Wiz Defend está aqui: detecção e resposta a ameaças para a nuvem

Academia CloudSec

Bem-vindo à CloudSec Academy, seu guia para navegar pela sopa de letrinhas dos acrônimos de segurança em nuvem e jargão do setor. Livre-se das distrações com conteúdo claro, conciso e habilmente elaborado, cobrindo os fundamentos para as melhores práticas.

What is Data Flow Mapping?

In this article, we’ll take a closer look at everything you need to know about data flow mapping: its huge benefits, how to create one, and best practices, and we’ll also provide sample templates using real-life examples.

What are Data Security Controls?

Equipe de especialistas do Wiz

Data security controls are security policies, technologies, and procedures that protect data from unauthorized access, alteration, or loss

Sensitive Data Discovery

Equipe de especialistas do Wiz

In this post, we’ll find out why the sensitive data discovery process is so important—along with some of the main challenges. We’ll see how companies tackle the daunting task of classifying their data.

Identity Security [Cloud Edition]

Equipe de especialistas do Wiz

Cloud identity security is the practice of safeguarding digital identities and the sensitive cloud infrastructure and data they gatekeep from unauthorized access and misuse.

What is Cloud Data Security? Risks and Best Practices

Equipe de especialistas do Wiz

Cloud data security is the comprehensive strategy of preventing data loss or leakage in the cloud from security threats like unauthorized access, data breaches, and insider threats.

Effective Permissions: A Security Review

Equipe de especialistas do Wiz

In this article, we will explore the challenges of managing permissions, the risks associated with improper access controls, and how major cloud providers handle permissions. We’ll also take a look at best practices and advanced solutions like cloud infrastructure entitlement management (CIEM).

What is Cloud Risk Management?

Equipe de especialistas do Wiz

In this article, we’ll explore what cloud risk management entails and take an in-depth look at the tools that can keep your systems safe.

Data Security Compliance Explained

Data security compliance is a critical aspect of data governance that involves adhering to the security-centric rules and regulations set forth by supervisory and regulatory bodies, including federal agencies.

Data Leakage: Risks, Causes, & Prevention

Data leakage is the unchecked exfiltration of organizational data to a third party. It occurs through various means such as misconfigured databases, poorly protected network servers, phishing attacks, or even careless data handling.

Vulnerability Prioritization in the Cloud: Strategies + Steps

Vulnerability prioritization is the practice of assessing and ranking identified security vulnerabilities based on critical factors such as severity, potential impact, exploitability, and business context. This ranking helps security experts and executives avoid alert fatigue to focus remediation efforts on the most critical vulnerabilities.

Top 9 OSS CSPM Tools

Equipe de especialistas do Wiz

In this article, we’ll explore the top 9 OSS CSPM tools available today, each with its unique capabilities and benefits for helping organizations identify cloud misconfigurations, prevent security breaches, and ensure compliance with industry standards.

Database Security Explained

Database security is the process of identifying, assessing, and mitigating risks that can compromise the confidentiality, integrity, and availability of data.

The Vulnerability Management Lifecycle in 6 Stages

Equipe de especialistas do Wiz

The vulnerability management lifecycle consists of six key stages: identification and assessment, prioritization, remediation and mitigation, verification and validation, reporting, and monitoring and improvement.

What is a Vulnerability Management Program?

Equipe de especialistas do Wiz

A vulnerability management program is a structured, continuous approach to identifying, evaluating, and mitigating security weaknesses across an organization's IT ecosystem.

What is Cloud Network Security?

Equipe de especialistas do Wiz

Cloud network security is a combination of tools, processes, and policies that protect your cloud environments.

What is Cloud Visibility? + Best Practices

Equipe de especialistas do Wiz

As cloud adoption grows, the only way to mitigate risks and access the full spectrum of cloud capabilities is to prioritize visibility. Read on to learn more about cloud visibility—and how to achieve it.

What are CIS benchmarks?

