Wiz CDR and Amazon GuardDuty: Contextualize and prioritize threat detection | Wiz Blog

Wiz can now seamlessly integrate with Amazon GuardDuty to provide contextualized and prioritized threat detection for a 10x improvement in investigation and response. Wiz leverages its leading Cloud Security Graph to help Cloud Defenders quickly understand, with the click of a button— what happened, where it happened, and how to respond.

Risk-oriented threat detection

Wiz Cloud Detection and Response (CDR) enables cloud defenders to identify threats as they unfold and prioritize remediation based on context and effective risk. The new GuardDuty integration provides teams with advanced threat detections correlated into the Wiz Security stack, helping to achieve:

Significant decrease in alert fatigue
Prioritized threats according to their effective risk
Quick threat analysis and remediation

Consider for example a Brute Force Attack detected by GuardDuty, which could be very common and create hundreds of alerts. Which one should the Cloud Defenders respond to first? By correlating these detections with a Wiz Control that detects an externally exposed VM with a weak SSH password and lateral movement to Admin user, defenders can now prioritize by risk, impact, and blast radius.

10x improvement in investigation and response

Analyzing threats is a time-consuming process for Cloud Defenders, requiring manual triage of several factors such as cloud configurations, network exposure, the associated identity or technologies running on the workload, and more. Wiz provides all this information in a single view, by correlating the events and detections to cloud resources and leveraging the Security Graph to provide instant insights on each resource and asset.