi, Annam Iyer, Nadav Tzuker

14 de noviembre de 2024

New plugin enables AWS and Wiz customers to leverage generative AI to improve their cloud security posture

Data access governance: Who's got the keys to your data kingdom?

Shaked Rotlevi, Yariv Ashkenazy, Matika Lidgi

6 de noviembre de 2024

Learn how Wiz helps you govern who can access what data in your cloud and protect your critical data

Introducing the next generation of AI-powered remediation: Choose your own remediation strategy

Shaked Rotlevi, Itay Arbel, Erez Harush

4 de noviembre de 2024

The new AI-powered remediation 2.0 combines the power of GenAI with the Wiz Research Team’s expertise in identifying cloud-native attack paths.

The essential steps for cloud vulnerability management

Thomas Nuth, Shaked Rotlevi, Asaf Wiener

30 de octubre de 2024

Prioritizing vulnerabilities in the cloud can be overwhelming - Learn how teams adopt a workflow structured for speed and accuracy.

Protect your Okta identities with Wiz

Shaked Rotlevi, Yariv Ashkenazy

23 de octubre de 2024

Wiz extends support to Okta with identity modeling on the Wiz Security Graph, visibility, risk assessment, and real-time threat detection for your Okta environment

Secure your Data Cloud with Wiz CNAPP for Snowflake

Shashank Golla, Matika Lidgi, Shaked Rotlevi

25 de septiembre de 2024

Gain unified visibility into Snowflake security posture and threats with the same workflows as the rest of your cloud.

Wiz achieves FedRAMP Moderate authorization

San Buonassisi, Dean Scontras, Annam Iyer, Shaked Rotlevi

15 de agosto de 2024

Wiz is now the fastest company to be listed FedRAMP Moderate Authorized on the FedRAMP Marketplace, making it easier for government agencies to effectively protect their cloud environment with Wiz’s CNAPP

Introducing pattern-based agentless malware detection using YARA rules

Rotem Lipowitch, Gili Tikochinski, Shaked Rotlevi

31 de julio de 2024

Wiz is expanding our existing detection capabilities to include pattern-based malware detection using YARA rules written by the Wiz Research team

Wiz at Re:Inforce 2024

Shaked Rotlevi

13 de junio de 2024

See what’s new with Wiz at Re:Inforce 2024 with this year’s recap

Wiz achieves StateRAMP authorization

Dave Karakis, Shaked Rotlevi

5 de junio de 2024

Great news for State and Local Governments! Wiz for Gov is now StateRAMP authorized

Wiz AI-SPM model scanning: Securely innovate with AI community models

George Pisha, Amitai Cohen, Shaked Rotlevi

30 de mayo de 2024

Detect malicious hosted AI models with Wiz AI-SPM and gain confidence in the models your data scientists use

Wiz achieves Red Hat Vulnerability Scanner Certification

Jonathan Dong, Shaked Rotlevi

20 de mayo de 2024

Wiz’s vulnerability scanning is now certified by Red Hat, providing customers with refined assessment of vulnerabilities for Red Hat Products

The wait is over: Wiz releases real-time CSPM

Shaked Rotlevi, Alon Weiss

15 de mayo de 2024

Prevent misconfigurations in your environment from being exploited with Wiz’s real-time CSPM.

Boosting efficiency with Wiz's AI-driven remediation steps powered by Amazon Bedrock

Shaked Rotlevi, Itay Arbel

16 de abril de 2024

Wiz introduces AI-remediation steps powered by Amazon Bedrock to empower customers to remediate risks quickly.

Improve MTTR with Wiz’s AI-powered remediation guidance using Microsoft Azure OpenAI service

Shaked Rotlevi, Itay Arbel

19 de marzo de 2024

Organizations can now improve their mean time to remediate (MTTR) with AI-generated remediation steps.

Wiz becomes the first CNAPP to provide DSPM capabilities for Oracle Cloud Infrastructure

Shaked Rotlevi, Matika Lidgi

14 de marzo de 2024

Oracle Cloud Infrastructure customers can now effectively protect their sensitive data with Wiz’s Data Security Posture Management (DSPM) capabilities.

