Cloud App Development, Cloud Security, Cloud Deployment Models

New Wiz Runtime Sensor Pioneers a Unified Approach to Cloud Security

New Wiz Runtime Sensor Pioneers a Unified Approach to Cloud Security

Wiz, the leading cloud security platform, today announced the public preview for the Wiz Runtime Sensor, which helps organizations further protect cloud workloads by detecting and responding to potential threats in real-time. The Runtime Sensor deepens the value of Wiz’s top-ranked Cloud Native Application Protection Platform (CNAPP) by eliminating blind spots and siloes to provide better visibility, risk assessment and protection.

To best secure cloud environments, security teams need to both proactively remove exploitable attack paths into their cloud and have a last line of defense in the event of an incident. By extending its platform with the Wiz Runtime Sensor, Wiz gives organizations a way to do this without having to rely on multiple, fragmented tools. Furthermore, organizations that rely exclusively on an agent-based workload protection approach leave as many as 80% of workloads unprotected with undiscovered vulnerabilities and attack paths, according to Wiz research1. The new Runtime Sensor extends Wiz��s existing agentless visibility with agent-based real-time detection, for the best of both worlds.

"We promised the board world-class Cloud Security Posture Management and real time threat detections,” said Joel Bork, CISO at DoubleVerify. “Between what Wiz already brought to the table with agentless visibility, risk assessment and the rollout of the new Sensor, Wiz exceeds that promise and delivers additional forensics features as well. After months of robust review, it is by far the best offering on the market and enables us to drive our hybrid and multi-cloud security strategy from a single platform."

“Wiz enables us to combine the reactive and proactive aspects of cloud security in a single source of truth,” said Joel Cardella, Director, Cybersecurity Engineering at Dexcom. “We rely on the visibility that Wiz provides to surface the unknowns and provide actionable signals from noise. With the Wiz Runtime Sensor, we are adding active, real-time telemetry that gives my team intelligent insight to drive better actions. Dexcom has a strategic goal of pushing hard and fast to scale our business. By leveraging Wiz, we can support and accelerate our cloud transformation without doubling the security team. My team is more efficient and able to focus on strategic work. Wiz simplifies our security challenges and will allow us to more than double our cloud environment over the coming years without scaling complexity.”

The Wiz Runtime Sensor is a lightweight eBPF-based agent that can be deployed within Kubernetes clusters. It provides real-time visibility into cloud-native environments, full detection and threat mapping, enhanced remediation and prioritization, and helps organizations chase down the threats that matter to minimize disruptions to the business. Key benefits include:

  • Real-time monitoring and detection of threats and malicious behavior: Wiz detects known and unknown threats including remote code execution, malware, cryptomining and other forms of resource theft, lateral movement or worms, rootkits seeking persistence or privilege escalation and container escape.
  • Full end-to-end visibility into attacks for faster, more efficient response: Wiz extends its Cloud Detection & Response capabilities by correlating threats across real-time signals, cloud activit, and audit logs in a unified, contextual view to uncover attacker movement within a cloud environment so cloud defenders can rapidly respond to limit the impact of a potential incident.
  • Extended attack path analysis for better risk prioritization: Enriches Wiz’s agentless vulnerability assessment using runtime workload signals to identify vulnerabilities affecting active packages that are being used by the workload, so security teams can focus remediation efforts on vulnerable active packages.
  • Out-of-the-box detections to ensure readiness for the latest attacks: The Wiz Threat Research team constantly adds coverage for the latest cloud and Kubernetes attacks seen in the wild. The Wiz detection engine is updated with heuristics-based rulesets that provide transparent and consistent detections, including complex detections that require correlation across cloud layers.

“Today’s launch is instrumental in our quest to simplify cloud security” said Yinon Costica, Co-Founder and VP Product, Wiz. “The Wiz Runtime Sensor expands Wiz to a ‘defense in depth’ approach, which spans prevention to real-time detection and response. We are committed to continue to innovate our CNAPP so that it supports customers across their cloud security journey, particularly as they look to consolidate and optimize value from technology investments."

Read our blog to learn more about the Wiz Runtime Sensor.

About Wiz

Wiz secures everything organizations build and run in the cloud. Founded in 2020, Wiz is the fastest-growing software company in the world, scaling from $1M to $100M ARR in 18 months. Wiz enables hundreds of organizations worldwide, including 35 percent of the Fortune 100, to rapidly identify and remove critical risks in cloud environments. Its customers include Salesforce, Slack, Mars, BMW, Avery Dennison, Priceline, Cushman & Wakefield, DocuSign, Plaid, and Agoda, among others. Wiz is backed by Sequoia, Index Ventures, Insight Partners, Salesforce, Blackstone, Advent, Greenoaks, Lightspeed and Aglaé. Visit https://www.wiz.io/ for more information.

