The cloud-native application protection platform (CNAPP) market continues to grow quickly, especially considering the term was first coined only a few years ago. CNAPPs provide visibility, security and compliance checks throughout the entire software development lifecycle (SDLC), which fosters great collaboration between security teams and development teams, something that is very important when securing a cloud-native application. Security teams can finally see all that is being created in a cloud environment, and work with developers to address the highest priority risks first. 

To be considered a CNAPP, a tool should possess many capabilities since it merges existing solutions such as CSPM, CWPP, CIEM, and more. However, the leaders in the CNAPP market continue to add capabilities beyond what is expected of them because security considerations in a cloud environment never seem to end. 

Wiz is easily considered a leader in the CNAPP market. It has a very mature offering with capabilities that surpass the requirements of a traditional CNAPP including agent-based runtime visibility, DSPM capabilities, code repository scanning and deep integrations with many tools to help enrich their risk findings. Wiz is committed to growing their platform, adding new capabilities while maintaining the combination of effectiveness and ease of use that their existing features have always encompassed to make it a market leader. 

Some of the capabilities Wiz announced at Black Hat last week are:

  • Wiz can now detect pattern-based malware using the new Malware Analysis Engine. This is added to their existing ability to detect hash-based malware, expanding the possibility of discovering malware and using that found information to better enrich the overall risk assessment of your cloud resources.
  • A new connector has been added to Wiz's portfolio, this one allowing you to view your Azure DevOps architecture and risks. Wiz will scan code repositories in Azure DevOps and the results of the found architecture will be visible on the Security Graph.
  • A deeper integration with Okta has been released where Wiz can analyze effective access and permissions from Okta, allowing you to see the actual access that identities have to resources in the cloud.
  • In a not-so-surprising turn of events, Wiz has included a new AI feature in their platform! The Security Graph can now be filtered through AI generated queries in the new feature, AI Graph Query. All you need to do is write a prompt that explains what you are looking for and AI will create the query itself.
  • Wiz has several new inclusions and improvements that they have recently added to their data security posture management (DSPM) capabilities.
    • A dashboard has been added to show only data security related widgets. Here you can find your overall data security score based on checks against a number of framework rules, which now includes a custom Wiz Data Security Framework.
    • The ability to add custom labels to data has been added to the Wiz platform to assist in data classification. Wiz will also now allow you to create Ignore Rules, where you can choose conditions under which to ignore data findings that might not be relevant to your risk score across the board.
    • Improved visibility into secrets have been added with the Secret Detection Rules page. Here you can find all the Rules Wiz provides to detect secrets throughout the SDLC, including a new capability to scan both cloud-managed and self-managed databases for secrets.
    • Extended coverage has been added to scan Amazon DocumentDB, Amazon RDS Oracle, Amazon Redshift databases, and the possibility to scan Snowflake databases from static IPs, complying with network rules that might be in place.
    • Other additions include more languages supported, new properties added to Data Inventory objects to better understand the type of data, and new Rules being added and improved around data and secrets.

Wiz's commitment to improving continues to show strength in their tool and in their credibility as a company. We have a very strong partnership with Wiz and are invested in helping our customers grow together. If you have any questions about these new updates or any other Wiz capabilities, do not hesitate to contact myself or your WWT account team. 

Technologies