Name: Meet Wiz Go: The Complete Cloud Security Bundle for Lean Teams
Uploaded: 2025-08-20T16:50:13.975Z
Duration: 19 min 44 s
Description: Meet Wiz Go: The Complete Cloud Security Bundle for Lean Teams

Transcript for "Meet Wiz Go: The Complete Cloud Security Bundle for Lean Teams": Hello, everyone. Thanks for joining us for the session. We'll give it another minute for more people to join. Okay. Hello, everyone. Let's get started. So I'm Shaqed, from the product marketing team here at Wiz, and I'm excited to talk to you today about Wiz Go, which is our all in one bundle that is tailored for lean teams and SMBs. So let's get started. So first, I'll cover some background information on why we created Wiz Go, and then I'll jump into a demo in our portal to show you the different capabilities. Let's get started. So, we all know that the cloud has made development a lot more agile and continuous, and developers can now push applications through code, to pipeline, to cloud, and run time super super super quickly, a lot faster than ever was possible before. But we also know that while developers are pushing the application applications through this life cycle, attackers don't care about org structures, and they don't care that developers are writing code, within their code repositories. And then it's the security team's responsibility for securing the cloud, etcetera. But they're looking for weak points in your environment in order to reach your cloud environment. So it can be, for example, attackers looking for vulnerabilities in your code that can then lead to your cloud, and then they would look for misconfigurations or identity risk within your cloud that would allow them to move laterally and reach the crown jewels in your environment. So while attackers don't look at org structures, we still see a lot of organizations that do securities in silos, and those are vertical silos. So what do I mean by that? We see a lot of organizations that just deploy specific solution for each part of the development life cycle. So they would have code scanners and application security scanners covering their code. Then they would have specific pipeline scanners for their pipeline. They would have different cloud scanners, whether it's a c map or CSPM vulnerability management tools, covering the cloud, and they would have a whole set of scanners for the run time. Now each one of these types of scanners generates its own types of alerts, and all these alerts and findings don't have context across the pipeline. So an alert in our code environment will not have contact context around a cloud environment, or an alert related to our run time environment would not understand how that run time risk might correlate to code. So this approach, leads to security teams being overworked. So because we have all these findings with no context, it's very hard for security teams to understand what is critical. It can lead to duplicating efforts, and it can lead to them struggling to help developers prioritize real risks. And this is even more prominent with SMBs and growth, the growth set segments because a lot of times the security team is lean, might not have a lot of people, and the main goal is to a to be able to scale security across the organization and empower developers, to own the security of the resources they're building so a small security team can really keep up with the growth of cloud security. So with this challenging mind, this is what led us to create Wiz Go, and I'll talk about the Wiz approach to solving these challenges first before I cover exactly what is Wiz Go. So we address this challenge of the silent alerts and alert fatigue, by having a single platform that covers all the use cases from code to cloud to run time that uses the same unified scanning and the same policy engine across, each part of your pipeline. So, I'll start off in the middle with with cloud. This is really the core of how we started. With cloud helps organization, one, gain visibility into their cloud environment, and two, reduce most critical risks. So enabling organizations to truly prioritize which risks matter in their cloud environment. Now we also wanted to help organizations be able to shift left. So, we also launched Wiz Code, which allows organizations to scan their code repositories, IDEs, CICD pipelines to detect different risks like, vulnerabilities, sensitive data, secrets, early in the development life cycle so they can prevent those risks from ever reaching the cloud environment, helping reduce the load on the security team that's secure in the cloud. Now on the right side with with defend, it provides organizations with threat detection and response for their cloud environment. And we also have the Wiz Runtime Sensor, which can detect suspicious activity in runtime and also block it. So now each part of these, capabilities that cover different parts of your code cloud to runtime all uses the same, again, scanning and all the results from all of these are, on our risk security graph, so they all share the same context. So you can understand, for example, how a risk in your cloud environment originates from the code, how a code risk might relate to your one time environment. So with this in mind, I'm very excited to introduce the Wiz Co bundle, and it's really our complete platform bundle that's made and tailored specifically for SMBs and smaller organizations. So our goal was to be able to help, small organizations that might not have the budget in place to leverage more advanced capabilities. And, to do that, we created this bundle with which bundles capabilities across the entire platform. So what I covered now, the Wiz Co bundle includes both with cloud, with code, with defend, and with sensor for a very affordable price that, is within the budget for small organizations that are trying to mature their cloud security program. So what