Full Report
Get all the news from Las Vegas and learn about how Wiz and AWS continue to strengthen a strategic relationship to secure customers’ AWS environments.
Analysis Summary
# Main Topic
Strengthening of the strategic relationship between Wiz and AWS to enhance the security posture of customer AWS environments, highlighted during AWS re:Invent 2022 events.
## Key Points
- Wiz announced several key product integrations and partnerships with AWS services:
- Integration with **AWS Security Hub** to improve management of AWS security posture.
- Launch support as an **AWS launch partner for Amazon Security Lake**, supporting the Open Cybersecurity Schema Framework (OCSF) for data normalization.
- Expansion of partnership with **BigID** for extended visibility and control.
- AWS executives, including CEO Adam Selipsky and CISO CJ Moses, spotlighted Wiz in keynotes, emphasizing the platform's reliance on AWS (83% of global unicorns run on AWS, including Wiz).
- Wiz utilized **Amazon Neptune** (a fully managed graph database service) to facilitate graph-based security insights and contextual risk assessment for cloud protection at scale.
- Wiz was recognized as the **AWS Marketplace Partner of the Year – Startup Segment**.
## Threat Actors
No specific malicious threat actors or campaigns are detailed in the context of this relationship announcement and partnership updates. The focus is on defensive security capabilities.
## TTPs
No specific adversarial Tactics, Techniques, and Procedures (TTPs) are described; the content focuses on defensive measures and security integration strategies.
## Affected Systems
- **AWS Environments:** General focus on securing customer AWS environments.
- **AWS Security Hub:** Integration point for posture management.
- **Amazon Security Lake:** Integration point emphasizing OCSF compliance.
- **Amazon Neptune:** Internal technology utilized by Wiz for security analysis.
## Mitigations
The enhancements described serve as security mitigations applied through deep platform integration:
- Utilizing Wiz's agentless security solution for complete visibility across all AWS services.
- Leveraging Amazon Security Lake and OCSF for normalized security data aggregation from AWS and other enterprise sources.
- Employing graph-based analysis via Amazon Neptune for context-rich risk assessment.
## Conclusion
The strengthening relationship between Wiz and AWS centers on deeply embedding Wiz's security platform into core AWS services (Security Hub, Security Lake). This collaboration provides customers running on AWS, particularly high-growth startups, with advanced, integrated, and context-aware security visibility and risk assessment capabilities, leveraging industry standards like OCSF. The primary recommendation is to leverage these new integrations for streamlined procurement and comprehensive cloud security management.