Wiz Cloud Security Platform - Full Video Demo
Summary
TLDRWhiz, a cloud security platform, empowers organizations to simplify their cloud journey by addressing security challenges with an intuitive interface built on a security graph. It offers deep visibility into cloud environments through configuration and workload analysis, identifying vulnerabilities and their actual risk with context. Whiz supports various cloud platforms, providing real-time event monitoring, custom controls, and smart remediation. Its projects and workflows foster collaboration between security and development teams, democratizing cloud security and making Whiz a standout choice for cloud protection.
Takeaways
- 🛡️ Wiz is a cloud security platform trusted by over 30% of the Fortune 100 companies to protect their cloud infrastructure and simplify their cloud journey.
- 🌐 Wiz addresses cloud security challenges with a context-aware approach, providing a simple and intuitive user interface built on a security graph.
- 🔍 The platform offers a comprehensive view of actual risk by combining context such as workload, cloud configuration, network exposure, identity, and business teams with vulnerability data.
- 🌐 Wiz connects to cloud APIs and supports various virtualized compute platforms like AWS, Azure, GCP, Alibaba Cloud, Oracle Cloud, and more, with an agentless connection for deeper visibility.
- 📈 Wiz uses a combination of configuration analysis, image scans, and snapshot scanning to provide an in-depth analysis of cloud resources without the need for agents.
- 🗺️ The Wiz security graph is a model of cloud architecture that maps interconnections between cloud resources and layers traditional scanning results onto the graph for a clear view of risk.
- 🔑 Wiz identifies critical risks and provides context to understand the impact, prioritizing issues and suggesting smart remediation steps for resolution.
- 👥 Wiz supports role-based access control and projects to segment the cloud environment, enabling teams to manage their part of the infrastructure autonomously.
- 📊 The platform offers automated executive reports and real-time monitoring of cloud events for suspicious activities, enhancing security and compliance.
- 🛠️ Wiz integrates with CI/CD pipelines, allowing security assessments during deployment by scanning infrastructure code, templates, container images, and VM images.
- 💻 Wiz's user interface has been described by clients as one of the best they have ever seen for a security product, contributing to its fast growth and adoption.
Q & A
What is the primary function of Wiz?
-Wiz is a cloud security platform designed to address the security challenges of the cloud, providing a comprehensive view of actual risk with context, served in a simple and intuitive user interface built on the way security graph.
How does Wiz enhance the understanding of a vulnerability's risk to an organization?
-Wiz enhances the understanding of a vulnerability's risk by adding workload context, cloud context, and business context, which helps determine the actual risk to the organization, including why it's important and which team is responsible.
What is the significance of the 'context' in Wiz's approach to security?
-The 'context' in Wiz's approach is significant because it provides a more actionable and complete view of the actual risk by considering factors such as inventory, exposed secrets, resource configuration, network exposure, identity, and business teams.
Which cloud platforms does Wiz support?
-Wiz supports a wide range of virtualized compute platforms including AWS, Azure, GCP, Alibaba Cloud, Oracle Cloud, and more, through an agentless connection via simple API connections.
How does Wiz's snapshot scanning differ from traditional scanning methods?
-Snapshot scanning is a cloud-native approach that allows Wiz to analyze a snapshot of the disk without installing any agents, providing deeper visibility into what's running on cloud resources without the need for traditional agents.
What is the role of the Wiz graph database in the platform?
-The Wiz graph database serves as a model of the user's cloud architecture, mapping the interconnections between all cloud resources, and layering the results of traditional scanning and cloud risk engine analysis to provide a clear view of risks and their impact.
How does Wiz prioritize risks for users?
-Wiz prioritizes risks by using the security graph to surface toxic combinations and attack paths, allowing for powerful prioritization based on the context and impact of the risks identified.
What are 'controls' in the context of Wiz, and how do they work?
-Controls in Wiz are mechanisms that generate issues or alerts whenever certain conditions are met, such as a resource being exposed to the internet with sensitive data access. They can be customized and are part of Wiz's out-of-the-box compliance standards.
How does Wiz assist with compliance and regulatory standards?
-Wiz comes with hundreds of out-of-the-box controls that meet compliance standards like CIS, GDPR, HIPAA, and more than 100 other compliance frameworks, providing automated executive reports for busy executives.
What is the purpose of the 'events explorer' feature in Wiz?
-The events explorer feature in Wiz monitors cloud events and potentially harmful changes in real-time, allowing for the detection of suspicious events and providing powerful tools for investigation with the context of the security graph.
How does Wiz facilitate the integration of security into the development process?
-Wiz facilitates integration into the development process by allowing for the embedding of security practices within projects, enabling role-based access and project-level actions that connect to specific communication channels, promoting autonomous risk mitigation by development teams.
Outlines
This section is available to paid users only. Please upgrade to access this part.
Upgrade NowMindmap
This section is available to paid users only. Please upgrade to access this part.
Upgrade NowKeywords
This section is available to paid users only. Please upgrade to access this part.
Upgrade NowHighlights
This section is available to paid users only. Please upgrade to access this part.
Upgrade NowTranscripts
This section is available to paid users only. Please upgrade to access this part.
Upgrade NowBrowse More Related Video
A New Approach to Get Your Cloud Risks Under Control
Overview of the Google Cloud Security Command Center
SAFECode Basic Practices for Secure Development of Cloud Applications 101 Quiz Part 1 p2
EP03- Arista software Overview
Cloud Bigtable as a NoSQL Option
SAFECode Basic Practices for Secure Development of Cloud Applications 101 Quiz Part 2 p1
5.0 / 5 (0 votes)