Full Report
Empowering every cloud security stakeholder by eliminating barriers.
Analysis Summary
# Main Topic
Empowering every cloud security stakeholder by eliminating barriers to access and use of security tools, primarily focusing on digital accessibility and language support within cloud security platforms.
## Key Points
- The core objective is to democratize cloud security by making solutions inherently accessible to all stakeholders, regardless of background, language, or ability.
- Digital accessibility is framed not just as a legal or business requirement, but as a moral imperative to ensure all users, including those with disabilities (vision, hearing, motor skills, learning, etc.), can perform critical security tasks.
- The report notes that only 3.2% of the world’s top 1 million website homepages comply with WCAG 2.1 Level AA standards, highlighting a significant gap in digital accessibility across the web.
- Accessibility must be integral to design and engineering processes, addressing diverse needs such as color perception, motor skills, and hearing.
## Threat Actors
- Not applicable. This document focuses on product development and accessibility standards, not malicious threat actors or campaigns.
## TTPs
- Not applicable. The focus is on adhering to accessibility standards (WCAG) rather than malicious attack techniques.
- **Standard Compliance Target:** WCAG 2.2AA.
- **Design Focus:** Incorporating aids and adaptations into the platform interface.
## Affected Systems
- Cloud Security Platform Interface/Tools (e.g., the Wiz platform itself).
- General reliance on web standards, with specific mention of WCAG compliance.
## Mitigations
- **Design Integration:** Accessibility must be integral to design and engineering processes from the start.
- **Standard Adherence:** Commit to continually striving for compliance with WCAG 2.2AA standards.
- **Inclusivity Support:** Build features supporting multiple accessibility challenges (color perception, hearing, vision, motor skills).
- **Localization:** Added support for French, German, Spanish, Portuguese, and Japanese languages to remove language barriers.
## Conclusion
The reported effort represents a proactive security measure focused on usability and inclusion, ensuring that the entire security ecosystem—including stakeholders with accessibility challenges or language barriers—can effectively contribute. By adopting rigorous accessibility standards (WCAG 2.2AA) and expanding language support, the organization aims to fully democratize cloud security access, thereby strengthening collective security posture by leveraging all available expertise.