Check out all Intelligent Security Summit on-demand sessions here.
Cloud technology has changed the data economy. Data is no longer locked away in silos and on-premises servers, but cuts across a dynamic patchwork of cloud service providers, applications, APIs and containers. An unverified vulnerability or misconfiguration in any of these components could leave critical data exposed. That’s why consolidated cloud security is now essential.
It’s a reality few organizations are prepared to face, with the average organization using six tools to secure the cloud. Several cybersecurity vendors are looking to address these challenges by offering a more consolidated approach to security in the cloud.
One such provider is Wiz, which today raised $300 million as part of a Series D funding round. Wiz provides cloud security posture management (CSPM) and a cloud-native application protection platform (CNAPP ) designed to allow security teams to monitor cloud services, APIs, and containers for vulnerabilities and misconfigurations.
The latest round of funding, led by Lightspeed Venture Partners and Greenoaks Capital Partners, raises Wiz’s valuation to $10 billion and makes it the largest cyberunicorn, highlighting the fact that investors see cloud protection as the ultimate challenge in corporate data protection.
Event
On-demand smart security meeting
Learn the critical role of AI and ML in cybersecurity and industry-specific case studies. Watch sessions on demand today.
watch here
Consolidating security in the cloud
Traditional cybersecurity approaches simply don’t work in decentralized cloud environments. Venafi research reveals that 81% of organizations have experienced a cloud-related security incident in the past 12 months, with 45% experiencing at least four incidents.
There are many reasons for the high rate of cloud breaches, from a cloud skills gap to under-resourced security teams. But perhaps the most significant cause is the lack of asset visibility and data exposures. Most organizations simply lack the ability to identify vulnerabilities and misconfigurations on the attack surface.
“The cloud is agile and dynamic – that’s why it allows companies to grow so quickly. However, this is also why the cloud is so difficult to secure. It keeps changing,” said Assad Rappaport, co-founder and CEO of Wiz.
“How can you protect data in the cloud if it can be stored in dozens of services, routed daily to different locations and systems? Legacy approaches completely fail to handle the complexity and agility of the cloud. The cloud requires a cloud-native approach,” said Rappaport.
Wiz’s answer to securing the cloud is to consolidate CSPM and CNAPP capabilities into a single platform along with data security posture management, external attack surface management (EASM) and cloud detection and response (CDR). This combination is designed to help organizations increase and simplify their threat detection and response capabilities in the cloud.
For example, security teams can continuously scan for misconfigurations across hybrid cloud, infrastructure as code (IaC), and containers environments and automatically remediate potential exploits that expose data to threat actors.
The platform also provides a security graph that triages and correlates attack paths so both the developer and security teams can understand the cause of a breach and identify how to respond quickly.
A brief look at the CNAPP market
Wiz’s solution fits into the global CNAPP market, which researchers valued at $7.8 billion in 2022 and estimate will reach $19.3 billion by 2027 as more organizations realize their CNAPP adoption plans. cloud.
The organization is competing with some established companies in the space, including Palo Alto Networks, which offers its own CNAPP called Prisma Cloud.
Prisma Cloud provides real-time inspection of cloud workloads for misconfigurations and vulnerabilities, using machine learning to identify normal baseline activity and generating alerts to highlight anomalous activity. Palo Alto Networks had revenue of $84.2 million in the last quarter.
Another competitor is Lacework, which offers a CNAPP with infrastructure-as-code (IaC) scanning, run-time vulnerability scanning for workloads, container images, hosts, and language libraries, as well as detection-based threat detection. of anomalies. Lacework is currently valued at $8.3 billion.
Rappaport argues that the key differentiator between Wiz and these solutions is its emphasis on real-time risk management.
“Wiz has introduced a new approach that enables businesses to safely embrace the cloud by continuously identifying and mitigating key risks. Wiz deploys in minutes using an agentless API-centric approach to seamlessly scan workloads and provide full visibility into cloud environments,” said Rappaport.
VentureBeat’s Mission is to be a digital town square for technical decision makers to gain insight into transformative business technology and transactions. Discover our Briefings.