Wiz Cloud Security Platform - Full Video Demo

SHI International Corp.
28 Jun 202410:13

Summary

TLDRWhiz, a cloud security platform, empowers organizations to simplify their cloud journey by addressing security challenges with an intuitive interface built on a security graph. It offers deep visibility into cloud environments through configuration and workload analysis, identifying vulnerabilities and their actual risk with context. Whiz supports various cloud platforms, providing real-time event monitoring, custom controls, and smart remediation. Its projects and workflows foster collaboration between security and development teams, democratizing cloud security and making Whiz a standout choice for cloud protection.

Takeaways

  • 🛡️ Wiz is a cloud security platform trusted by over 30% of the Fortune 100 companies to protect their cloud infrastructure and simplify their cloud journey.
  • 🌐 Wiz addresses cloud security challenges with a context-aware approach, providing a simple and intuitive user interface built on a security graph.
  • 🔍 The platform offers a comprehensive view of actual risk by combining context such as workload, cloud configuration, network exposure, identity, and business teams with vulnerability data.
  • 🌐 Wiz connects to cloud APIs and supports various virtualized compute platforms like AWS, Azure, GCP, Alibaba Cloud, Oracle Cloud, and more, with an agentless connection for deeper visibility.
  • 📈 Wiz uses a combination of configuration analysis, image scans, and snapshot scanning to provide an in-depth analysis of cloud resources without the need for agents.
  • 🗺️ The Wiz security graph is a model of cloud architecture that maps interconnections between cloud resources and layers traditional scanning results onto the graph for a clear view of risk.
  • 🔑 Wiz identifies critical risks and provides context to understand the impact, prioritizing issues and suggesting smart remediation steps for resolution.
  • 👥 Wiz supports role-based access control and projects to segment the cloud environment, enabling teams to manage their part of the infrastructure autonomously.
  • 📊 The platform offers automated executive reports and real-time monitoring of cloud events for suspicious activities, enhancing security and compliance.
  • 🛠️ Wiz integrates with CI/CD pipelines, allowing security assessments during deployment by scanning infrastructure code, templates, container images, and VM images.
  • 💻 Wiz's user interface has been described by clients as one of the best they have ever seen for a security product, contributing to its fast growth and adoption.

Q & A

  • What is the primary function of Wiz?

    -Wiz is a cloud security platform designed to address the security challenges of the cloud, providing a comprehensive view of actual risk with context, served in a simple and intuitive user interface built on the way security graph.

  • How does Wiz enhance the understanding of a vulnerability's risk to an organization?

    -Wiz enhances the understanding of a vulnerability's risk by adding workload context, cloud context, and business context, which helps determine the actual risk to the organization, including why it's important and which team is responsible.

  • What is the significance of the 'context' in Wiz's approach to security?

    -The 'context' in Wiz's approach is significant because it provides a more actionable and complete view of the actual risk by considering factors such as inventory, exposed secrets, resource configuration, network exposure, identity, and business teams.

  • Which cloud platforms does Wiz support?

    -Wiz supports a wide range of virtualized compute platforms including AWS, Azure, GCP, Alibaba Cloud, Oracle Cloud, and more, through an agentless connection via simple API connections.

  • How does Wiz's snapshot scanning differ from traditional scanning methods?

    -Snapshot scanning is a cloud-native approach that allows Wiz to analyze a snapshot of the disk without installing any agents, providing deeper visibility into what's running on cloud resources without the need for traditional agents.

  • What is the role of the Wiz graph database in the platform?

    -The Wiz graph database serves as a model of the user's cloud architecture, mapping the interconnections between all cloud resources, and layering the results of traditional scanning and cloud risk engine analysis to provide a clear view of risks and their impact.

  • How does Wiz prioritize risks for users?

    -Wiz prioritizes risks by using the security graph to surface toxic combinations and attack paths, allowing for powerful prioritization based on the context and impact of the risks identified.

  • What are 'controls' in the context of Wiz, and how do they work?

    -Controls in Wiz are mechanisms that generate issues or alerts whenever certain conditions are met, such as a resource being exposed to the internet with sensitive data access. They can be customized and are part of Wiz's out-of-the-box compliance standards.

  • How does Wiz assist with compliance and regulatory standards?

    -Wiz comes with hundreds of out-of-the-box controls that meet compliance standards like CIS, GDPR, HIPAA, and more than 100 other compliance frameworks, providing automated executive reports for busy executives.

  • What is the purpose of the 'events explorer' feature in Wiz?

    -The events explorer feature in Wiz monitors cloud events and potentially harmful changes in real-time, allowing for the detection of suspicious events and providing powerful tools for investigation with the context of the security graph.

