fbpx
Wikipedia

Wiz (company)

February 14, 2024

For Akihiro Yokoi's WiZ, see Tamagotchi.

Wiz is an Israeli cloud security startup headquartered in Tel Aviv. The company was founded in January 2020 by Assaf Rappaport, Yinon Costica, Roy Reznik, and Ami Luttwak, all of whom previously founded Adallom.[1] Rappaport serves as CEO, Costica as VP of Product, Reznik as VP of Engineering, and Luttwak as CTO. The company's platform analyzes computing infrastructure hosted in AWS, Azure, GCP, OCI, and Kubernetes for combinations of risk factors that could allow malicious actors to gain control of cloud resources and/or exfiltrate valuable data.

Wiz
Company typePrivate
Industry
Founded2020
FoundersAssaf Rappaport, Yinon Costica, Roy Reznik, Ami Luttwak
Headquarters
Tel Aviv
,
Israel
Number of employees
about 900
Websitewww.wiz.io

As of February 2023, Wiz employed over 650 individuals, with most sales and marketing personnel scattered across North America and Europe while most engineering personnel are based in Tel Aviv, Israel.[2][3][4] In August 2022, Wiz claimed to be the fastest startup ever to scale from $1 million to $100 million in annual recurring revenue (ARR), from February 2021 to approximately July 2022.[5] In February 2023, following its series D round of funding, Wiz claimed to be the largest cyber unicorn in the world and the fastest Software-as-a-Service company to reach a $10 billion valuation.[6] In February 2024, the company claimed to have reached $350M in revenue, with a 40% market share of Fortune 100 companies.[7]

Funding edit

Wiz has raised a total of $900 million from a combination of venture capital funds and private investors:

Research edit

Wiz researchers have discovered and responsibly disclosed numerous cloud vulnerabilities that garnered significant media coverage:

  • ChaosDB – A series of flaws in Microsoft Azure's Cosmos DB that made it possible to download, delete, or manipulate databases belonging to thousands of Azure customers.[14][15]
  • OMIGOD – Bugs in Open Management Infrastructure (OMI), a ubiquitous but poorly documented agent embedded in many popular Azure services, that allowed for unauthenticated remote code execution and privilege escalation.[16]
  • NotLegit – Insecure default behavior in the Azure App Service that exposed the source code of some customer applications.[17]
  • ExtraReplica – A chain of critical vulnerabilities found in the Azure Database for PostgreSQL Flexible Server that could let malicious users escalate privileges and gain access to other customers' databases after bypassing authentication.[18][19]
  • AttachMe – A cloud isolation vulnerability that, before it was patched by OCI, could have allowed attackers to access and modify other users' OCI storage volumes without authorization.[20]
  • Hell's Keychain – A first-of-its-kind cloud service provider supply-chain vulnerability in IBM Cloud Databases for PostgreSQL that, before it was patched, could have allowed malicious actors to remotely execute code in victims' environments.[21]
  • BingBang – A misconfiguration in Azure Active Directory (AAD) that allowed Wiz researchers to modify Bing.com search results in a way that malicious actors could use to steal Office 365 credentials granting access to countless users' private emails and documents.[22]

These findings (and others) have been presented at several conferences, including BlackHat,[23][24][25] RSAC,[26][27] and DEF CON.[28]