Equipe de especialistas do Wiz

CIS benchmarks are publicly available security roadmaps offering core recommendations to guide organizations on hardening their IT systems against cyber threats.

Azure Security Risks & Mitigation Steps

Equipe de especialistas do Wiz

This article offers an extensive examination of Azure environments’ most pressing security risks along with suggested approaches for effectively mitigating these challenges.

Cloud Sprawl Explained

Equipe de especialistas do Wiz

Cloud sprawl is a phenomenon that involves the unmanaged growth of cloud-based resources and services.

CSPM vs DSPM: Why You Need Both

Equipe de especialistas do Wiz

Discover the similarities between CSPM and DSPM, what factors set them apart, and which one is the best choice for your organization’s needs.

Cloud Migration Security Explained

Cloud migration security is a facet of cybersecurity that protects organizations from security risks during a transition to cloud environments from legacy infrastructure, like on-premises data centers.

Native Azure Security Tools

Equipe de especialistas do Wiz

This blog explores the significance of security in Azure environments and provides an overview of native as well as third-party security tools available to improve an organization’s Azure security stance.

CSPM vs. SSPM

Equipe de especialistas do Wiz

This post discusses CSPM and SSPM in depth to reveal their respective use cases. You'll also learn how CSPM and SSPM complement each other to strengthen your overall security posture.

AWS Security Risks

Equipe de especialistas do Wiz

This article examines common AWS security challenges, including identity and access control gaps, data exposure risks, and monitoring blind spots.

CIEM vs. IAM

Equipe de especialistas do Wiz

In this article, we'll compare CIEM and IAM to explain how these crucial techniques help reduce your attack surface.

Shadow Data

Equipe de especialistas do Wiz

Shadow data is any data that is created, stored, or shared outside of an organization's formal IT environment and management policies.

Understanding the Shared Responsibility Model

Equipe de especialistas do Wiz

The shared responsibility model is a framework establishing cloud security responsibilities between cloud service providers (AWS, GCP, Azure) and customers.

Serverless Security Explained

Equipe de especialistas do Wiz

Serverless security is the extra layer of protection designed for applications built on a serverless architecture. In this type of cloud computing, you write the code (functions) but the cloud provider handles the servers. This creates a different security approach.

Cloud Security Strategy

Equipe de especialistas do Wiz

A cloud security strategy is the combination of the measures, tools, policies, and procedures used to secure cloud data, applications, and infrastructure.

What is CSPM?

Cloud Security Posture Management (CSPM) describes the process of continuously detecting and remediating risks in cloud environments and services (e.g. S3 buckets w/ public read access). CSPM tools automatically evaluate cloud configurations against industry best practices, regulatory requirements, and security policies to ensure that cloud environments are secure and properly managed.

Risk-Based Vulnerability Management

Equipe de especialistas do Wiz

Risk-based vulnerability management is a vulnerability management approach that prioritizes vulnerabilities that pose the greatest risk to an organization.

AWS S3 Security Best Practices

This article will refresh your knowledge of AWS and S3 security basics and then move into the best practices you need to get started with S3 security.

What is Cloud Encryption?

Cloud encryption is the process of transforming data into a secure format that's unreadable to anyone who doesn't have the key to decode it.

CIEM vs CSPM: Why You Need Both

Equipe de especialistas do Wiz

CSPM focuses on securing cloud infrastructure by identifying and remediating misconfigurations, while CIEM centers on managing and securing user identities and access permissions within cloud environments, addressing threats related to unauthorized access and entitlements.

CNAPP vs CSPM

Equipe de especialistas do Wiz

Learn where CNAPP and CSPM overlap, where they differ, and which one is right for your organization.

IAM Security Explained

IAM security consists of policies and technologies designed to ensure that only authorized individuals gain access to the relevant resources within an organization.

Enterprise Cloud Security 101

Equipe de especialistas do Wiz

Enterprise cloud security is the comprehensive set of practices, policies, and controls used by organizations to protect their data, applications, and infrastructure in the cloud.