  • How does Wiz facilitate the integration of security into the development process?

    -Wiz facilitates integration into the development process by allowing for the embedding of security practices within projects, enabling role-based access and project-level actions that connect to specific communication channels, promoting autonomous risk mitigation by development teams.

Outlines

00:00

🛡️ Cloud Security Platform Overview

The first paragraph introduces Whiz, a cloud security platform trusted by over 30% of Fortune 100 companies. Whiz addresses security challenges with a simple, intuitive user interface built on a security graph. The platform provides context-aware vulnerability assessments by considering workload, cloud, and business context. It connects to cloud APIs and uses a combination of configuration analysis, image scans, and snapshot scanning without the need for agents. The Whiz platform offers a full inventory of cloud environments, mapping resources and interconnections on the Wiz graph database, which layers traditional scanning results and advanced risk analysis to provide a comprehensive view of cloud architecture and potential security threats.

05:01

🔍 Advanced Risk Analysis and Issue Resolution

The second paragraph delves into Whiz's advanced risk analysis capabilities, emphasizing the importance of context in accurately identifying and prioritizing security issues. Whiz uses the security graph to understand the impact of exposed secrets and suggests smart remediation strategies, such as right-sizing unused permissions based on actual usage. The platform automates resolutions and workflows, integrating with development tools like JIRA and enabling real-time monitoring of cloud events for suspicious activities. Whiz also supports projects to segment cloud environments and assign role-based access, fostering a collaborative approach between security and development teams and promoting the democratization of cloud security.

10:02

📅 Scheduling a Demo with Whiz

The final paragraph is a call to action, inviting interested parties to schedule a full demo of Whiz to explore its capabilities further. It highlights Whiz's all-inclusive approach and standout user interface, which have contributed to its rapid growth and selection by forward-thinking companies as a unified platform for cloud protection. The paragraph also hints at additional features such as container security, cloud event detection, and active threat monitoring, encouraging potential users to learn more about how Whiz can enhance their cloud protection.

Mindmap

Keywords

💡Cloud Security Platform

A cloud security platform is a suite of tools designed to protect cloud-based environments and data from cyber threats. In the context of the video, the platform 'whiz' is described as a cloud security platform that addresses the security challenges of cloud environments. It is trusted by over 30% of the Fortune 100 companies to protect their cloud and simplify their cloud journey.

💡Context-Served Security

Context-served security refers to the practice of evaluating security threats not in isolation but within the context of the environment in which they exist. The video explains that examining a vulnerability in isolation, such as a CVE (Common Vulnerabilities and Exposures), is not enough. It must be considered with workload context, cloud context, and business context to understand the actual risk to the organization.

💡Security Graph

A security graph is a model that maps the interconnections between cloud resources, providing a comprehensive view of the cloud architecture. In the video, the Wiz graph database is mentioned as a tool that layers traditional scanning results for vulnerabilities, misconfigurations, and other risks onto the graph, enabling a clear view of potential attack paths and risk prioritization.

💡Configuration Layer

The configuration layer refers to the settings and parameters that define how cloud resources are set up and operate. The video discusses how Wiz first analyzes the configuration layer of cloud environments, which is crucial for understanding the foundational security posture before moving on to analyze what's running on the cloud resources.

💡Workload Layer

The workload layer pertains to the applications, processes, and services running on cloud resources. The video explains that Wiz uses snapshot scanning, a cloud-native approach, to analyze the workload layer without installing agents, providing visibility into what's running on cloud resources.

💡Cloud Risk Engine

A cloud risk engine is a component of a security platform that assesses and prioritizes risks within a cloud environment. The video describes how Wiz utilizes a cloud risk engine to understand advanced risks such as external exposure, excessive permissions, and sensitive data analysis, enhancing the accuracy of risk assessments.

💡Custom Controls

Custom controls are user-defined rules or policies that can be set up to generate alerts or take actions when specific conditions are met. The video demonstrates creating a new custom control in Wiz that alerts whenever a certain toxic combination of vulnerabilities and exposures is detected, illustrating the platform's flexibility and proactive approach to security.

💡Compliance Frameworks

Compliance frameworks are sets of standards, policies, and procedures that organizations follow to ensure they meet regulatory requirements. The video mentions that Wiz comes with controls to meet compliance standards like CIS, GDPR, HIPAA, and more than 100 other frameworks, highlighting its comprehensive approach to security that includes regulatory adherence.

💡Smart Remediation

Smart remediation refers to the process of automatically suggesting or implementing fixes for security issues based on an analysis of their context and impact. The video explains how Wiz suggests smart remediation for issues, such as right-sizing unused permissions, to help organizations address security vulnerabilities without disrupting operations.