References edit

  1. ^ Novet, Jordan (2021-03-22). "A tiny security start-up founded by engineers who sold their last company to Microsoft is already worth $1.7 billion". CNBC. Retrieved 2021-12-26.
  2. ^ "Wiz goes (even more) global". Wiz Blog. 2021-09-14. Retrieved 2021-12-26.
  3. ^ Ben-David, Ricky. "Israeli cybersecurity firm Wiz raises $250m, soaring to $6b valuation". www.timesofisrael.com. Retrieved 2021-12-27.
  4. ^ "Cybersecurity has 53 unicorns. Here are 10 to watch". VentureBeat. 2022-03-17. Retrieved 2022-05-22.
  5. ^ "Cloud security startup Wiz reaches $100M ARR in just 18 months". TechCrunch. 2022-08-10. Retrieved 2022-08-14.
  6. ^ "Wiz becomes the world's largest cybersecurity unicorn | Wiz Blog". wiz.io. Retrieved 2023-04-16.
  7. ^ "Wiz reports $350m revenue in 2023, hiring 400 in 2024". Globes. 2024-05-02. Retrieved 2024-02-11.
  8. ^ "Israeli cloud security co Wiz raises $100m". Globes. 2020-09-12. Retrieved 2021-12-26.
  9. ^ "Cloud security co Wiz raises $250m at $6b valuation". Globes. 2021-11-10. Retrieved 2021-12-26.
  10. ^ Shulman, Sophie (2021-10-13). "Six reasons for Wiz's $6 billion valuation". CTECH - www.calcalistech.com. Retrieved 2021-12-26.
  11. ^ "Wiz unveils new security tool to protect code in development pipeline". TechCrunch. 8 December 2021. Retrieved 2021-12-27.
  12. ^ "Wiz raises $250 mln, values Israeli cyber firm at $6 bln". Reuters. 2021-10-11. Retrieved 2021-12-26.
  13. ^ Wiggers, Kyle (2023-02-27). "Cloud security startup Wiz, now valued at $10B, raises $300M". TechCrunch. Retrieved 2023-04-16.
  14. ^ "ChaosDB Vulnerability Exposes Thousands of Microsoft Azure Databases". PCMAG. Retrieved 2021-12-26.
  15. ^ "ChaosDB vulns saw Wiz researchers utterly pwn Azure Cosmos". www.theregister.com. Retrieved 2021-12-26.
  16. ^ "OMIGOD: Microsoft Azure VMs exploited to drop Mirai, miners". BleepingComputer. Retrieved 2021-12-26.
  17. ^ "Microsoft notifies customers of Azure bug that exposed their source code". The Record by Recorded Future. 2021-12-22. Retrieved 2021-12-26.
  18. ^ "Microsoft fixes ExtraReplica Azure bugs that exposed user databases". BleepingComputer. Retrieved 2022-05-20.
  19. ^ msrc. "Azure Database for PostgreSQL Flexible Server Privilege Escalation and Remote Code Execution – Microsoft Security Response Center". Retrieved 2022-05-20.
  20. ^ "Oracle Cloud at one point would let you access any other customer's data". The Register. Retrieved 2022-11-02.
  21. ^ Montalbano, Elizabeth (2022-12-01). "IBM Cloud Supply Chain Vulnerability Showcases New Threat Class". Dark Reading. Retrieved 2023-04-16.
  22. ^ Weatherbed, Jess (2023-03-30). "Microsoft exploit allowed access to private Office 365 data". The Verge. Retrieved 2023-04-16.
  23. ^ "Black Hat". www.blackhat.com.
  24. ^ "A New Class of DNS Vulnerabilities Affecting Many DNS-as-Service Platforms". Black Hat. Retrieved 2021-12-26.
  25. ^ "Breaking the Isolation: Cross-Account AWS Vulnerabilities". Black Hat. Retrieved 2021-12-26.
  26. ^ Conference, R. S. A. "RSA Conference Announces Finalists for RSAC Innovation Sandbox Contest 2021". www.prnewswire.com (Press release). Retrieved 2022-05-25.
  27. ^ "All Conference Speakers". RSAConference.com. May 25, 2022.
  28. ^ "DEF CON 29 Speakers". DEF CON. Retrieved 2021-12-26.


   

This article about an Israeli company is a stub. You can help Wikipedia by expanding it.

