CloudSec Academy
Benvenuto in CloudSec Academy, la tua guida per navigare nella zuppa alfabetica degli acronimi sulla sicurezza del cloud e del gergo del settore. Elimina il rumore con contenuti chiari, concisi e realizzati da esperti che coprono i fondamenti e le best practice.
Guarda Wiz in azione
Scopri come Wiz trasforma i fondamenti della sicurezza cloud in risultati reali.
What is Product Security in 2026?
Team di esperti Wiz
Product security secures software as a system across code, cloud, identity, data, and runtime. Learn how modern teams prioritize exploitable risk in cloud environments.
AI-BOM: Building an AI Bill of Materials
An AI bill of materials (AI-BOM) is a complete inventory of all the assets in your organization’s AI ecosystem. It documents datasets, models, software, hardware, and dependencies across the entire lifecycle of AI systems—from initial development to deployment and monitoring.
Guarda la demo di 12 minuti
Guarda come Wiz trasforma la visibilità istantanea in una rapida bonifica.
What is API security testing?
API security testing is the process of validating that APIs are protected against abuse, misconfiguration, and sensitive data exposure. Unlike functional testing—which checks whether an API works—security testing looks for ways an API can be misused.
API risk assessment: Tools & techniques
An API risk assessment is a systematic process for evaluating the APIs used across an organization.
Che cos'è la risposta agli incidenti? Una guida rapida per i SOC
Team di esperti Wiz
La risposta agli incidenti è un approccio strategico per rilevare e rispondere agli attacchi informatici con l'obiettivo di ridurre al minimo il loro impatto sui sistemi IT e sull'azienda nel suo complesso.
What is an Incident Response Plan (IRP)?
An incident response plan (IRP) is a detailed framework that provides clear, step-by-step guidelines to detect, contain, eradicate, and recover from security incidents.
How to secure the SDLC with Wiz
Team di esperti Wiz
Learn how to secure the SDLC from code to runtime with DevSecOps best practices: SAST, SCA, IaC scanning, CI/CD hardening, CSPM, CDR, and compliance mapping.
GraphQL API security risks every developer should know about
Team di esperti Wiz
GraphQL API security is a set of specialized practices and controls for protecting GraphQL endpoints.
Unmanaged API security: What cloud teams need to know
Team di esperti Wiz
Unmanaged APIs are undocumented interfaces that operate outside standardized security and governance frameworks.
API security posture management explained
Team di esperti Wiz
API security posture management, or API-SPM, is a security discipline that focuses on maintaining and proactively improving the security health of enterprise APIs.
The Open-Source CNAPP Toolkit
Team di esperti Wiz
With a CNAPP, your team is empowered to pick and choose solutions that best fit your security capability and cost requirements. This article reviews the best open-source CNAPP tools for 2024.
Free Incident Response Playbooks: Learn How to Apply Them
Learn more about incident response playbooks to find gaps in your process. Plus, get free playbooks for your cloud security teams, best practices, and more.
Cloud engineer job description (template, skills, salary)
Team di esperti Wiz
A cloud engineer is a technical expert responsible for architecting, implementing, and managing an organization's cloud infrastructure and services. This role involves working across the full cloud lifecycle, from initial planning and design to deployment and ongoing optimization.