Wiz helps you reduce guesswork when it comes to protecting your cloud accounts and their security configurations. Wiz is a security platform provided through Cardinal Cloud that evaluates cloud accounts and displays results in an easy-to-understand view, helping account managers take needed steps for improvement.
Wiz uses a modern approach to identify configuration errors, vulnerabilities, malware, and compliance issues across all three Cardinal Cloud service providers: Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure. Wiz uses the native APIs for each cloud service provider (CSP) to make temporary snapshots, which are the primary source of analysis.
- Performs daily scans and ad hoc scans initiated by users.
- Shows cloud configuration errors (like internet-readable object storage buckets) and software vulnerabilities (like Common Vulnerabilities and Exposures, or CVEs).
- Analyzes most (but not all) cloud resources, including the most popular and data-holding services like virtual machines, containers, serverless functions, and more.
- Provides important context about the exposure and risk of any given vulnerability.
- Provides remediation instructions.
- Integrates with Stanford LDAP workgroups for granular role-based access controls.
- Uses customizable security frameworks that can target Stanford-specific MinSec requirements.
See Wiz FAQs for additional information on features.
Once configured, Wiz will be available to anyone who administers a Cardinal Cloud account in AWS, GCP, or Azure. This includes anyone setting up or managing technologies, resources, or components. Even if you’re a researcher or student, avoiding account takeover, data theft, or reputation damage is an important responsibility that goes along with cloud computing.
See Wiz FAQs for additional information on compliance and expectations.
This product is being configured to run on all Cardinal Cloud AWS, GCP, and Azure accounts.
Wiz has undergone a Data Risk Assessment with the Office of the Chief Risk Officer and with the Information Security Office at Stanford. Wiz met a number of certifications for handling regulated data and have completed a SIG questionnaire on data handling practices.
See Wiz FAQs for additional information on data security.
Each account in Cardinal Cloud will incur a very minimal monthly storage charge, typically between a couple of pennies and a dollar or two. This is related to the temporary storage of the snapshots, which will vary based on the number of workloads.
See Wiz FAQs for additional information on rates.
Wiz will be fully operational and available sometime in spring 2023 for all Cardinal Cloud users.
Submit a Help request to ISO Security Operations.