Featured
Wiz Named #1 CDR Solution by G2
Wiz was named the leader in the Winter 2025 CDR Grid Report, based on independent customer reviews.
Blog
2025 State of Code Security: Key Trends and Risks
Explore the key insights on code and cloud security risks shaping 2025.
Introducing Wiz Lens: Role-based views for every security team
Empowerment and speed for security teams without losing unified cloud context.
The Role of Runtime Security in Cloud Environments
Discover how Wiz's innovative hybrid approach revolutionizes runtime security for the modern cloud era.
The Overlooked Attack Surface: Securing Code Repositories, Pipelines, and Developer Infrastructure
Learn how Wiz for ASPM extends security to developer infrastructure by continuously enforcing secure defaults and detecting threats across the software supply chain.
Dev and Sec: The Perfect Pair <3
Discover how this dynamic duo creates secure, agile environments – and how you can foster their romance in your organization.
Cisco and Wiz Help Customers Modernize Cybersecurity
Enhanced collaboration deepens cloud security capabilities, democratizes security across cloud businesses.
How Wiz found a Critical NVIDIA AI vulnerability: Deep Dive into a container escape (CVE-2024-0132)
Technical details on a critical severity vulnerability (CVE-2024-0132) in NVIDIA Container Toolkit and GPU Operator, affecting cloud service providers .
Our Container Security AMA: You asked, Wiz answered
Check out the top comments and responses from our recent containers AMA.
Introducing the Wiz Certified Program: Validate Your Expertise and Showcase Your Mastery!
The Wiz Certified program refines your cloud security skills to help you grow your career and stand out among your industry peers.
The Basics of AWS Infrastructure Security
Discover key strategies to strengthen your AWS security posture, from applying protection at all layers to understanding shared responsibility in the cloud.
Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History
A publicly accessible database belonging to DeepSeek allowed full control over database operations, including the ability to access internal data. The exposure includes over a million lines of log streams with highly sensitive information.
Key Performance Indicators for Effective DSPM Implementation
What are the most important KPI’s for a successful DSPM implementation? Let's explore what KPI’s to monitor, why they matter, and how you can take advantage of them for improved security at your org.
Cloud Detection Without Drowning: The Zero-Noise Approach
By adopting the 'Zero Noise' approach—prioritizing attacker-focused detections, continuous feedback loops, and a 'no alert left behind' mentality—security teams can cut through cloud alert noise, enabling swift and precise responses to true threats.
The anatomy of a Toxic Combination of Risk
How to uncover potential threats and eliminate critical risks in your cloud environment.
Securing the Container Frontier: Kubernetes Trends Report 2025 Preview
From rapid-fire attack attempts to evolving defense strategies, our Kubernetes Security Report paints a vivid picture of a dynamic landscape. Check out the preview here.
Tracking cloud-fluent threat actors - Part two: Behavioral cloud IOCs
Discover how behavioral cloud IOCs can expose malicious activity as we break down real-world examples to reveal actionable detection techniques.
Wiz Recognized as a 2024 Customers’ Choice in Gartner® Peer Insights report.
Wiz named as a Customers’ Choice for Cloud Native Application Protection Platforms (CNAPP)
Wiz Research Identifies Exploitation in the Wild of Aviatrix Controller RCE (CVE-2024-50603)
The Wiz Incident Response team is currently responding to multiple incidents involving CVE-2024-50603, an Aviatrix Controller unauthenticated RCE vulnerability, that can lead to privileges escalation in the AWS control plane. Organizations should patch urgently.
Welcoming Our New CFO & President
Fazal Merchant joins our leadership team as we look to what lies ahead.
CVE-2025-0282 and CVE-2025-0283: Critical Ivanti 0days Exploited in the Wild
Detect and mitigate CVE-2025-0282, a critical RCE vulnerability in Ivanti Connect Secure and CVE-2025-0283, exploited as 0day vulnerabilities in the wild. Organizations should patch urgently.
2025 Cloud Security Predictions: Trends to Look Out for
Wizards share some of the cloud security trends to look out for in 2025.
Breaking the Chain: Wiz Uncovers a Signature Verification Bypass in Nuclei, the Popular Vulnerability Scanner (CVE-2024-43405)
Wiz’s engineering team discovered a high-severity signature verification bypass in Nuclei, one of the most popular open-source security tools, which could potentially lead to arbitrary code execution.
Avoiding mistakes with AWS OIDC integration conditions
Let’s explore some common missteps in securing your AWS OIDC.
The many ways to obtain credentials in AWS
Dive into the complexities of AWS IAM credentials and uncover how defenders can stay ahead with in-depth knowledge of SDK behaviors and service-specific mechanisms.