|
|
|
|
|
|
by chatmasta
703 days ago
|
|
|
They’ve had some really nice writeups but I always thought they were your generic security firm doing some bug hunting. Recently I happened upon their domain submissions to HN and saw they raised $1b+ and was like wtf? What do they actually do? I mean what are their products that people pay for? Maybe there are obvious answers to these questions, but if a company is worth $23bn I’d expect that as somebody in the industry, I could answer them without doing in depth research. This is exactly the kind of gut feeling of “something’s off” that I’ve learned to pay attention to. |
|
|
> Wiz combines a graph search for asset management with agentless vuln and malware scanning that clones EBS volumes and scans them on their infrastructure. That's a great combo for vuln management, but has some downsides like delays between scans and cloud costs. They have a sensor with solid detection rules, and are okay at a bunch of other stuff like cloud log threat detection and sensitive data detection. They've basically pushed what you can do without an agent to the limit.