See every risk, from the first line of code to what’s running in production. No resource tagging. No CI/CD hacks. Just automatic, reliable traceability both developers and security teams can act on.
Wiz Research has uncovered 550+ secrets hiding in plain sight. We worked with Microsoft to shut the door.
Turning attacker insights into stronger cloud security protections.
Wiz Research discovers vulnerability stemming from 13-year-old bug present in all Redis versions, used in 75% of cloud environments.
How attackers exploit exposed databases for extortion—and the defenses that work.
A practical guide to the risks, blind spots, and protections every security team needs to know.
Wiz and the leading CSPs are launching one of the largest hacking competitions ever to secure the open-source software powering the cloud ecosystem
Bring network context into the Security Graph to enrich cloud visibility and strengthen posture
A closer look at LameHug, the Amazon Q Developer Extension compromise, s1ngularity, and PromptLock.
Unified cloud security without compromise, delivering commercial features to sensitive government systems
Announcing the GA of our HCP Terraform connector, featuring new zero-configuration code-to-cloud mapping that traces any cloud risk back to its source.
When common processes start asking the wrong questions
Exploring how simple setup flaws become open doors for attackers—and what teams can do to shut them.
New research reveals four common security risks systematically affecting vibe-coded applications - with remediation strategies curated together with Lovable.
Announcing the public preview of Wiz’s in-house Incident Response service—empowering customers to investigate, contain, and resolve cyber incidents with confidence
Detect and mitigate a critical supply chain compromise affecting over 100+ packages, organizations should act urgently.
How to address DORA compliance challenges with Wiz and Deloitte.
Executives from Brex and FICO share how AI is reshaping security strategies.
We believe recognition in the IDC MarketScape for ASPM reflects our commitment to redefining how modern/cloud and AI-native applications are built and secured.
A deeper look at the npm debug/chalk supply-chain incident: deobfuscating the wallet-hijacking browser interceptor, quantifying the ~2-hour exposure with Wiz telemetry (~99% package prevalence, ~10% malware presence), and unpacking what made it spread so fast.
WizOS is in public preview starting today, enabling Wiz customers to adopt and operationalize secured images at scale.
Exposed cloud credentials become the launchpad for mass phishing, highlighting email services as a prime target in cloud exploitation campaigns.
A deeper look at the Nx supply chain attack: analyzing the performance of AI-powered malware, calculating incident impact, and sharing novel TTPs for further investigation.
Detect and mitigate a critical supply chain compromise affecting the Nx NPM Package. Organizations should act urgently.
Wiz closes the loop on exposed secrets with blast radius context, ownership intelligence, and actionable, AI-powered fixes.
