Red Canary

In the face of a rapidly evolving and increasingly intricate cloud landscape, organizations must prioritize investing in robust cloud security tools and services to safeguard their critical data and applications.
 Wiz and Red Canary have teamed up to provide organizations of all sizes an end-to-end cloud security 
 solution that helps them swiftly and effectively detect and respond to cloud security incidents.

With this partnership, Wiz adds a new data source to Red Canary’s security operations platform providing their cybersecurity experts context into security risks for improved detection and response of real-time threats in the cloud. Combining Wiz’s cloud detection capabilities with Red Canary’s swift incident response, mutual customers can remediate cloud incidents with agility and precision.

Integration Benefits

• Prioritized cloud risks that RedCanary’s cybersecurity team cantriage to improve your cloud security posture

• Real time threat detection in your cloud with the context necessary to help RedCanary’s cyber security team investigate and remediate active threats

• Correlate cloud security signals with data from your endpoints,firewalls,user,and other data points to detect and respond to threats across your entire IT environment

• A single place to keep track of any open cloud risks or threats with statuses and notes being sent back to Wiz from the results of Red Canary triaging

Better Together

Wiz prioritizes and sends critical cloud security Issues to Red Canary’s security operations platform, where their team of threat hunters perform deep investigations to confirm and respond to threats. Customers who use Wiz for better management over their cloud posture can now get added context to what is happening inside of their cloud environments alongside proactive security guidance and direct support to detect and stop threats. Here’s how it works:

Wiz integrates across any cloud service provider and compute platform (VMs, containers, serverless) to identify and send security Issues that need immediate attention to Red Canary. Red Canary ingests these Issues and correlates the information with behavioral and activity data from a customer’s cloud environment.

Red Canary then adds its own context to the Wiz Issue to understand if the issue at hand needs to be fixed immediately, if any crown jewels are exposed or infiltrated, and remediation steps to resolve the issue.

Challenge

At the core of it, combining Wiz and Red Canary provides you with an end-to-end cloud security detection and response solution. For example: A publicly exposed virtual machine (VM) in your cloud environment is hosting a misconfigured Redis server to allow unauthenticated access from any IP address. This VM is at a high risk of being infected by a botnet and abused for cryptojacking.

Solution

Wiz scans your cloud and asses it for any risks, including application misconfigurations that could lead to Remote Code Execution (RCE). The identified misconfiguration becomes an Issue in Wiz with context around which virtual machine is affected, how it’s interconnected with other infrastructure, and prioritized as a critical risk when there is an attack path to the VM.

This prioritized Issue is sent to Red Canary from Wiz for the cybersecurity experts to triage. The experts immediately have the context for if the VM with this misconfiguration is publicly exposed and triage accordingly. Once the remediation process starts, the experts can correlate Wiz’s cloud security context with Red Canary’s insights from other security tools to swiftly and effectively remediate the risk.