Traditional cloud security tools are typically reserved for security teams, making it difficult to scale and democratize security for other teams in organizations. At Wiz, our goal is to help organizations democratize security so they can innovate faster in the cloud. Wiz Security Graph truly simplifies cloud security and makes it accessible to other teams developing in the cloud, as more than 50% of our active users are developers. We wanted to make it simpler for AWS builders to quickly get insights into their cloud security posture and risks. Many developers typically work in the AWS Management Console and are assigned security tickets in other tools. Developers may need to navigate between the ticket system, AWS, and the security tool to see what issues they need to address. Wiz works with AWS to put security at the forefront of the build process to make it easier for AWS users to get security insights.
As an AWS Security Competency Partner, we're excited to expand our partnership with AWS to include Amazon Q to make it easier for customers to secure everything they build and run in the cloud. By leveraging AI produced with the new Amazon Q Developer Plugin for Wiz, we can enable organizations to simplify security operations and bring them directly to their AWS console
Oron Noah, Vice President of Product Expansion and Partnerships at Wiz
We're excited to make security even easier for AWS developers with the new Wiz Plugin from Amazon Q Developer that brings the power of the Wiz Cloud-Native Application Protection Platform (CNAPP) directly to their AWS console. Amazon Q Developer helps developers with all their tasks — from programming, testing, and upgrading to troubleshooting, optimizing AWS resources, and creating data engineering pipelines.
This integration makes it easier for developers to ask questions about AWS's security posture using human language and get immediate insights into any risks in their environment.
Amazon Q Developer makes it easier for developers to uphold security best practices so they can focus on innovation, and we're continuing that work with Wiz. By extending Amazon Q Developer capabilities to Wiz's CNAPP capabilities, developers can integrate security more seamlessly and deeply into their daily workflow and build with confidence.
Deepak Singh, Vice President of Next Generation Developer Experience at AWS
For example, a user could ask Amazon Q: “What critical severity issues do I encounter with Wiz?” And get a list of the most pressing risks they need to focus on. Wiz prioritizes risks leading to attack paths in the environment by bringing together multiple risk factors across misconfigurations, vulnerabilities, identities, data, secrets, and more on the Wiz Security Graph. These types of critical attack paths allow an attacker to access crown jewels in the environment or escalate permissions to an administrator and need to be prioritized and addressed. For example, in the screenshot below, we can see the critical risks that Wiz points out.
When a developer asks Amazon Q what issues are most important in their environment, they know they are focusing their time on important risks and effectively increasing their security posture.
Another example where you can explore the security posture of your environment without having to leave AWS is to evaluate the posture of your AWS resources. By asking Amazon Q “What are the riskiest assets I have in my AWS environment?” You can get a list of all the resources that need your attention right now. This allows you to prioritize your remediation efforts on the resource that will have the greatest impact on your security posture. By giving you the tools to assess the security posture of your resources without having to leave AWS, you can effectively focus your efforts and reduce operational expenses.
With the new Amazon Q Developer plug-in, organizations can:
Improve your security posture in AWS: Get real-time security insights right in the AWS console to quickly eliminate risks
Democratizing security for developers: Extend security across the enterprise by making it accessible to developers to quickly understand the security posture
Reduce operational load: Leverage the same console already used to build on AWS to understand the security posture and reduce the time it takes to switch platforms
Get started now with the new plugin here. To learn more about this integration, you can visit the Wiz docs (sign-in required) or the Amazon Q Developer docs.