Spotlight

Other News
Cloud Infrastructure Management

The Manufacturing Sector Experiences More Attacks in the Cloud than Any Other Industry

PR Newswire: | January 19, 2024

Netwrix, a cybersecurity vendor that makes data security easy, today revealed additional findings for the manufacturing sector from its survey of 1,610 IT and security professionals across more than 100 countries. According to the survey, 64% of companies in the manufacturing sector suffered a cyberattack during the preceding 12 months, which is similar to the finding among organizations overall (68%). However, it turned out that the manufacturing sector experiences more cloud infrastructure attacks than any other industry surveyed. Among manufacturing companies that detected an attack, 85% spotted phishing in the cloud compared to only 58% across all verticals; 43% faced user account compromise in the cloud as opposed to 27% among all industries; and 25% dealt with data theft by hackers in the cloud compared to 15% for organizations overall. "The manufacturing sector relies heavily on the cloud to work with their supply chain in real time. This makes their cloud infrastructure a lucrative target for attackers — infiltrating it enables them to move laterally and potentially compromise other linked organizations, as happened to one the world's top meat processing companies. Credential compromise or malware deployed via a phishing email is just the beginning of the attack," says Dirk Schrader, VP of Security Research at Netwrix. "The attack surface in the cloud is always expanding, so it's critical for manufacturing companies to adopt a defense-in-depth approach," adds Ilia Sotnikov, Security Strategist at Netwrix. "First, they must rigorously enforce the principle of least privilege to limit access to sensitive data, which ideally includes just-in-time access to eliminate unnecessary entry points for adversaries. They also need to gain deep visibility into when and how critical data in the cloud is being used so that IT teams can promptly spot potential threats. Finally, they need to be prepared to minimize the damage from incidents by having a comprehensive response strategy that is regularly exercised and updated." To learn more about security trends, check out the complete 2023 Hybrid Security Trends Report. About Netwrix Netwrix makes data security easy. Since 2006, Netwrix solutions have been simplifying the lives of security professionals by enabling them to identify and protect sensitive data to reduce the risk of a breach, and to detect, respond to and recover from attacks, limiting their impact. More than 13,500 organizations worldwide rely on Netwrix solutions to strengthen their security and compliance posture across all three primary attack vectors: data, identity and infrastructure.

Read More

Cloud Storage

TRG Screen Announces Acquisition of Xpansion for Reference Data Usage Management

PR Newswire: | January 25, 2024

TRG Screen, the leading provider of enterprise subscription spend and usage management software, today announced it has acquired Xpansion, the leading provider of cloud-based solutions for reference data usage monitoring in the financial services industry. The acquisition of Xpansion will further solidify TRG Screen's position as a global market leader in market data management solutions. Xpansion – established in 2013 – is focused on empowering data operations teams to proactively manage their usage, control costs and optimize data workflows. Xpansion's offerings include Xmon, Xprocess and Xplore, and provide real-time analytics, giving clients unprecedented transparency, visibility and control into their reference data usage. This deal consolidates TRG Screen's unique position as the only provider of enterprise subscription management capabilities spanning the whole spectrum of market data optimization, from spend and inventory tracking, through to usage and enquiry management, exchange reporting and compliance. "Xpansion and TRG Screen have been partners for many years. Bringing Xpansion into the TRG Screen family is a very logical next step for both companies, given our strong relationship and shared view that the industry demand for integrated usage management solutions is going to continue to grow," said TRG Screen CEO Leigh Walters. "Xpansion is an established firm with excellent customer satisfaction and retention, and highly experienced and industry respected leadership. We are very excited at the opportunities this acquisition brings." "We are thrilled to be joining TRG Screen," said Xpansion co-founder and CEO Amjad Zoghbi. "Reference data usage is one of the most complex aspects of market data management, and managing it correctly is essential to maintaining contractual compliance and ensuring clients are right-sizing their usage based on actual consumption and business need. I'm very pleased that Xpansion's customers, and team, will now be part of the best-of-breed solution with the industry's leading provider of market data management solutions." The acquisition demonstrates TRG Screen's ongoing commitment to servicing the needs of market data consumers, vendors and exchanges. Financial terms of the transaction were not disclosed. About TRG Screen TRG Screen is the leading provider of enterprise subscription management solutions. Founded in 1998, TRG Screen is uniquely differentiated by its ability to monitor both spend and usage of data and information services including market data, research, software licenses, consulting and other corporate expenses. TRG Screen's solutions provide its customers with full transparency into their vendor relationships and their subscription spend and usage, enabling them to optimize their enterprise subscriptions. TRG acquired Priory Solutions in 2016, Screen Group in 2018, Axon Financial Systems in 2019, Market Data Insights in 2020, and Jordan & Jordan's Market Data Reporting (MDR) business in 2021 and with these acquisitions is now positioned as the global market leader in the financial, legal, and professional services markets. TRG Screen's product portfolio includes subscription spend, usage, enquiry and compliance solutions. For more information visit trgscreen.com. Follow TRG Screen on LinkedIn, @TRG Screen, and on Twitter, @trgscreen. About Xpansion Xpansion delivers next-generation reference data solutions that empower financial institutions to streamline their reference data operations, reduce costs, enhance data quality, and improve data discovery. With a focus on customer satisfaction, continuous innovation and quick time to value, Xpansion is a trusted partner for financial institutions in the buy- and sell-side as well as solution providers in the industry.

Read More