💡Projects Workflow

A projects workflow is a system that organizes and manages tasks and resources within a project. In the video, Wiz's projects feature is described as a way to segment the cloud environment and assign role-based access, fostering collaboration and autonomy among development teams while maintaining security standards.

💡CICD Pipeline

A CICD (Continuous Integration and Continuous Deployment) pipeline is a development practice where code changes are automatically built, tested, and prepared for deployment. The video suggests that Wiz can integrate with CICD pipelines to shift security efforts earlier in the development process, ensuring that security is baked into the deployment of cloud environments.

Highlights

Wiz is a cloud security platform trusted by over 30% of the Fortune 100 companies.

The platform simplifies cloud journey by addressing security challenges.

Wiz provides a simple, intuitive user interface built on a security graph.

Context is key in understanding the actual risk to an organization from a vulnerability.

Wiz adds workload context, cloud context, and business context to vulnerabilities for better risk assessment.

The platform connects to cloud APIs of various virtualized compute platforms like AWS, Azure, and GCP.

Wiz uses an agentless approach for deeper visibility within minutes.

Snapshot scanning is a cloud-native method for analyzing workloads without installing agents.

Wiz provides a full inventory of the cloud environment, including services and what's running on them.

The Wiz graph database maps interconnections between cloud resources for a comprehensive view.

Wiz layers traditional scanning results onto the graph to identify vulnerabilities and misconfigurations.

The cloud risk engine understands advanced risks like external exposure and excessive permissions.

Wiz allows querying the security graph for anything running in the cloud.

Network exposure analysis goes beyond public IP checks to analyze full network layers.

Wiz creates custom controls to generate alerts for specific conditions, like a machine listening on an HTTP port.

Wiz comes with hundreds of out-of-the-box controls to meet compliance standards like CIS, GDPR, and HIPAA.

Automated executive reports are available for busy executives to understand detected risks.

Wiz issues provide a prioritized view of critical risks with context for easy resolution.

Smart remediation suggestions help in addressing issues without affecting ongoing activities.

Automations and workflows can be set up for issue resolution, such as opening tickets in JIRA.

The Events Explorer monitors cloud events and changes in real time for suspicious activity detection.

Projects in Wiz allow segmenting the cloud environment and assigning role-based access.

Wiz can integrate into the CI/CD pipeline, shifting security efforts to the left.

Wiz extends policies to assess infrastructure code, container images, and VM images during deployment.

Wiz is the fastest-growing software company, offering a unified platform for cloud protection.

The platform's all-inclusive approach and user-friendly UI are praised by clients.

Wiz offers more features like container security, cloud event detection, and active attack monitoring.

For a full demo and to learn more about Wiz, visit their website.

Transcripts

play00:00

[Music]