Wiz becomes the first CNAPP to provide native security to Akamai Linode Cloud

Shaked Rotlevi, Alon Weiss

6 de marzo de 2024

Wiz customers can now secure everything they build and run on Akamai Linode Cloud, providing organizations the broadest cloud coverage out of any CNAPP

Wiz extends vulnerability scanning support to MacOS instances

Asaf Wiener, Shaked Rotlevi

29 de febrero de 2024

Wiz customers can now detect vulnerabilities in MacOS workloads and their software components with agentless scanning, and assess their secure configurations against built-in CIS Benchmarks for Apple MacOS

Wiz AI-SPM extends support to Microsoft Azure OpenAI Service models

Shaked Rotlevi, Alon Weiss

7 de febrero de 2024

Secure Microsoft Azure AI Services, including Azure OpenAI, with Wiz AI-SPM providing full visibility into AI pipelines and risks on the Wiz Security Graph

Wiz Enhances AI-SPM Support for Amazon Bedrock

Shaked Rotlevi, Alon Weiss

5 de febrero de 2024

Safeguard Amazon Bedrock with Wiz AI-SPM capabilities to gain visibility into GenAI pipelines and detect and proactively remove risks

Secure non-human identities with Wiz’s newest CIEM dashboard

Shaked Rotlevi, Yariv Ashkenazy

1 de febrero de 2024

Gain visibility into non-human identities in your environment and protect against risky service accounts with the new Non-Human Identities Dashboard.

Wiz extends its AI-SPM offering to OpenAI platform

Shaked Rotlevi, Itay Arbel, Amitai Cohen

11 de enero de 2024

Wiz becomes the first CNAPP to provide AI security for OpenAI, allowing data scientists and developers to detect and mitigate risk in their OpenAI organization with a new OpenAI SaaS connector.

Choosing an AI-SPM tool: The four questions every security organization needs to ask

Alon Schindel, Shaked Rotlevi

2 de enero de 2024

Ensure you are staying secure as your organization adopts AI by following these four guiding questions

How to leverage AI-powered security in your organization

Alon Schindel, Shaked Rotlevi

20 de diciembre de 2023

AI-powered security helps organizations improve efficiency and scale their security team, follow this framework to effectively leverage AI in your security org

Wiz at Re:Invent 2023

Shaked Rotlevi

4 de diciembre de 2023

See what’s new with Wiz at Re:Invent 2023 and learn about how Wiz and AWS continue to strengthen their strategic partnership, keeping AWS customers’ environments secure.

Wiz launches support for Google Cloud excessive access findings based on audit logs

Shaked Rotlevi, Ofer David, Matika Lidgi

20 de noviembre de 2023

Google Cloud customers can now detect excessive access in their GCP environment based on Google audit logs to effectively right-size permissions.

Wiz becomes the first CNAPP to provide AI Security Posture Management

Shaked Rotlevi, Alon Schindel, Mattan Shalev

16 de noviembre de 2023

Wiz extends its platform to secure AI with AI-SPM capabilities, helping organizations accelerate their AI innovation in the cloud.

5 Steps to Establishing a Zero Trust Foundation in the Cloud with Wiz

Shaked Rotlevi, Chris Saunders

13 de noviembre de 2023

Gain complete visibility into your environment and its risks to enable a Zero Trust strategy in the cloud

Wiz launches support for Google Workspace, helping organizations secure Google Cloud identities

Shaked Rotlevi, Yariv Ashkenazy, Ofer David

16 de octubre de 2023

Protect your Google Cloud identities with Wiz's new Google Workspace identity modeling and identify suspicious activity in Google Workspace with new threat detection rules

GAO Study Reveals: Government Faces Challenges with Continuous Monitoring

Shaked Rotlevi, Chris Saunders

19 de septiembre de 2023

Learn how government agencies can meet the GAO’s recommended cloud security best practices by establishing continuous risk and compliance monitoring in the cloud

Wiz's agentless approach to cloud-native vulnerability management

Shaked Rotlevi

31 de julio de 2023

Prioritize critical vulnerabilities based on business impact with Wiz’s agentless Vulnerability Management solution.

Wiz at Re:Inforce 2023

Shaked Rotlevi

14 de junio de 2023

See what is new with Wiz at Re:Inforce and learn about how Wiz and AWS continue to strengthen a strategic relationship to secure customers’ AWS environments.

Wiz for CSPM: A modern approach to cloud security

Shaked Rotlevi, Alon Weiss

7 de junio de 2023

Reduce noise of traditional CSPM tools with context-based deep risk assessment, enabling you to prioritize the misconfigurations that put your environment at critical risk.

Detect critical application misconfiguration risks

Shaked Rotlevi, Daniel Klein, Amitai Cohen

22 de marzo de 2023

Some application misconfigurations are equivalent to remote code execution or information disclosure vulnerabilities, but often go unnoticed. Wiz’s agentless capabilities detect these and correlate them to attack surface and business impact risks, highlighting the most critical misconfigurations.

Compliance made easy with Wiz

Shaked Rotlevi, Daniel Klein

13 de marzo de 2023

Stay compliant with Wiz’s 100+ compliance frameworks, generate quick compliance reports, and remediate issues faster with remediation guidance and auto-remediation.