Full Report
Whether you’re new to Wiz or early in your cloud security journey, start the year strong by turning cloud security resolutions into real impact in your first 90 days with Wiz.
Analysis Summary
# Best Practices: Cloud Security Acceleration in the First 90 Days
## Overview
These practices focus on establishing a strong foundation for cloud security maturity within the first 90 days, utilizing a platform like Wiz to gain comprehensive visibility, define clear ownership, integrate security findings into existing workflows, and foster cross-functional security collaboration. The goal is to turn initial security resolutions into quantifiable, lasting impact.
## Key Recommendations
### Immediate Actions (Day 1 - Day 30)
1. **Establish Foundational Visibility:** Deploy necessary connectors and integrations immediately to gain comprehensive, normalized security visibility across the *entire* cloud estate (including IaaS, containers, and SaaS environments).
2. **Utilize the Champion Center:** Begin actively using the platform's built-in guidance modules (e.g., the Onboarding module) to ensure early adoption follows established best practices.
3. **Gain Contextual Asset Inventory:** Ensure every asset imported is inventoried, moving beyond fragmented views to a contextualized representation of the cloud environment.
### Short-term Improvements (Day 31 - Day 60)
1. **Define Ownership with Projects:** Immediately segment the cloud estate using logical groupings (Projects) to implement Role-Based Access Control (RBAC) aligned with business unit structures.
2. **Map Business Context via Service Catalog:** Model developer-owned microservices by mapping findings to the Service Catalog, ensuring security scope aligns with organizational structure.
3. **Operationalize Findings with Workflow Integration:** Integrate security findings directly into existing team workflow tools (e.g., Jira, ServiceNow, Slack) using automated actions to mandate rapid, structured remediation rather than relying on siloed dashboards.
### Long-term Strategy (Day 61 - Day 90)
1. **Establish the "Wizard Council":** Form a cross-functional steering committee involving security, development, and infrastructure teams to govern security practices and share accountability.
2. **Drive Adoption Outside Security:** Actively onboard development teams (who constitute over 50% of successful users) by empowering them with context-specific insights relevant *only* to their scope to drive individual ownership.
3. **Implement Success Metrics:** Begin tracking quantitative adoption metrics and success indicators (e.g., movement toward "Zero Criticals") to measure resolution impact and plan next maturity steps.
## Implementation Guidance
### For Small Organizations
* **Focus on MVP Visibility:** Prioritize connecting the primary cloud accounts first to achieve baseline, end-to-end visibility rapidly.
* **Direct Remediation:** Leverage workflow integration (Wiz Actions) to push high-priority tickets directly to the small operations team or primary cloud engineer for immediate self-service remediation.
### For Medium Organizations
* **Implement Project Scoping:** Utilize Projects to divide responsibility based on functional areas or major applications, ensuring security scope aligns with existing team boundaries.
* **Formalize Cross-Functional Meetings:** Schedule the first "Wizard Council" meeting to review initial high-risk findings and agree on standardized remediation SLAs for the next quarter.
### For Large Enterprises
* **Standardize Context Mapping:** Mandate the use of the Service Catalog across all major business units to create a scalable, organizational-structure-aligned security view (RBAC).
* **Scale Empowerment:** Focus onboarding modules specifically on developer and CI/CD integration teams to ensure security knowledge and remediation authority is distributed widely, reducing security team bottlenecking.
## Configuration Examples
*(Note: Specific technical configurations were not provided in the context; however, the concept should focus on defining scope and actionability.)*
| Feature | Goal | Configuration Concept |
| :--- | :--- | :--- |
| **Projects/RBAC** | Assign Ownership | Create projects mirroring established organizational boundaries (e.g., `Project: Finance Infrastructure`, `Project: Mobile Backend Service`). |
| **Wiz Actions** | Automated Remediation | Configure a rule flow to automatically generate a high-priority ticket in Jira for any new critical finding associated with a workload lacking defined ownership. |
| **Service Catalog** | Contextual Mapping | Map assets discovered via API/runtime evidence to the logical microservice name provided by the development team documentation. |
## Compliance Alignment
While specific compliance artifacts are not detailed, the focus on visibility, structured access control, and standardized risk remediation aligns with foundational principles of:
* **NIST Cybersecurity Framework (CSF):** Especially in the **Identify** (Asset Management, Risk Assessment) and **Respond** (Incident Response based on integrated finding data) functions.
* **CIS Benchmarks:** By enforcing correct configurations via rapid feedback loops provided by the platform's vulnerability assessment capabilities.
* **ISO 27001:** By establishing documented organizational structure for security responsibility (Projects/RBAC) and implementing formal security processes (Workflow Integration).
## Common Pitfalls to Avoid
* **Treating Security in Silos:** Do not allow security findings to remain solely on a security dashboard; immediate integration into engineering workflows is essential for actionability.
* **Delaying Ownership Definition:** Failure to immediately map environments using Projects and Service Catalog will lead to "security ambiguity" where teams don't know who is responsible for remediation.
* **Relying on Old Methods:** Avoid tracking remediation efforts manually in spreadsheets; leverage automated actions to ensure findings keep pace with cloud velocity.
* **Ignoring Development Teams:** Success hinges on shifting security left; overlooking developer adoption will limit scalability and remediation speed.
## Resources
* Wiz Champion Center (Primary onboarding and guidance tool)
* Wiz Connectors and Integrations documentation (For achieving complete visibility)
* Wiz Academy module on Role-Based Access Control (RBAC) (For defining ownership)
* Documentation on Wiz Actions (For implementing operational integration with workflow systems)