The profile is currenly unclaimed by the seller. All information is provided by CB Insights.

wiz.io

Founded Year

2020

Stage

Series D | Alive

Total Raised

$600M

Valuation

$0000 

Last Raised

$250M | 10 mos ago

About Wiz

Wiz operates as a cloud security company that allows companies to secure their cloud infrastructure at scale. Wiz delivers a contextual risk assessment of a client's cloud with the aims of enabling a reduction in security alerts, a clear action plan, and cloud hygiene at scale.

Wiz Headquarter Location

8 Kaplan St.

Tel Aviv, 6473409,

Israel

ESPs containing Wiz

The ESP matrix leverages data and analyst insight to identify and rank leading companies in a given technology landscape.

EXECUTION STRENGTHMARKET STRENGTHLEADERHIGHFLIEROUTPERFORMERCHALLENGER
Consumer & Retail / Cybersecurity

These solutions secure cloud infrastructure (e.g., containers, microservices), control cloud access, and ensure appropriate cloud configurations and security policies.

Wiz named as Leader among 10 other companies, including Netskope, Menlo Security, and Lacework.

Predict your next investment

The CB Insights tech market intelligence platform analyzes millions of data points on venture capital, startups, patents , partnerships and news mentions to help you see tomorrow's opportunities, today.

Research containing Wiz

Get data-driven expert analysis from the CB Insights Intelligence Unit.

CB Insights Intelligence Analysts have mentioned Wiz in 2 CB Insights research briefs, most recently on May 18, 2022.

Expert Collections containing Wiz

Expert Collections are analyst-curated lists that highlight the companies you need to know in the most important technology spaces.

Wiz is included in 2 Expert Collections, including Cybersecurity.

C

Cybersecurity

5,100 items

U

Unicorns- Billion Dollar Startups

1,178 items

Latest Wiz News

Wiz: Vulnerability In Microsoft Azure Database Allowed Access To Sensitive Customer Data

Apr 28, 2022

The flaw ‘broke one of the fundamental things about the cloud – that you can’t access another person’s data,’ says security provider Wiz. April 28, 2022, 11:07 AM EDT Cloud security provider Wiz disclosed Thursday that earlier this year it alerted Microsoft about vulnerabilities the company said it found in the popular Azure Database for PostgreSQL Flexible Server – and Microsoft said in a blog post this morning that the problems have been fixed and that “our analysis revealed no customer data was accessed using this vulnerability.” According to a Wiz blog post Thursday morning, the security flaws permitted Wiz researchers to effectively bypass tenant isolation and allow unauthorized cross-account read access to other customers’ cloud databases. Shir Tamari, head of research at the Tel Aviv, Israel-based Wiz, told CRN that his company’s researchers discovered two key vulnerabilities that violated “fundamental premises” of cloud databases. First, researchers discovered that they could effectively “take control” of their own cloud database and its codes, something most cloud providers, including Microsoft, prohibit due to concerns over database stability, Tamari said. Second and more significantly, Wiz researchers discovered that once they had taken effective control of the coding for their own cloud database, they could use their account as a base to access other customers’ sensitive data, Tamari said. Sagi Tzadik, a security researcher at Wiz, said the access to other customers’ data “broke one of the fundamental things about the cloud – that you can’t access another person’s data.” But that’s exactly the critical flaw that researchers discovered in the Azure database, said Tzadik. “We could actually review other people’s data,” Tzadik said. “You could find just about anything.” Wiz researchers dubbed the access vulnerability “#ExtraReplica.” Tamari said it’s basically a classic privileged-escalation vulnerability In their blog post, Wiz researchers described #ExtraReplica as a serious vulnerability. “If exploited, a malicious actor could have replicated and gained read access to Azure PostgreSQL Flexible Server customer databases,” Wiz researchers wrote. “Wiz Research disclosed #ExtraReplica to Microsoft in January 2022. Microsoft confirmed that the issue has been fully mitigated, and no action is required by Azure customers.” In Microsoft’s blog post, the company seemed to acknowledge the potential seriousness of the now-fixed access problem. “By exploiting an elevated permissions bug in the Flexible Server authentication process for a replication user, a malicious user could leverage an improperly anchored regular expression to bypass authentication to gain access to other customers’ databases,” Microsoft said in its post. “This was mitigated within 48 hours (on January 13, 2022).” Microsoft’s blog added: “Our analysis revealed no customer data was accessed using this vulnerability. Azure updated all Flexible Servers to fix this vulnerability. No action is required by customers.” In their blog post, Wiz researchers said this wasn’t the first time they discovered security problems at Azure. “We previously found vulnerabilities in Azure Cosmos DB,” they wrote, referring to another Microsoft cloud database service. “At BlackHat Europe 2021, we presented ‘ ChaosDB: How We Hacked Databases of Thousands of Azure Customers’ — disclosing how we gained unrestricted access to the databases of Microsoft Azure customers through a chain of misconfigurations in Azure Cosmos DB.” Related Topics:

