Full Report
Enabling security outcomes for cloud builders and defenders, from code to cloud to defense.
Analysis Summary
# Main Topic
The core narrative focuses on enabling effective, unified security outcomes for cloud builders and defenders by evolving business processes around a centralized security platform, spanning from code and cloud posture management through to active cloud threat defense.
## Key Points
- Organizations are moving away from fragmented point solutions towards consolidated platforms to manage complexity, reduce noise, and improve context across the cloud environment.
- A true platform strategy focuses on evolving business processes and democratizing security, allowing teams beyond security (like Dev/DevOps) to use the same tools and language.
- The **Wiz Security Graph** is central to unifying data, abstracting environmental complexity, and answering critical security questions across posture management (CSPM, CIEM, Vulnerability Management).
- Security capability is expanding across the entire lifecycle: **Code/Shift Left** (SBOM, Image Trust) to **Cloud Posture** to real-time **Defense** (Cloud Detection and Response - CDR).
- The development of CDR capabilities, bolstered by the acquisition of Gem Security, aims to provide context-aware, real-time detection and stopping of active cloud attacks, moving beyond traditional workload-only focus.
## Threat Actors
- No specific named threat actors or campaigns are detailed in this context. The focus is on platform capabilities and internal organizational struggles against evolving cloud risks rather than attribution.
## TTPs
- The report implicitly addresses TTPs related to cloud-native risks where traditional tooling fails, such as:
- Misconfigurations (addressed via CSPM functionality).
- Excessive entitlements (addressed via CIEM functionality).
- Vulnerabilities within application components (addressed via SBOM/Image Trust).
- Cloud-native attacks (addressed via real-time CDR/runtime detection).
## Affected Systems
- Ephemeral, decentralized cloud environments.
- Developers and application components using cloud services (AI, new services).
- Workloads running in the cloud.
- Systems requiring runtime monitoring (specifically mentioned: Linux and Kubernetes environments).
## Mitigations
- **Platform Adoption:** Implement a unified cloud security platform that scales security programs.
- **Democratization:** Empower non-security teams (over 50% of Wiz users are Dev/DevOps) by providing an easy-to-use, unified view.
- **Code Security:** Utilize SBOM capabilities for visibility into application components and enforce Image Trust policies to control deployments.
- **Runtime Defense:** Implement born-for-cloud CDR solutions that integrate real-time sensors (Linux/Kubernetes Runtime Sensors) for detection and stopping of active attacks.
- **Outcome Focus:** Drive towards shared goals across teams to achieve and maintain zero critical issues.
## Conclusion
The market demand is shifting from managing siloed security tools to adopting integrated platforms designed specifically for the modern cloud operating model. Success hinges on providing a shared understanding (via the Security Graph) that connects code security, posture management, and real-time cloud defense, enabling rapid innovation without sacrificing security outcomes for cloud builders and defenders.