Advertise

Cloud

12/9/2020
02:50 PM

Dark Reading Staff
Quick Hits

0 comments
Comment Now

50%

Former Microsoft Cloud Security Leads Unveil New Startup

Wiz has raised $100 million since its January launch and plans to help businesses with visibility into cloud security threats.

Wiz, a new cloud security startup, today emerged from stealth with $100 million in Series A funding and a mission to help organizations achieve greater visibility into cloud-based threats.

The Changing Face of Threat Intelligence

New on The Edge: BECs and EACs: What's the Difference?

The startup was founded in January by a team that previously led Microsoft's Cloud Security Group and created Adallom, a cloud security startup that Microsoft acquired in 2015 for $320 million. CEO Assaf Rappaport, CTO Ami Luttwak, vice president of product Yinon Costica, and vice president of research and development Roy Reznik have worked together for 15 years.

Their time spent working on cloud security has given the founders insight into the issues that businesses struggle with most. Today's cloud security tools are complicated, fragmented, and generate too many alerts for security teams to handle. To combat these problems, Wiz aims to build a platform that lets teams scan their environments across compute types and cloud services for vulnerabilities and configuration, network, and identity issues without agents.

Wiz is based in Palo Alto, Calif., and Tel Aviv, Israel. The company is backed by Sequoia Capital, Index Ventures, Insight Partners, and Cyberstarts.

Read more details in the full release.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Recommended Reading:

Comment |

Email This |

Print |

RSS

More Insights

Webcasts

Getting Your Security Tech Together: Making Orchestration and Automation Work For Your Enterprise

The Pesky Password Problem: Policies That Help You Gain the Upper Hand on the Bad Guys

More Webcasts

White Papers

Digital Transformation & Cyber Risk: What You Need to Know to Stay Safe

A Force Multiplier for Third-Party Cyber Risk Management

More White Papers

Reports

Assessing Cybersecurity Risk in Today’s Enterprises

2020 State of DevOps Report

More Reports

Comments

Newest First | Oldest First | Threaded View

[close this box]

Be the first to post a comment regarding this story.

Hot Topics

Editors' Choice

Phishing Campaign Targets 200M Microsoft 365 Accounts

Kelly Sheridan, Staff Editor, Dark Reading, 12/7/2020

Nation-State Hackers Breached FireEye, Stole Its Red Team Tools

Kelly Jackson Higgins, Executive Editor at Dark Reading, 12/8/2020

Open Source Developers Still Not Interested in Secure Coding

Robert Lemos, Contributing Writer, 12/8/2020

Webinars

Robotic Processing Can Automate Your Business Processes

Achieve Continuous Testing with Intelligent Test Automation, Powered by AI

The Pesky Password Problem: Policies That Help You Gain the Upper Hand on the Bad Guys

Webinar Archives

White Papers

The New Cloud-Enabled Business Network

Third Party Cyber Risk Management Guide 101

Crisis as an Opportunity for Reinvention

The Protector's Guide

Information Management: A New Hope

More White Papers

Cartoon Contest

Write a Caption, Win an Amazon Gift Card! Click Here

Latest Comment: Don't worry, you'll know if audit doesn't like your password strength!

Cartoon Archive

Current Issue

2020: The Year in Security

Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Assessing Cybersecurity Risk in Today’s Enterprises

COVID-19 has created a new IT paradigm in the enterprise — and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.

Download Now!

The Malware Threat Landscape

0 comments

How Data Breaches Affect the Enterprise (2020)

0 comments

Building an Effective Cybersecurity Incident Response Team

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-17515
PUBLISHED: 2020-12-11

The "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit. This issue affects Apache Airflow versions prior to 1.10.13. This is same as CVE-2020-13944 but the implemented fix in Airflow 1.10.13 did not fix the issue completely.

CVE-2020-7793
PUBLISHED: 2020-12-11

The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).

CVE-2020-7788
PUBLISHED: 2020-12-11

This affects the package ini before 1.3.6. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context.

CVE-2020-7790
PUBLISHED: 2020-12-11

This affects the package spatie/browsershot from 0.0.0. By specifying a URL in the file:// protocol an attacker is able to include arbitrary files in the resultant PDF.

CVE-2020-7792
PUBLISHED: 2020-12-11

This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn 'mixes objects into the target object, recursively mixing existing child objects as well'. In both cases, the key used to access the target object recursively ...

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]