Improve MTTR with Wiz’s AI-powered remediation guidance using Microsoft Azure OpenAI service

Organizations can now improve their mean time to remediate (MTTR) with AI-generated remediation steps.

3 minutes read

Generative AI has been a powerful catalyst for organizations, helping them automate and improve efficiency for tasks previously done manually. We recently released a blog about one of these use cases, discussing the numerous benefits of using AI in security organizations (such as helping scale security teams through enhanced efficiency, and improving the process of upskilling teams).  

Today, we are excited to announce a new AI-powered Wiz feature: AI-generated remediation guidance. This feature helps customers improve their mean time to remediate using the power of GenAI. With this launch, we're enhancing the remediation workflows for our attack path analysis by leveraging Azure OpenAI Service’s GenAI models. Azure OpenAI Service is a collaboration between Microsoft Azure and OpenAI, providing a cloud-based platform that enables developers and data scientists to build and deploy generative AI models quickly and easily with a set of prebuilt models. With Azure OpenAI Service, data scientists can accelerate the development of generative AI applications and create innovative solutions. Wiz is excited to innovate with Azure OpenAI Service to further simplify security for our customers.

Attack path analysis 

To get the best remediation recommendations from Azure OpenAI, Wiz uses its attack path analysis, correlating risks across network exposures, vulnerabilities, misconfigurations, identities, data, secrets and malware on the Wiz Security Graph. The Wiz Security Graph combines dozens of disparate signals into a single prioritized risk assessment, so organizations can focus on the risks that matter. Wiz sends all of this context to Azure OpenAI to generate tailored and efficient remediation guidance for any attack paths found in the environment.

Introducing AI-powered remediation 

One of the main gaps in cloud security is understanding the optimal ways to resolve a detected issue, and how to implement this guidance on the platform your organization uses. Wiz’s attack path analysis has deep context into cloud environments — and now with the power of a strong LLM model, Wiz can use this context to provide enhanced remediation guidance. Customers can reduce their MTTR by generating copy-paste AI-powered remediation steps. These steps can then be copied into various tools, including CLI, Terraform, CloudFormation, Pulumi Go and Python (or the steps can be used directly in the cloud environment console).

Leveraging GenAI for generating remediation guidance reduces the time security engineers spend gaining context around a risk. AI-powered remediation guidance is not only beneficial for security teams that are improving their time to remediate, but it empowers organizations to make security more accessible to development and engineering teams that don’t have security expertise. By taking disparate sources of security risk data, correlating them for full context, and specifying what action is required, AI-generated steps simplify the complexity of specific cloud risks (i.e identities, exposures, etc.). This enables developers to quickly generate remediation steps without needing to ramp up on the security of each cloud or service used. 

At Thoughtworks, we are dedicated to maintaining technological excellence. We are excited to leverage Wiz’s AI-powered remediation steps to make our remediation processes more efficient and improve our overall mean time to remediate.

Nitin Raina, CISO, Thoughtworks

Security is Wiz’s top priority 

We understand that AI brings both opportunities and challenges, and we're dedicated to following secure design principles to ensure that Wiz’s AI features are trustworthy. Protecting our customers’ data is our top priority, and we have strict measures in place to ensure that any AI technology we use meets our and our customers’ high security and privacy standards. These include working closely with our legal and security teams, and using data minimization and redaction techniques, to share the minimum necessary amount of data to third parties powering our AI features. We are committed to complying with relevant laws and regulations that govern AI, data privacy, and ethical considerations in AI development and deployment.  

AI-powered remediation guidance helps our customers: 

  • Quickly remediate security risks with exact copy-paste steps, improving MTTR 

  • Upskill security engineers by removing the need for them to learn the security nuances of different clouds and architectures 

  • Make security accessible for other teams in the organization 

Get started now with Wiz’s AI-powered remediation guidance, learn more about it in the Wiz Docs (login required), if prefer a live demo, we would love to connect with you. 

 

Continue reading

Get a personalized demo

Ready to see Wiz in action?

“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Greg PoniatowskiHead of Threat and Vulnerability Management