Cado Security

The Cado Security and Wiz integration empowers organizations to rapidly perform forensic investigations and minimize time to respond. When it comes to incident response, time is of the essence. Organizations already using Wiz can now more seamlessly take advantage of Cado Security’s deep forensic capabilities to efficiently pinpoint incident root cause, impact, and scope, and respond faster. 

Integration Benefits

• Respond to cloud threats faster ˆ

Automate forensics investigation of cloud resources using Wiz's one-click forensics capabilities to accelerate path to root cause and remediation and meet SLAŒ ˆ

• Better understand the impact of threatŒ ˆ

Take advantage of deep forensics analysis capabilities, such as Cado’s AI Investigator, to better understand the scope and impact of cloud-based threatsˆ

• Simplify the IR processˆ

Gain instant access to critical cloud resources without having to work through other teams or set up additional access

Better Together

Wiz and Cado Security’s combined solution enables security teams to triage and fix risks that pose the most impactful threats to your cloud environment and have the context necessary to solve threats in the heat of an investigation. The integration with Wiz eliminates common cloud access obstacles while gaining a deeper understanding of the root cause, scope, and impact of cloud threats.

Challenge

Gaining access to cloud resources  in a timely manner during an investigation often proves to be a significant obstacle faced by security teams. However, when it comes to incident response, speed is  essential to efficiently managing risk, meeting SLAs, and reducing the potential impact of threats. Achieving rapid incident response requires solutions that work seamlessly together. The Cado Security and Wiz integration enables organizations to rapidly kick off forensic investigations of AWS EC2 instances, eliminating common access obstacles that can lead to delays in investigation and response. 

Solution

Organizations already using Wiz to manage vulnerabilities and potential compromises can rapidly kick off forensic investigations within the Cado Security platform, accelerating the path to root cause and remediation of cloudbased threats. Leveraging Wiz’s recently introduced Digital Forensics capabilities, security analysts can seamlessly copy captured EC2 volumes to a dedicated forensics account and apply specific tags. Based on these tags, the Cado Security platform will automatically discover and spin up a deeper forensic investigation, without analyst intervention. 

How it works:

Step 1: Snapshot & Copy Volume Using Wiz Digital Forensics capabilities, snapshot EC2 volume and copy the potentially compromised 
workload to a dedicated forensic account 

Step 2: Apply Tags for Cado Discovery Apply specific tags to enable the Cado Security platform to automatically discover and spin up a deeper-dive forensic investigation

Step 3: Automatically Process & Analyze The Cado Security platform automatically processes and analyzes tagged EC2 volumes, delivering critical incident insights