play00:05

hi my name is RZ hburg I'm the BP of

play00:07

product strategy here at twiz my name is

play00:09

zon ctia I'm a co-founder and VP of

play00:12

product here at twiz and I would like to

play00:14

introduce you to our platform more than

play00:16

30% of the Fortune 100 companies trust

play00:19

whiz to protect their cloud and simplify

play00:21

their Cloud Journey whiz is a cloud

play00:23

security platform built to address the

play00:26

security challenges of cloud more than

play00:28

anything it means presidented context

play00:31

served in a simple intuitive user

play00:33

interface built on the way security

play00:35

graph let's see what we mean by context

play00:38

take a look at this vulnerability on a

play00:40

VM examining just that cve is not enough

play00:43

it doesn't really tell us what the

play00:45

actual risk to the organization is but

play00:48

once we add the workload context like

play00:50

inventory exposed Secrets once we add

play00:52

the cloud context like the resource

play00:54

configuration Network exposure identity

play00:57

and business context like T environments

play01:01

the business teams we can see that not

play01:03

only are we exposed to a vulnerability

play01:05

but we can see why it's important

play01:07

because this resource can be accessed

play01:09

from the internet and it has access to

play01:12

sensitive data and production we also

play01:15

know which team deployed it so we know

play01:17

which team owns the alert this is much

play01:20

more actionable a complete view of

play01:22

actual risk we know what's important and

play01:25

we know why now let's take a closer look

play01:27

at how this works wh connects to the the

play01:30

cloud apis we support almost any

play01:32

virtualized compute platform out there

play01:34

AWS Azure gcp Alibaba Cloud Oracle Cloud

play01:38

c8s beware and more it's just an

play01:41

agentless connection simple API

play01:42

connection but when that gets Insight

play01:45

you usually need agents for we first

play01:48

analyze the configuration layer but then

play01:51

we also use servol as scans image scans

play01:54

and snapshot scanning snapshot scanning

play01:57

is a cloud native approach to scanning

play01:59

work

play02:00

it allows us to analyze a snapshot of

play02:02

the dis without installing any agents

play02:05

and this allows whz to analyze the

play02:06

workload layer what's running on your

play02:08

Cloud resources the combination of the

play02:11

configuration layer and workload layer

play02:13

allows for deeper visibility within

play02:17

minutes the first thing that you see in

play02:19

whiz is a full inventory of your Cloud

play02:22

environment that includes of course all

play02:24

of the cloud services like serverless

play02:26

functions buckets and virtual machines

play02:28

but it also shows you what's actually

play02:30

running on them like operating systems

play02:33

databases your resources are then mapped

play02:35

on the wi security graph Database The

play02:38

Wiz graph database is a model of your

play02:40

Cloud architecture that Maps the

play02:42

interconnections between any and all of

play02:45

your Cloud resources then we layer the

play02:48

results of our traditional scanning for

play02:50

vulnerabilities missing patches

play02:53

misconfigurations onto the graph and we

play02:55

utilize a cloud risk engine that

play02:58

understands Advanced risks such as

play03:00

external exposure excessive permissions

play03:03

exposed Secrets sensitive data analysis

play03:06

and lateral movement Pats the security

play03:09

graph connects all of these dots

play03:12

together to a crystal clear view that

play03:14

can Surface toxic combinations and

play03:16

attack paths which allows a powerful

play03:19

prioritization of risk you can query the

play03:22

security graph directly for anything

play03:24

that runs in your cloud and you can

play03:25

always switch to a table view for

play03:28

example query for every virtual machine

play03:31

hosting a database that is also

play03:33

unpatched we can also look for a

play03:36

specific severity or type of

play03:37

vulnerability and see if whiz identified

play03:40

some sensitive information on that

play03:42

specific D adding Network exposure adds

play03:45

even more context the security graph

play03:48

makes whiz accurate look at the network

play03:50

exposure analysis as an example it's not

play03:53

just a shallow check for a public IP we

play03:56

actually analyze the full Network layers

play03:59

including the security groups the

play04:00

routing Gres Etc then we even run an

play04:03

external scanner that validates the

play04:05

exposure from the outside and shows you

play04:07

that outside view now you can add a

play04:10

filter validating that this machine is

play04:13

actively listening on an HTTP Port

play04:16

whoops that's a true life toxic

play04:18

combination found through the security

play04:20

graph let's go ahead and create a new

play04:22

control to generate an issue whenever

play04:25

something like this happens

play04:28

[Music]