are the benefits of Wiz Go? So first of all first of all, it allows you to start with what matters the most. So with Wiz Cloud, you can gain that visibility, build a secure cloud foundation, ensure compliance, prioritize remediation, and make sure you have the baseline of your cloud security in place. But Wiz Go also allows you to mature your cloud security program. So if down the line, you want to start leveraging more advanced use cases like code scanning or threat detection, you have these capabilities ready for you to start leveraging as you need them. So it's really the only one without the overhead because you don't need to go through any additional procurement or anything to leverage these additional use cases. And it's really optimized for SMBs and lean teams because our goal is to help security teams scale. And in order to do that, Wiz does that greatly because it, helps developers catch those risks early on. But also in general, the Wiz platform, the goal, is to enable and empower other teams in the organization to use it, and we do it by providing a very simple to understand tool, with a very accurate, list of risk prioritization. So you can truly trust when you tell a developer to go fix something, that that risk is critical. So I'll jump into the demo now that I've covered, the high level information about what is Wiz. Okay. So I'll start off by showing, Wiz, which I mentioned, the kind of the core cloud security use case. So, the first thing that organizations do when they leverage with cloud is connect with to their cloud environment. So, we connect to whichever cloud you're using, and we do that using, the cloud provider's APIs. So we do the scanning and the visibility without any agents needed. So here you would connect to your cloud environment. And for leveraging this code, you can also connect to your version control, GitHub, GitLab, etcetera. So, once we connect the customer connect to their cloud environment or version control system, WISDOM goes ahead and scans them. In order to provide okay, in order to provide a complete inventory of everything that's running in the environment. Tidy my, the name. Okay. So on the inventory page, you will see every technology that was detected in the environment. You could see and any cloud resource, that is in your cloud environment. You could even see things like specific AI models that are running in your cloud, and you could see the the services that are running these models. So this gives you complete visibility into everything in your cloud. If you connected with code to your repositories, you could also see, the inventory of every repository that was connected to with insights to the security posture, which I'll cover in a bit. So once you have this complete visibility, the next thing that I will highlight is how with correlates different types of risks to help you prioritize. So I'll start off on this overview dashboard. So here, this gives you the all the information you need to know about your security posture. So you could see your compliance overview score and with, has a lot of built in compliance frameworks you can compare against. And then you'll see the types of risk that with the scanning. So external exposures, identities and entitlements, misconfigurations, secrets, data security, vulnerabilities, and so on. And we scan for each one of these risks, but the power of Wiz really comes in the correlation. So once we scan for all these risks, we map them all on our security graph to understand how they correlate to each other. So, what we call a risk issue represents an attack path that is a critical risk that is made out of multiple different risk factors. So I'll go into the critical issues here to, better demonstrate how this prioritizes different risks. So I'll go to this example of a risk issue here. So let's take a quick look at it. Here, we found a publicly exposed virtual machine that has vulnerabilities and data access to sensitive data. So let's first understand what are the types of risk that was correlates here. So we have unprotected data, vulnerability, unprotected principle, and external exposure. These are all the risks that are correlated on the in this attack path. And the Wiz security graph makes it very easy to understand the context. So let's start here on this virtual machine. We can see the vulnerability findings here. So first, we know we have a vulnerable machine, but this is not enough for us to know if we need to prioritize it or not. Next thing, we also know that this found that this machine is publicly exposed to the Internet, and we can even see a screenshot of, of that exposure of what the application endpoint looks like. So now we know we have a publicly exposed machine that also has vulnerabilities on it. But not only that, we can also see that the service account that's on that machine provides it provides it access with a lot of to a lot of storage buckets. But Wiz also does data scanning, so we can also see that Wiz found that there's sensitive data that sitting in that bucket. So for example, here, we've found, PII data emails in that bucket. We can even see a sample of what that looks like. So now from just having a single alert of vulnerability, we have the complete context of an attack path that could allow an attacker to reach our crown jewels through this vulnerable machine. You can also assign owners for remediating this issue, and you can connect with to whatever, ticketing systems or messaging systems you're using to notify the right owners. And you can also generate remediation guidance. So these are AI powered that, are specific to whatever remediation strategy that you would like to generate, and you would choose whatever you want to remediate and then, with with would use AI in order to generate the steps. So in the sake of time, I'll continue to, code. So let's talk about shifting left now. So