Wiz Previews Sensor to Secure Cloud Application Workloads

Wiz this week made available a preview of a sensor for securing workloads that it will add to its cloud-native application protection platform (CNAPP).

Yinon Costica, vice president of product for Wiz, said the Runtime Sensor is an agent that extends the capabilities of the Wiz platform to better secure workloads running in cloud computing environments. It is based on software that makes use of the extended Berkeley Packet Filter (eBPF) to run in a sandbox at the Linux kernel level to minimize overhead. The Runtime Sensor can then be deployed on a Kubernetes cluster that can be deployed on any type of cloud computing platform.

Wiz is making a case for an agentless CNAPP that makes it simpler for cybersecurity teams to secure IT environments without relying on an IT team to deploy agent software. However, there are instances where cybersecurity teams are going to want to exercise more control over a specific workload or embed an agent within a continuous integration/continuous delivery (CI/CD) pipeline to better secure a software supply chain, noted Costica.

While application development teams will continue to manage those supply chains, the Wiz approach makes it simpler for organizations to extend the reach of their existing cybersecurity platform into the realm of application development. Ultimately, that approach fosters more collaboration between developers and cybersecurity teams, he added.

That capability is crucial as cybercriminals increasingly focus on compromising software supply chains in the hopes of being able to spread malware to as many downstream application environments as possible, noted Costica.

In the meantime, most organizations are going to continue to default to a lighter-weight agentless approach to ensure cybersecurity whenever possible, but there shouldn’t necessarily be a religious debate over when to use an agent or not, said Costica.

As a category of security platforms coined by Gartner, CNAPPs aggregate two types of security platforms: Cloud security posture management (CSPM) platforms—already used by many organizations to surface misconfigurations and other vulnerabilities that cybercriminals could potentially exploit—and cloud workload protection platforms (CWPP) that protect a workload running on either a virtual machine or encapsulated in a container.

Interest in CNAPPs has risen sharply as the number of workloads deployed in the cloud and concerns about the total cost of cybersecurity have increased. Many cybersecurity teams now view CNAPPs as a means to consolidate a range of point products’ capabilities that are rapidly becoming features of a larger CNAPP. That approach also serves to reduce the total cost of cybersecurity, as many organizations are trying to limit spending on IT. There is generally less pressure to reduce the cost of cybersecurity, but as always, cybersecurity teams are looking for ways to become more efficient by, for example, reducing the time and effort required to integrate point products.

It’s too early to tell how quickly organizations are transitioning to CNAPPs, but as the number of defensible attack surfaces continues to increase, the need for a different approach to managing cybersecurity has become self-evident.

Avatar photo

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 747 posts and counting.See all posts by mike-vizard