WingNews logo WingNews
top | item 43679024

(no title)

sneakerblack | 10 months ago

I work in the security industry and use WIZ and while I do despise all of the buzzword acronyms this industry has come up with, CSPMs have been one of the few tools that have actually made my life significantly easier. Due to the nature of the industry I work in, there is a lot of regulation that we need to comply with, and CSPMs (and wiz in particular) gives us both observability and alerting for all of our resources in our cloud environments, including the configuration of the cloud environments themselves. I don't know how they managed to get a $32B offer so soon after coming out of stealth, but considering the amount of problems it solves for me and my team, I can see why they're doing well financially. We're definitely happy with the pain point the product fixes.

I can now say "I know for a fact we have x number of AWS/GCP/Azure accounts that are either not using our IdP or 2A, here's a list" without having to script across multiple cloud APIs

Similarly, I can say "here's a list of people that accessed x resource in the last y days". It really makes my life easier when I want to access metrics about my company's cloud environments

discuss

order

xrisk|10 months ago

Is this a difficult problem to solve? There’s only a handful of major cloud players and these questions don’t seem terribly complicated.

Or is it that it lets you answer arbitrary questions of this sort without having to figure out how to get that data?

EE84M3i|10 months ago

CSPM is most valuable for large enterprises that have many cloud tenants as they can provide visibility across the entire footprint in one place.

Consider an enterprise that wants to say "list all the cloud storage buckets we own that are not in the US and are publicly readable and have a name containing 'foo'" - and they have several of each of AWS, Azure and GCP organixations because of acquisitions that aren't fully integrated yet.

Wiz answers that in ~5 seconds, with a rich query language and a bunch of prebuilt rules and detections on top of it, including for tracking compliance with various frameworks.

raesene9|10 months ago

Conceptually, I don't think CSPMs are answering complicated questions, however there's quite a lot of complexity (IMO) in scaling the answers consistently, and keeping up to date with all of the tests that need to be implemented.

If you think about the number of services that AWS/GCP/Azure have, adding good compliance checks across even a portion of those is quite a lot of work :)

A small example from an area I know something about is maintaining the CIS Kubernetes benchmarks (which are used by a lot of CSPM products as a source of rules).

Here you've got the different Kubernetes distributions and then each of the cloud distributions has its own CIS benchmark as the checks are different depending on the cloud in use. Then you have changes over time as different clusters run different versions of Kubernetes, so have different checks. Then you add in that the benchmarks don't release with every new version of Kubernetes, and you can end up with quite a complex matrix of checks.