Wiz launches cloud incident response service to boost security
Wiz has launched a new incident response service designed specifically to support organisations dealing with security incidents in cloud environments.
The new offering, named Wiz Incident Response (IR), is intended to help organisations investigate, contain, and recover from cloud security breaches by combining in-house expertise with purpose-built technology. According to the company, Wiz IR delivers expert-led support in critical moments, leveraging Wiz's background in both cloud and artificial intelligence (AI) security.
Customer-driven approach
Arie Zilberstein, Vice President of Cloud Detection & Response at Wiz, said the development was influenced by feedback from the company's customer base.
"This launch is driven by what we've heard from customers – they want a trusted partner who knows the cloud inside and out. Wiz was built in the cloud, for the cloud, and this perspective guides everything we do, including our approach to incident response. Cloud threats are constantly evolving, and teams need support that's built for that reality."
Wiz reports that it has a deep understanding of the speed at which cloud-based threats develop, and claims its platform is widely used by both security and engineering teams at large enterprises. Wiz IR is built to translate this experience into incident response, supporting teams as they identify, contain, and recover from attacks targeting cloud-based systems.
Expertise in cloud security
The Wiz IR team comprises specialists with hands-on experience handling cloud-related incidents, ranging from Kubernetes forensic analysis to examining AI-driven threats. This knowledge is backed by research which, according to the company, includes identifying vulnerabilities such as a public DeepSeek database leak, unauthenticated remote code execution in Ingress NGINX, and a vulnerability chain in NVIDIA's Triton Inference Server. Wiz states these discoveries have affected how the wider industry approaches modern cloud security risks.
Wiz IR builds on existing components of the Wiz platform, including Wiz Defend, a cloud-native threat detection and response tool, and Wiz Runtime Sensor, which provides real-time threat monitoring for a variety of environments. With the context provided by Wiz Security Graph, the company said it aims to reduce response times during incidents and help limit the potential impact.
Incident response process
According to the company, Wiz IR offers support at each stage of the incident response cycle. This includes intake and scoping, where Wiz helps clients differentiate between real incidents and false positives and map out the potential extent of an attack, using context from the client's own environment. During forensic investigation, Wiz's specialists determine the scope and timeline of a breach using both cloud and runtime data.
As incidents unfold, Wiz IR recommends containment and remediation actions, aiming to stop attacker activity and strengthen defences. Ongoing incident monitoring is also provided, with Wiz promising to remain engaged during incidents in order to detect any related malicious activities that emerge after initial containment.
Wiz's service also covers incident management at a strategic level. The platform is intended to keep response teams aligned and management informed with regular updates and guidance, supporting risk management and business continuity during and after an incident.
Availability and aims
Wiz IR is currently in public preview and available to organisations facing potential cloud security issues. The company said this launch is the first phase of a broader plan to assist teams not only in detecting threats but also in providing effective support during active incidents.
The launch follows Wiz's continued focus on cloud security solutions for high-profile enterprises, with the company indicating that it is trusted by over 50 percent of Fortune 100 organisations and enterprise customers in multiple sectors.