Wiz Defend is Here: Threat detection and response for cloud

What does "Platform" mean in cloud security?

Enabling security outcomes for cloud builders and defenders, from code to cloud to defense.

5 minutes read

Platformization has become a hot topic in enterprise tech, particularly when it comes to cybersecurity and cloud. Organizations are fed up with managing a hodgepodge of point solutions. They want better visibility, no siloes, less noise, more context. Many are actively pushing to consolidate vendors to improve the experience for their teams.  

At Wiz, we believe that people are the key part of the people / process / technology trifecta. A true platform is not about feature functionality so much as it is about evolving business processes for the modern age and enabling people to work better together. 

The cloud operating model 

Cloud security is complex, because cloud is complex. Businesses need to innovate fast, and the cloud helps them do that. If a new service comes out that makes building applications easier, your developers will use it. If a new AI technology comes out, your data and AI teams will use it. So how do you secure an ephemeral, decentralized environment without capping or blocking its transformative power?  

You find a platform that everyone can use, not just the security team. And not only use, but love. 

This strategy unlocks value universally across all industries, sizes, and stages of the cloud journey. Security teams are grappling with the introduction of thousands of new technologies. Developers don’t ship yearly, they ship daily... or even hourly. Security must enable all these shifts, but to do so, they need better visibility, more actionable insights, to combat mounting and evolving risk, simple adherence to compliance standards, less manual efforts — the list goes on.   

These teams come to Wiz for a platform that scales their security program and supports a new cloud operating model built on democratization. Multiple teams across the business start using the same platform, speak the same language, and control risk together.  

That is how an organization can continuously improve security across an ever-changing environment, even as it grows more complex by the day. 

Security for the cloud era

Let’s consider the legacy of on-prem. Much of today’s security tool sprawl stems from historical technology that could only look myopically at a single use case, e.g. vulnerability management. The end result? A tech stack that is fragmented into multiple technology and people siloes and creates a lot of noise. It’s a complaint we often hear in our conversations with pre-Wiz infosec teams: “If everything is critical, where do I even start?” 

Developers won’t use a solution that makes their life noisy (who would?) and that, in turn, causes friction for... well, everyone. Security teams will face blind spots as cloud technology adoption and the resulting attack surface grows. The solution set is not effective at reducing risk, the tech stack cannot be operationalized, and therefore the cloud security strategy is not viable. This can hamstring innovation, growth, and M&A.   

The Wiz platform 

We believe that effective cloud security hinges on having a platform that is purpose-built for the modern age. Or, put differently, one that can handle the specific problem statements of cloud builders and cloud defenders.  

The crux of Wiz’s ability to handle complexity, and the core of our platform, is the Security Graph. It provides an abstraction layer that removes the complexity of an ever-changing environment so teams can drive towards fast outcomes. We designed it to address seemingly simple questions that have become quite difficult to answer, like:  

  • What is running in my cloud today? 

  • Who is responsible for it? 

  • What pipeline built it?  

  • What technologies and open-source components were used?  

  • How do I proactively secure it? 

  • How do I detect and stop an unfolding attack?  

The graph serves up fast, accurate answers, like a Google search for your cloud. Anyone can use it without needing deep cloud or cloud security expertise and without burdening Devs / DevOps, cloud security, and SOC teams. The graph allows us to treat previously siloed point products as just another feature of cloud security posture. Misconfigurations with CSPM, excessive entitlements with CIEM, vulnerabilities in Vulnerability Management tools, Container Security — it all becomes a feature to identify toxic combinations of risk. 

The Wiz Security Graph is the connective tissue for cloud builders and cloud defenders to have the same understanding of how to secure their cloud. Cloud security is a team sport, and the purpose of the platform is to make it easy to secure rapid cloud innovation. Over 50% of Wiz users sit outside of the security function and directly in the Dev/DevOps function, and because these teams are now working hand in hand, over 30% of our customers achieve and stay at zero critical issues in their environment. Siloes eradicated, security outcomes realized.   

From code to cloud to defend 

Wiz began our journey in security posture so customers could rapidly understand and improve their cloud security. Over the past two quarters, we’ve continued investing in broadening and deepening security posture management by extending our core capabilities to AI Security (AI-SPM) and their Github repos (Github SPM), to non-human identities, and to AI-power remediation guidance to make fixing risk even faster.  

But that’s just the beginning. Let’s unpack the other 2 product pillars, as depicted in the above graphic, starting with Wiz Code.  

The promise of CNAPP lies in its extension across the entire software pipeline, so organizations can securely develop for the cloud. That means moving away from managing the security posture of the production environment, to eliminating issues at the source — which is faster, less intrusive, and less costly — thereby preventing them from ever reaching production.  

Wiz Code is grounded in this value proposition: it is designed to secure cloud software development and improve the resolution of issues by tracing them back to the source. Wiz Code also enforces guardrails that enable “secure by design” principles.  

The desire to empower developers fueled our acquisition of Raftt, and will drive future investments. Additionally, we’ve helped our customers address software supply chain security use cases with SBOM capabilities that provide complete visibility into application components and Image Trust that ensure only container images validated by Wiz can be deployed to the production environment. 

Wiz Defend, conversely, views the cloud defense in depth strategy through the lens of Security Operations teams. We are tackling threat detection in the cloud, which faces similar challenges to those that Wiz set out to solve in the posture space: traditional detection tools were created for on-prem and adopt a workload-only focus that produces siloed, contextless alerts. On top of that, SOC teams struggle to complete the picture due to lack of cloud context and visibility. 

The acquisition of Gem Security was a pivotal step on our CDR journey. Gem brings a focus on real-time defense against cloud-native attacks, continuously analyzing activity with a SOC-native experience to identify and investigate any suspicious or unauthorized action. This expertise is being built into Wiz’s infrastructure and Security Graph. When you combine these SOC-focused workflows with Wiz’s Linux and Kubernetes Runtime Sensor, defenders will gain a truly born-for-cloud ability to detect and stop cloud attacks in progress. 

Conclusion 

In this post we have looked at exactly how the platform breaks siloes and drives customer value across people, processes, and technology, and how to define the word platform itself.  

While the business outcomes vary for each of our core personas, each outcome stems from the same fundamental belief: that to achieve success in the cloud, you must embrace a new operating model that drives shared understanding and goals across all teams. Tool consolidation is an important benefit that follows but is not the starting point. 

To learn more about how Wiz can help you, and to see the platform in action, come visit us at RSA.  

 

Continue reading

Get a personalized demo

Ready to see Wiz in action?

“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Greg PoniatowskiHead of Threat and Vulnerability Management