Cloud infrastructure represents the biggest transformation of IT infrastructure in a generation, and that change carries significant cybersecurity implications. From the threat posed by misconfiguration to the potential for compliance violations and unauthorized remote access, the unique challenges posed by the cloud call for cybersecurity platforms developed natively for the now-dominant IT architecture.
Plus, there’s a need to address complexity and the impact on security professionals. Many companies operate in multi-cloud environments, technology teams are grappling with the complexities of building across various architectures, and the move away from centralized ownership makes visibility a big challenge for security teams.
Wiz, established just three years ago, has quickly grown to become one of the leading cloud security vendors. The company’s consolidated cloud security platform excels in providing clarity, visibility, and context, enabling users to secure their cloud environments at every layer from a single comprehensive console.
Who They Are
Founded in 2020 by Ami Luttwak, Assaf Rappaport, Roy Reznik, and Yinon Costica, Wiz is headquartered in New York, while R&D is based out of Israel. Three of the co-founders (Luttwak, Rappaport, and Reznik) previously founded the cloud access security firm Adallom, which was eventually acquired by Microsoft.
All three moved over to Microsoft, holding various positions in the company before moving on to found Wiz. Although it only launched in 2020, Wiz’s funding, growth, and customer footprint are impressive.
The company has over 700 employees, mostly based in the US, and has raised a total of $900 million in funding over five rounds, with major investments from Salesforce Ventures and Lightspeed Venture Partners.
Today, 35% of the Fortune 100 are customers. Wiz protects upwards of five million cloud workloads. Rappaport, the company’s CEO, previously held two roles at Microsoft: General Manager for Microsoft Israel R&D and General Manager of Microsoft’s Cloud Security Group. Wiz’s CTO is Co-Founder Ami Luttwak. His previous roles included CTO of Microsoft Israel R&D and CTO of Microsoft Cloud Security Group.
Jiong Liu is the Senior Director of Product Marketing at Wiz. In a discussion with Acceleration Economy, Liu explained how the company’s rapid rise is, in part, driven by the co-founders’ Microsoft experience. “They really have seen what it takes to build security, especially cloud security, at the scale of a Microsoft-sized organization,” says Liu.
What They Do
Wiz provides users with a single platform to understand the security posture of their entire cloud ecosystem. “When you think about the market Wiz is addressing, it is actually a consolidation of a lot of siloed markets: Cloud Security Posture Management (CSPM), Cloud Workload Protection Platforms (CWPP), container security infrastructure, code scanning, and so on,” explains Liu.
“All of those markets have a budget associated with them. So, in many ways, Wiz is coming into a space where there is a defined budget and there is this opportunity to really consolidate with a significantly better experience for a cloud security team.”
The Wiz platform lets customers specify, prioritize, remediate, and prevent cloud security risks. The technology scans an organization’s cloud infrastructure using an agentless architecture, connecting in minutes via API, to provide visibility into every cloud element.
Wiz prioritizes risks using deep cloud analysis. The technology searches for various threats, including misconfigurations, exposed networks, secret leaks, known vulnerabilities, malware, PII, and other sensitive data, while also providing built-in compliance scanning and identity management. The platform gives context to these threats, including attack paths, via a single view based on prioritization.
Collectively, the Wiz analysis engine includes Cloud Security Posture Management (CSPM), Kubernetes Security Posture Management (KSPM), Cloud Workload Protection (CWPP) and vulnerability management, Infrastructure-as-Code (IaC) scanning, Cloud Infrastructure Entitlement Management (CIEM), and Data Security Posture Management (DSPM).
Wiz supports a wide range of integrations including AWS, Microsoft Azure, Google Cloud, Oracle OCI, Alibaba Cloud, VMware vSphere, Red Hat OpenShift, and Kubernetes, as well as virtual machines, containers, serverless functions, and data stores. The Wiz Threat Center, driven by internal threat research and information from third-party threat intelligence, enables users to identify if a workload has been exposed to vulnerabilities.
In addition to one-click remediation, Wiz also enables remediation via automation policies. Development teams can use this feature to automatically route issues to the correct team when remediation is required.
Wiz Security Graph
“The biggest differentiator from a technology standpoint is really our security graph,” says Liu. “This is really foundational to Wiz and it’s unique. It helps to democratize security. You don’t have to be a security expert to really understand it.”
“The graph is not just a visualization, but the analysis, it’s the data layer itself,” Liu continues. “And we think it’s super critical because of the relationships in cloud security. For example, how do you know who has access to what or what resources have a public routing to the internet without mapping all of these nodes onto the graph? And that’s part of our analysis, being able to tie this all together so you can see a true attack path into your cloud.”
With the Wiz Security Graph, users can clearly see the connection between various technologies and track the pathway to where a breach might occur to proactively fix it. “In many ways, Wiz had the last mover advantage potentially in this market and seeing what was out there, all of the pain points, and our founders spent almost the first year of Wiz’s history just listening to customers and really understanding what it was that they needed out of a cloud security tool,” says Liu.
Acceleration Economy practitioner analyst and CISO Chris Hughes says Wiz has established itself as one of the strongest cloud-native security companies. “Wiz not only provides robust capabilities in an agentless fashion but also provides clear visualizations to communicate risk and integrating directly with Developer workflows to streamline security activities and insights,” he says.
Who They’ve Impacted
Wiz supports a number of large financial institutions, including Blackstone, the world’s leading alternative asset manager. As the company began to increase its investment in cloud technologies, it needed cloud-native security to support its growing cloud environment. Instead of opting for various vendors, it wanted a holistic platform that could be delivered as an agentless service.
The key areas of focus for the Blackstone security team were posture management, breach path detection, vulnerability scanning, secrets management, and container management. Wiz enabled Blackstone to consolidate numerous security capabilities, including CSPM and CWPP, that its team is able to use to find cloud-native risks across its cloud environment. In just a matter of minutes, the Blackstone team was able to deploy deep scanning resulting in immediate issue identification and pathway discovery.
“When we looked at Wiz, we were impressed that the product was not just a point solution that could identify an isolated misconfiguration in a single layer of your cloud environment, but really one that could consolidate information using their graph database across multiple layers of the cloud environment to identify where a breach path could be, or what is at risk in our environment,” says Adam Fletcher, Chief Security Officer at Blackstone, in a Wiz case study.
“Pulling that into a single user interface that’s intuitive and easy to ask questions and get answers from, that was something we felt was missing.”
Closing Thoughts
With such a wealth of experience in the founding team, Wiz had the foundations for an exceptional cloud security platform. The company focuses on consolidating cloud scanning and monitoring and provides an unprecedented level of visibility and clarity.
The agentless approach has enabled Wiz to offer a fluid experience to users, negating the requirement to deploy various agents that collect data independently and re-route it to a centralized access point. The platform consolidates every aspect of cloud security providing a layering mechanism, including business context, that is clearly captured in Wiz’s key differentiator, the Wiz Security Graph.