once you connected with your code repositories, Wiz does does scanning to scan for things like secrets, data vulnerabilities in your code. And on the security development page, you are able to see all the insights about your code security, things like SCA vulnerabilities, secrets, ISC findings. And with the similar thing here, it correlates the risk that it finds in code to your cloud environment. So I'll go to the issues page here so we can see an example of how we've correlated information from code to the cloud environment. And this is a really good example to understand the full, code to run time context. Okay. So here in this Wiz issue, we can see that Wiz found a repository that has, a critical vulnerability that was also traced to be validated in a runtime container. So let's take a deeper look at this one here. So this is the code repository that Wiz is scanning, And you can see that, there is an ECR, so container image being created through that repository. And because Wiz is also connected to the cloud cloud environment, we can understand which container is then built in the cloud environment from this image. Through code scanning, we can see that there's, there's a vulnerability that's found in this image in our code repository. But because we have the full code to run time context and we have the run time sensor on the container that's running in our environment, we can see here that Wiz was able to validate that that vulnerability, is validated in runtime. So now it's not just a vulnerability in our code, but we know that it's actually, running in our cloud environment and it's executing in our cloud. So we know that we need to prioritize it because if an attack if an attacker finds it, they could exploit this vulnerability and reach our cloud. Here is another very cool feature for WizCloud is that it shows you the full code to cloud pipeline. So, here on the end, we can see the two vulnerabilities that were found, but we can also trace it back to the code to this code to cloud pipeline here. And we could see the repositories that are the source for those vulnerabilities. We could even see things like who is the developer that committed that code, who else was code owner in that repository. And if we go into the repository itself, So if we go into the repository itself, we could even remediate directly from Wiz to open a pull request to fix those, those CVEs. So you could choose which CVEs to fix and then open pull requests directly from Wiz. Next up, I'll highlight, the defense side of things. So I've covered WizCloud and I've covered the code code security, but now let's talk about the threat detection side of things, which is also included in Wiz Go. There's both the threat detection rules and the runtime sensor. So on the security operations page, you can see everything related to your threat detection and response, kind of security. So, here you'll see Wiz that Wiz takes in the cloud events from a cloud environment, and it also takes in the runtime sensor, activity that is found to understand what are the actual real threats in your environment. So let's take a look at high and critical threats here. So, a threat takes into account multiple different detections. So let's see an example of this threat that was found. DNS query for, known crypto mining domain. So, again, like I mentioned, a threat correlates detections to understand what is an actual critical threat that is happening and not just a single activity. So you could see the different activities that was detected. So there was a command line, the CryptoMiner command line argument that was detected, a suspected CryptoMiner download URL that was detected. And we also have taken the cloud audit logs, and we can see there is, a virtual machine that has credentials that were used outside of Azure. So this is an Azure virtual machine. And these two, these three events coming from our sensor, this one comes from comes in from the cloud logs. In the investigation graph, we can see the actual, process that happened, that executed. So we would see the virtual machine. We would understand the cloud context so we can see, what is the identity associated with it, to what storage it can access. So we have the context of the criticality of a specific threat. But now with the sensor, we can see the actual processes that executed. And you could see that here, there was the process they called the crypto, mining domain that was terminated by the runtime sensor. So with this, combining the runtime sensor with the deep cloud context, organizations truly understand what is the blast radius of a specific event in their environment. And the last thing I'll call out is the timeline here, which is another feature of, the threats, which you could see the exact types of, detections and activity that happened. In the timeline, you could see, the source of them whether they're from the sensor or from the cloud environment. And I'll wrap this up here for the demo. Let me see if there's questions. So there's a question in chat about, if the bundle price is the same regardless to the number of, users and resources it scans. So for the Wiz Go bundle, the pricing works by, by providing you a certain amount of workloads that you can leverage across, workloads in this cloud, developers that you could use for this code, specific amount of ingested data you can bring in for defend, and a certain amount of sensors that you could use up to them. So, yes, it does include a set number of different workloads. And for the pricing, the account team would be the best to help you with, exactly understanding the pricing for this goal for your environment. But thank you for the question. And if there's any other questions, I'd be happy to answer. Okay. If not, we can wrap it up. Thank you all for joining, and I'm very excited to talk to you about Wiz Go today. And thank you all.