Analyze

Perform a deep cloud assessment

Wiz analyzes your AWS, Azure, GCP, and Kubernetes stacks, evaluating your cloud architecture and risk factors such as internet exposure, software and configuration vulnerabilities, identities, secrets, and malware.

Traditional analysis

Wiz analyzes your cloud, performing the same checks found in standalone vulnerability assessment, CSPM, CWPP, and anti-malware tools.
Vulnerability assessment

Identify and prioritize vulnerabilities across  your cloud software

Wiz scans the operating system, installed software, and code libraries in cloud workloads —including VMs, containers, and serverless functions—and checks against the National Vulnerability Database (NVD), vendor OVAL repositories, and dozens of other vulnerability databases to match known vulnerabilities to the versions you’re running and prioritize them based on risk.

Secure configuration

Check configurations against standard frameworks and your own custom benchmarks

Wiz assesses the configuration of cloud infrastructure, Kubernetes, and VM operating systems against your baselines, common frameworks and benchmarks with out-of-the-box and custom configuration rules tailored to the specific resource type and cloud platform.

Malware detection

Find malware on cloud resources

Wiz uses threat intelligence feeds to scan cloud workloads and detect malicious code and IoCs and also provides information regarding the threat severity.

Download the solution brief

Get more information about how Wiz helps organizations identify and remove the most critical risks in the cloud.

Cloud Risk Engines

To determine the effective risk of your cloud, Wiz goes beyond traditional analysis and compiles all settings, compensating controls, and dependencies to other resources.
Exposure Engine

Identify which resources  are exposed and uncover unintentional exposure paths

Wiz calculates effective external exposure for every cloud resource by analyzing the complete cloud and Kubernetes network rules and the individual configurations on each resource. For each exposed resource, Wiz provides you the full traffic path, enabling you to see how a resource is unintentionally exposed.

Identity and Entitlements Engine

Remove excessive permissions and enforce least privilege access policies

Wiz understands who can access what—i.e. effective permissions—by compiling all user and service roles, assigned permissions, resource policies, and permission boundaries. Wiz then identifies excessive permissions that should be removed to reduce access risk.

Secrets Engine

Uncover unsecure use of secrets and their permissions within your environment

Wiz not only identifies exposed secrets on cloud resources but analyzes them to understand their impact on the environment so you can focus on the most critical risks—such as cloud keys with administrator-level permissions or SSH keys that create the opportunity for lateral movement.

"We were really impressed with how Wiz had consolidated the capabilities we were seeing in the marketplace into a single platform with a single pane of glass view of what is going on in our cloud environments."

ADAM FLETCHER
Chief Security Officer

Wiz Threat Research

Wiz’s threat research team spearheads research into cloud risks, including zero-day cloud vulnerabilities and threats, which are continuously fed into the Wiz platform to expand coverage for novel security risks.