Wiz Web Traffic

Rank
Page Views per User (PVPU)
Page Views per Million (PVPM)
Reach per Million (RPM)
CBI Logo

Wiz Rank

  • When was Wiz founded?

    Wiz was founded in 2020.

  • Where is Wiz's headquarters?

    Wiz's headquarters is located at 8 Kaplan St., Tel Aviv.

  • What is Wiz's latest funding round?

    Wiz's latest funding round is Series D.

  • How much did Wiz raise?

    Wiz raised a total of $600M.

  • Who are the investors of Wiz?

    Investors of Wiz include CyberStarts, Sequoia Capital, Index Ventures, Insight Partners, Greenoaks Capital Management and 7 more.

  • Who are Wiz's competitors?

    Competitors of Wiz include BetterCloud, AppOmni, JupiterOne, VMware, Traceable AI, Obsidian Security, Ermetic, Salt Security, Lacework, Scribe Security and 27 more.

You May Also Like

Aqua Security Logo
Aqua Security

Aqua Security enables enterprises to secure their virtual container environments from development to production, accelerating container adoption and bridging the gap between DevOps and IT security. Aqua's Container Security Platform provides full visibility into container activity, allowing organizations to detect and prevent suspicious activity and attacks in real time. Integrated with container lifecycle and orchestration tools, the Aqua platform provides transparent, automated security while helping to enforce policy and simplify regulatory compliance.

Lacework Logo
Lacework

Lacework is a late-stage technology firm that develops a complete security platform for the entire IT infrastructure, from DevOps and orchestration environments to cloud and hybrid workloads. Lacework is designed to self-adapt to the cloud's ever-changing configurations to provide visibility and intrusion detection that helps enterprises keep their data and resources safe. The firm serves a wide variety of industries that require intrusion detection. Lacework was founded in 2015 and is based in San Jose, California.

Orca Security Logo
Orca Security

Orca Security is a cloud visibility company. Its Orca Cloud Visibility Platform utilizes its SideScanning technology to deliver full-stack visibility into the entire cloud infrastructure and assets.

Ermetic Logo
Ermetic

Ermetic is a platform for managing user and service permissions across cloud environments.

Obsidian Security Logo
Obsidian Security

Obsidian Security is applying artificial intelligence to enable user security for enterprise hybrid-cloud environments. Obsidian Security was founded in 2017 and is based in Newport Beach, California.

Salt Security Logo
Salt Security

Salt Security is an API security platform that prevents zero-day API breaches. Salt detects attack attempts before other solutions alarms are tripped.

Discover the right solution for your team

The CB Insights tech market intelligence platform analyzes millions of data points on vendors, products, partnerships, and patents to help your team find their next technology solution.

Request a demo

CBI websites generally use certain cookies to enable better interactions with our sites and services. Use of these cookies, which may be stored on your device, permits us to improve and customize your experience. You can read more about your cookie choices at our privacy policy here. By continuing to use this site you are consenting to these choices.