CSPM vs CWPP

Equipe de especialistas do Wiz

Learn where CSPM and CWPP overlap, where they differ, and which one is right for your organization.

Cloud Management 101

Equipe de especialistas do Wiz

Cloud management refers to the monitoring, maintenance, and operation of data, apps, and infrastructure hosted on the cloud.

Cloud Governance

Equipe de especialistas do Wiz

Cloud governance entails the policies, processes, and controls an organization puts in place to ensure the effective and secure management of its cloud resources and services.

What is an Attack Surface?

Equipe de especialistas do Wiz

An attack surface is refers to all the potential entry points an attacker could exploit to gain unauthorized access to a system, network, or data.

Cloud Security Architecture

Equipe de especialistas do Wiz

Cloud security architecture is a broad set of principles designed to guide the implementation of security controls, practices, and solutions within a cloud computing environment.

Security Posture Explained

Equipe de especialistas do Wiz

Security posture is the overall defensive strength of an enterprise’s IT infrastructure, which comprises hardware, software, practices, policies, and personnel.

Types of Cloud Security Tools

Equipe de especialistas do Wiz

Explore the security roles your tools should cover, then outline the key tool types to help you build your security workflows.

Essential Cloud Security Controls

Equipe de especialistas do Wiz

Learn to navigate the complexities of cloud security, including the knowledge and tools required to build a robust and proactive defense against ever-evolving cyber threats.

Cloud Native Security

Equipe de especialistas do Wiz

Cloud native security refers to the practices, tools, and policies that protect cloud native applications and infrastructures.

Cloud Vulnerability Management

Equipe de especialistas do Wiz

Cloud vulnerability management is the continuous process of identifying, classifying, prioritizing, and remediating security vulnerabilities in your cloud environment.

Azure Security vs. AWS Security: A Comparative Analysis

Equipe de especialistas do Wiz

To help you make an informed decision, we've crafted a comprehensive comparison of AWS and Azure security, empowering you to select the cloud provider that seamlessly integrates with your unique needs.

Hybrid Cloud Security Explained

Equipe de especialistas do Wiz

Hybrid cloud security is a combination of strategies, technologies, and teams working in unison to secure an organization’s hybrid cloud environment.

Public Cloud Security Explained

Equipe de especialistas do Wiz

Public cloud security describes establishing cybersecurity measures to secure public cloud environments accessible to multiple users or organizations.

Private Cloud Security Explained

Equipe de especialistas do Wiz

Private cloud security is a term that describes the tools and techniques used to secure private cloud environments.

Essential Azure Security Best Practices

Equipe de especialistas do Wiz

Between its reliability and its robust scalability, Azure has become an integral part of many organizations' cloud architecture. Learn how to secure your Azure deployment with these 5 essential best practices.

Patch Management Explained

Equipe de especialistas do Wiz

Patch management is the process of planning, testing, and applying updates to software systems and applications to address vulnerabilities, fix bugs, and improve overall system performance.

AWS Security Best Practices

Equipe de especialistas do Wiz

10 essential AWS security best practices every organization should start with

O que é segurança na nuvem (cloud security) ?

Equipe de especialistas do Wiz

A segurança na nuvem refere-se a um conjunto de políticas, controles, procedimentos e tecnologias que trabalham juntos para proteger sistemas, dados e infraestrutura baseados em nuvem.

The CSPM Solutions Landscape 2024

Equipe de especialistas do Wiz

A walk through of what the cloud security posture management (CSPM) landscape will look like this year.

8 All-Too-Common Cloud Vulnerabilities

Equipe de especialistas do Wiz

We outline the most common cloud vulnerabilities with real-life examples of attacks that exploited these vulnerabilities, and simple steps you can take to mitigate them.

Top Native AWS Security Tools

Equipe de especialistas do Wiz

11 native tools for IAM, data protection, network and application protection, compliance management, and threat detection

What is Vulnerability Management?

Equipe de especialistas do Wiz

Vulnerability management involves continuously identifying, managing, and remediating vulnerabilities in IT environments, and is an integral part of any security program.