Wiz enhances real-time threat detection and response capabilities to stop threats from becoming incidents

By Amir Lande Blau, Product Management & Jiong Liu, Product Marketing

Organizations are innovating in the cloud faster than ever before. Cloud builders are racing to adopt cloud technologies from Kubernetes to GenAI to drive new efficiencies and business models. This agility though introduces new attack surfaces where it is no longer possible for a typical organization to understand and fix every risk in their cloud environment. A new cloud-native approach is required – one where cloud builders and cloud defenders can continuously monitor residual risk, identify threats with a high degree of accuracy across layers of the cloud, and take immediate action with the full infrastructure context to stop unfolding threats in their tracks. Enter the Wiz Runtime Sensor.

Since the preview early this summer, our customers have very quickly stopped unfolding threats and thwarted attackers. The sensor has detected numerous threat campaigns including Pyloose, the first publicly documented Python-based fileless attack targeting cloud workloads, and several cryptomining incidents. Customers have seen the power of a comprehensive cloud security platform that provides high-fidelity alerts on threats, a single location to investigate all of the evidence of the threat and the potential blast radius, so they can take rapid action to limit business impact.

Now, we’re excited to release the Wiz Runtime Sensor to General Availability, so more customers are able to add real-time threat detection and response to their containerized workloads. As part of this enhancement, we’re releasing a number of new capabilities to make it even simpler to operationalize a last line of defense across security and development teams:

• Greater customization: Ignore rules that enable customers to tune detections for their business and environment requirements and the ability to manage all Sensor rules in one location.
• More signals: Anomaly detections to increase the severity of alerts for novel and unexpected actions.
• Streamlined investigation: Container forensics and runtime execution data to support in-depth investigation and understanding of potential blast radius for cloud defenders, with full context of the underlying cloud infrastructure.
• Immediate response: Cloud-native response playbooks such as isolating the impacted node or removing excessive permissions to rapidly limit the impact of an unfolding threat.
• Better risk prioritization: Extending runtime validation to identify vulnerabilities affecting libraries in use by the workload with more context on where the vulnerability was validated for risk assessment.

We're thrilled to build on the momentum of the GA by extending these capabilities to modern Linux workloads running on cloud virtual machines, with a public preview coming later this year.

Many customers that have already deployed the Wiz Runtime Sensor in their production environments have told us how important it is to have a comprehensive platform that allows them to drive their entire cloud security strategy. This includes a full defense-in-depth approach that covers both proactively removing risk before it can be exploited and stopping threats as a last line of defense. We’ve also seen organizations avoid the complexity of multiple tools and processes in order to scale their businesses.

Ready to start your runtime cloud threat protection journey? Visit Wiz at booth 712 to learn more.