Wiz enhances real-time threat detection and response capabilities to stop threats from becoming incidents

The Wiz Runtime Sensor for Kubernetes graduates to general availability with proven ability to detect cloud attacks, greater customization for detections, and new cloud-native response capabilities

3 minutes read

Organizations are innovating in the cloud faster than ever before. Cloud builders are racing to adopt cloud technologies from Kubernetes to GenAI to drive new efficiencies and business models. This agility though introduces new attack surfaces where it is no longer possible for a typical organization to understand and fix every risk in their cloud environment. A new cloud-native approach is required – one where cloud builders and cloud defenders can continuously monitor residual risk, identify threats with a high degree of accuracy across layers of the cloud, and take immediate action with the full infrastructure context to stop unfolding threats in their tracks. This is exactly why we built the Wiz Runtime Sensor

Since the Wiz Runtime Sensor moved to public preview this summer, our customers have very quickly stopped unfolding threats and thwarted attackers. The sensor has detected numerous threat campaigns including Pyloose, the first publicly documented Python-based fileless attack targeting cloud workloads, and several cryptomining incidents. Customers have seen the power of a comprehensive cloud security platform that provides high-fidelity alerts on threats, a single location to investigate all of the evidence of the threat and the potential blast radius, so they can take rapid action to limit business impact. 

Today, we’re excited to release the Wiz Runtime Sensor to General Availability, so more customers are able to add real-time threat detection and response to their containerized workloads. As part of this enhancement, we’re releasing a number of new capabilities to make it even simpler to operationalize a last line of defense across security and development teams: 

  • Greater customization: Ignore rules that enable customers to tune detections for their business and environment requirements and the ability to manage all Sensor rules in one location. 

  • More signals: Anomaly detections to increase the severity of alerts for novel and unexpected actions. 

  • Streamlined investigation: Container forensics and runtime execution data to support in-depth investigation and understanding of potential blast radius for cloud defenders, with full context of the underlying cloud infrastructure. 

  • Immediate response: Cloud-native response playbooks such as isolating the impacted node or removing excessive permissions to rapidly limit the impact of an unfolding threat. 

  • Better risk prioritization: Extending runtime validation to identify vulnerabilities affecting libraries in use by the workload with more context on where the vulnerability was validated for risk assessment. 

Threat detection issue correlating suspicious activity on the container with privilege escalation attempts on the container and in the cloud

We're thrilled to build on the momentum of the GA by extending these capabilities to modern Linux workloads running on cloud virtual machines, with a public preview coming later this year. 

Runtime validation that log4j is in use with full context on where the vulnerability was validated for risk prioritization

Many customers that have already deployed the Wiz Runtime Sensor in their production environments have told us how important it is to have a comprehensive platform that allows them to drive their entire cloud security strategy. This includes a full defense-in-depth approach that covers both proactively removing risk before it can be exploited and stopping threats as a last line of defense. We’ve seen established enterprises like Dexcom and Doubleverify simplify their operations through tool consolidation and streamlining of security workflows. We’ve also seen organizations avoid the complexity of multiple tools and processes in order to scale their businesses. One such visionary company is RelationalAI. 

Wiz's agentless solution provides us broad coverage of our environment and the Wiz Sensor adds deep coverage quickly. This enables us to launch and rapidly scale mission-critical products that drive our business growth with a complete cloud security platform that frees up our security team to focus on strategic initiatives.

E Siu, CISO, RelationalAI

Ready to start your runtime cloud threat protection journey with Wiz? See a live demo or register for our October 11 webinar on how to use the Sensor for rapid detection and response on your cloud-native workloads with our Research and Product Management leads. If you’re already a Wiz customer, get started today by visiting the Wiz docs (login required). 

Continue reading

Get a personalized demo

Ready to see Wiz in action?

“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Greg PoniatowskiHead of Threat and Vulnerability Management