February 14, 2024
company, akihiro, yokoi, tamagotchi, israeli, cloud, security, startup, headquartered, aviv, company, founded, january, 2020, assaf, rappaport, yinon, costica, reznik, luttwak, whom, previously, founded, adallom, rappaport, serves, costica, product, reznik, en. For Akihiro Yokoi s WiZ see Tamagotchi Wiz is an Israeli cloud security startup headquartered in Tel Aviv The company was founded in January 2020 by Assaf Rappaport Yinon Costica Roy Reznik and Ami Luttwak all of whom previously founded Adallom 1 Rappaport serves as CEO Costica as VP of Product Reznik as VP of Engineering and Luttwak as CTO The company s platform analyzes computing infrastructure hosted in AWS Azure GCP OCI and Kubernetes for combinations of risk factors that could allow malicious actors to gain control of cloud resources and or exfiltrate valuable data WizCompany typePrivateIndustryCybersecurityFounded2020FoundersAssaf Rappaport Yinon Costica Roy Reznik Ami LuttwakHeadquartersTel Aviv IsraelNumber of employeesabout 900Websitewww wbr wiz wbr ioAs of February 2023 Wiz employed over 650 individuals with most sales and marketing personnel scattered across North America and Europe while most engineering personnel are based in Tel Aviv Israel 2 3 4 In August 2022 Wiz claimed to be the fastest startup ever to scale from 1 million to 100 million in annual recurring revenue ARR from February 2021 to approximately July 2022 5 In February 2023 following its series D round of funding Wiz claimed to be the largest cyber unicorn in the world and the fastest Software as a Service company to reach a 10 billion valuation 6 In February 2024 the company claimed to have reached 350M in revenue with a 40 market share of Fortune 100 companies 7 Funding editWiz has raised a total of 900 million from a combination of venture capital funds and private investors Series A In December 2020 Wiz emerged from stealth by raising 100 million from Index Ventures Sequoia Capital Insight Partners and Cyberstarts 8 Series B In April and May 2021 Wiz raised 130 million and 120 million respectively on a 1 7 valuation from Index Ventures Sequoia Capital Insight Partners and Cyberstarts 9 Series C In October 2021 Wiz raised 250 million on a 6 billion valuation 10 11 from venture capital funds Insight Partners Greenoaks Capital Sequoia Capital Salesforce Ventures and CyberStarts and individual investors Bernard Arnault and Howard Schultz 12 Series D In February 2023 Wiz raised 300 million on a 10 billion valuation 13 from venture capital funds Lightspeed Venture Partners and Greenoaks Capital along with individual investors including Bernard Arnault and Howard Schultz Research editWiz researchers have discovered and responsibly disclosed numerous cloud vulnerabilities that garnered significant media coverage ChaosDB A series of flaws in Microsoft Azure s Cosmos DB that made it possible to download delete or manipulate databases belonging to thousands of Azure customers 14 15 OMIGOD Bugs in Open Management Infrastructure OMI a ubiquitous but poorly documented agent embedded in many popular Azure services that allowed for unauthenticated remote code execution and privilege escalation 16 NotLegit Insecure default behavior in the Azure App Service that exposed the source code of some customer applications 17 ExtraReplica A chain of critical vulnerabilities found in the Azure Database for PostgreSQL Flexible Server that could let malicious users escalate privileges and gain access to other customers databases after bypassing authentication 18 19 AttachMe A cloud isolation vulnerability that before it was patched by OCI could have allowed attackers to access and modify other users OCI storage volumes without authorization 20 Hell s Keychain A first of its kind cloud service provider supply chain vulnerability in IBM Cloud Databases for PostgreSQL that before it was patched could have allowed malicious actors to remotely execute code in victims environments 21 BingBang A misconfiguration in Azure Active Directory AAD that allowed Wiz researchers to modify Bing com search results in a way that malicious actors could use to steal Office 365 credentials granting access to countless users private emails and documents 22 These findings and others have been presented at several conferences including BlackHat 23 24 25 RSAC 26 27 and DEF CON 28 References edit Novet Jordan 2021 03 22 A tiny security start up founded by engineers who sold their last company to Microsoft is already worth 1 7 billion CNBC Retrieved 2021 12 26 Wiz goes even more global Wiz Blog 2021 09 14 Retrieved 2021 12 26 Ben David Ricky Israeli cybersecurity firm Wiz raises 250m soaring to 6b valuation www timesofisrael com Retrieved 2021 12 27 Cybersecurity has 53 unicorns Here are 10 to watch VentureBeat 2022 03 17 Retrieved 2022 05 22 Cloud security startup Wiz reaches 100M ARR in just 18 months TechCrunch 2022 08 10 Retrieved 2022 08 14 Wiz becomes the world s largest cybersecurity unicorn Wiz Blog wiz io Retrieved 2023 04 16 Wiz reports 350m revenue in 2023 hiring 400 in 2024 Globes 2024 05 02 Retrieved 2024 02 11 Israeli cloud security co Wiz raises 100m Globes 2020 09 12 Retrieved 2021 12 26 Cloud security co Wiz raises 250m at 6b valuation Globes 2021 11 10 Retrieved 2021 12 26 Shulman Sophie 2021 10 13 Six reasons for Wiz s 6 billion valuation CTECH www calcalistech com Retrieved 2021 12 26 Wiz unveils new security tool to protect code in development pipeline TechCrunch 8 December 2021 Retrieved 2021 12 27 Wiz raises 250 mln values Israeli cyber firm at 6 bln Reuters 2021 10 11 Retrieved 2021 12 26 Wiggers Kyle 2023 02 27 Cloud security startup Wiz now valued at 10B raises 300M TechCrunch Retrieved 2023 04 16 ChaosDB Vulnerability Exposes Thousands of Microsoft Azure Databases PCMAG Retrieved 2021 12 26 ChaosDB vulns saw Wiz researchers utterly pwn Azure Cosmos www theregister com Retrieved 2021 12 26 OMIGOD Microsoft Azure VMs exploited to drop Mirai miners BleepingComputer Retrieved 2021 12 26 Microsoft notifies customers of Azure bug that exposed their source code The Record by Recorded Future 2021 12 22 Retrieved 2021 12 26 Microsoft fixes ExtraReplica Azure bugs that exposed user databases BleepingComputer Retrieved 2022 05 20 msrc Azure Database for PostgreSQL Flexible Server Privilege Escalation and Remote Code Execution Microsoft Security Response Center Retrieved 2022 05 20 Oracle Cloud at one point would let you access any other customer s data The Register Retrieved 2022 11 02 Montalbano Elizabeth 2022 12 01 IBM Cloud Supply Chain Vulnerability Showcases New Threat Class Dark Reading Retrieved 2023 04 16 Weatherbed Jess 2023 03 30 Microsoft exploit allowed access to private Office 365 data The Verge Retrieved 2023 04 16 Black Hat www blackhat com A New Class of DNS Vulnerabilities Affecting Many DNS as Service Platforms Black Hat Retrieved 2021 12 26 Breaking the Isolation Cross Account AWS Vulnerabilities Black Hat Retrieved 2021 12 26 Conference R S A RSA Conference Announces Finalists for RSAC Innovation Sandbox Contest 2021 www prnewswire com Press release Retrieved 2022 05 25 All Conference Speakers RSAConference com May 25 2022 DEF CON 29 Speakers DEF CON Retrieved 2021 12 26 nbsp nbsp This article about an Israeli company is a stub You can help Wikipedia by expanding it vte Retrieved from https en wikipedia org w index php title Wiz company amp oldid 1206111286, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.