play04:31

we've just created a new custom control

play04:33

that will alert you every time this

play04:35

happens of course whiz comes with

play04:37

hundreds outof the Box controls with

play04:39

controls to meet compliance standards

play04:40

like CIS gdpr Hippa and more than 100

play04:44

other compliance Frameworks you can even

play04:47

get automated executive reports that are

play04:49

neatly packed and ready for busy

play04:50

Executives for every risk detected whiz

play04:53

creates an issue issues are a single

play04:56

prioritized view of the critical risks

play04:58

that require your attention and since wh

play05:01

always spotlights the context you'll be

play05:03

able to easily see what causes an issue

play05:06

and what needs to happen for it to be

play05:08

resolved context allows for accuracy and

play05:12

accuracy saves you time for example this

play05:15

issue is critical because whiz detected

play05:18

a public and vulnerable resource which

play05:20

has an unencrypted Cloud key left on the

play05:23

disk that key allows a lateral movement

play05:26

to another Cloud environment with admin

play05:28

privileges this again shows the power of

play05:31

the security graph a regular secret

play05:33

scanner will send inent alerts about

play05:35

exposed secrets you need to clean but

play05:38

where do I start which one of them is

play05:40

actually important using the security

play05:42

graph whiz understands the impact it

play05:45

analyzes which Secrets can allow

play05:47

something like a role that's an admin

play05:49

and can allow to achieve cross account

play05:52

lateral movement and only then Market is

play05:55

a critical thanks to full visibility and

play05:58

context when whiz says it's critical it

play06:01

actually is whiz also suggests smart

play06:04

remediation for issues for example we

play06:07

will suggest how to right siize unused

play06:09

permissions which will show you if a

play06:11

role or user has excessive access based

play06:13

on analyzing its actual usage so we can

play06:16

now right siiz permissions without

play06:18

hurting any activities because we can

play06:20

recognize excessive permissions that

play06:22

were never used and cancel

play06:24

them you can also automate resolutions

play06:27

and workflows every time I have this

play06:30

issue do one of the Dozen actions that

play06:32

are available out of the box or Auto

play06:34

immediate for example when this happens

play06:37

whiz can open a ticket in the dev's team

play06:38

preferred platform like jir once the

play06:41

issue is resolved whiz will go ahead and

play06:43

close a ticket to keep things tidy and

play06:45

respect the developer's attention now

play06:47

let's head over to the events Explorer

play06:49

where whiz monitors Cloud events and

play06:51

potentially harmful changes in real time

play06:53

we can see for example who created a

play06:56

specific resource what did they access

play06:58

and so on this allows real-time

play07:00

detection of suspicious events and also

play07:03

gives you powerful tools for

play07:04

investigation and with the security

play07:06

graph context this is so much more

play07:09

powerful than just using a silo seam

play07:11

tool because it shows you the events

play07:13

alongside with a cloud context now that

play07:16

we have a clear prioritized view of true

play07:18

risk we can start building that

play07:20

effective Cloud security program using

play07:22

projects projects let you segment your

play07:25

Cloud environment based on different

play07:27

accounts subscriptions tags res resource

play07:29

groups commun clusters name spaces Etc

play07:33

they basically allow you to group

play07:34

Resources by business logic and assign

play07:37

role-based access to them accordingly so

play07:39

that Dev teams can get direct access

play07:42

using SSO to their part of the

play07:45

infrastructure with projects when you

play07:47

log in in security you can see

play07:49

everything but when the dev teams log in

play07:52

they only see how they're impacted

play07:59

and let's say one of the teams uses

play08:01

slack they can perform project level

play08:04

actions that will connect to their

play08:06

specific slack Channel and manage the

play08:08

issues without having to utilize

play08:10

security team resources in the process

play08:12

by embedding this approach teams

play08:15

understand their risks and are motivated

play08:17

to mitigate them autonomously instead of

play08:20

the security teams chasing them this

play08:22

allows us to really democratize and

play08:25

operationalize Cloud security which

play08:28

builds a strong Bridge of trust between

play08:30

the security program and the development

play08:32

teams and when you finally have trust

play08:35

with the teams you can then integrate

play08:37

Wiz your cicd pipeline and truly shift

play08:39

security efforts even further to the

play08:41

left whiz will extend the same policies

play08:44

used to monetary running Cloud

play08:45

environments and assess them during

play08:47

deployment by scanning infrastructure

play08:49

code templates container images and VM

play08:52

images failing deployments that do not

play08:55

match your security Baseline okay we've

play08:58

covered four major pillar of Wiz

play09:00

seamless integration to everything all

play09:02

environments all layers the security

play09:04

graph that gives you context and lets

play09:06

you drill down to investigate the

play09:08

inventory with full visibility across

play09:10

all Cloud layers and the Project's

play09:13

workflow that builds trust between

play09:15

security and development teams and

play09:17

enabled Cloud process these are only few

play09:19

of the things that made some of the

play09:21

world's most Forward Thinking companies

play09:23

choose whiz as a unified platform of

play09:25

cloud protection making whiz the fastest

play09:28

growing software company ever

play09:30

it's that powerful outof thebox

play09:32

all-inclusive approach built into what

play09:34

some of our clients described as the

play09:36

best UI they have ever seen for a

play09:38

security product that makes whiz stand

play09:40

out there is so much more about whiz

play09:43

that we want to show you we didn't even

play09:45

touch on our container security

play09:47

capabilities Cloud event detections and

play09:49

much more or the way our research teams

play09:52

monitor active attacks to surface how

play09:54

the most important threats right now may

play09:56

impact your infrastructure if you're

play09:58

interested in learning more asking

play10:00

questions and see what whz can do for

play10:01

your Cloud protection go to wiiz i/d

play10:04

demo to schedule a full demo

play10:08

[Music]

浏览更多相关视频

EP03- Arista software Overview

Who Touched My GCP Project? Understanding the Principal Part in Cloud Audit Logs - Gabriel Fried

Cloud Security is the FUTURE! - Here's Why

CompTIA Security+ SY0-701 Course - 4.1 Apply Common Security Techniques to Computing Resources

Cloud Networking Overview (Using AWS as reference)

Cloud Computing Architecture Explained in Hindi

Rate This

5.0 / 5 (0 votes)

Summary
Outlines
Mindmap
Keywords
Highlights
Transcripts
相关标签
Cloud SecurityFortune 100Security GraphRisk ManagementCompliance StandardsAutomated AlertsVulnerability ScanCloud APIsContextual AnalysisDevOps IntegrationReal-Time Monitoring
您是否需要英文摘要?