| https://twitter.com/wiz_io | |
| Website | https://www.wiz.io |
| Blog | https://www.wiz.io/blog |
| https://www.linkedin.com/company/wizsecurity |
NEW CTF: AWS turned 20 π
So we built our monthly CTF challenge to celebrate: packed with challenges inspired by the last two decades of cloud βοΈ
Oh, andβ¦ we made sure AI can't solve it π
So no prompts this time.
Ready to play?
https://www.cloudsecuritychampionship.com/
π IT'S OFFICIAL: Wiz joins Google to secure the AI era.
This is a massive moment for our customers and our team.
AI is changing how software is built - and security has to move just as fast. Joining forces with Google allows us to accelerate our mission at AI speed, while staying true to what makes Wiz⦠Wiz: a multi-cloud platform built to enable innovation.
Thank you to every customer, partner, and Wizard who made this moment possible π
We can't wait to share what's next.
π¨New CTF Alert: Got trust issues?
Ever wondered what it's like to investigate a real data leak? Now's your chance.
π΅οΈ Your mission:
1) Investigate the compromised machine
2) Figure out how the attacker exfiltrated the data
3) Find the flag
π Start here: https://cloudsecuritychampionship.com/
How good is AI at hacking? We built a benchmark to find out. π§ͺ
Introducing the Offensive AI Benchmark, the framework that tests AI agents on 250+ real-world offensive security challenges.
Check it out β https://www.wiz.io/cyber-model-arena
π¨ CodeBreach: Wiz Research identified a critical repository-hijacking vulnerability that abused a CodeBuild Regex flaw to compromise core AWS GitHub repos, including a core lib running at the heart of the cloud's most critical interface - the #AWS Console.
Patched fast by AWS. A tiny regex, huge impact.
https://www.wiz.io/blog/wiz-research-codebreach-vulnerability-aws-codebuild
π§ Just in time for a new year, a NEW CTF drop!
Think you know Terraform inside out? State of Affairs (challenge 7) might change your mind...
This challenge reveals an overlooked #Terraform risk and demonstrates that IaC tools are integral to your supply chain.
Day 2 at zeroday.cloud, letβs roll. πΎ
π Didnβt register? No panic.
Walk-ins are welcome for the onsite CTF and all the action happening on the floor.
Flags are hidden. Only the sharp survive.
Day 1 of zeroday.cloud = PURE EXPLOIT ENERGY πΎ
From crowd shots π to researchers buried deep in terminals π»
From first checks being claimed
To live container escapes blowing minds in real time.
See you tomorrow!
Day 1 at zeroday.cloud didnβt come to play π
New vulns dropped in Grafana, Linux Kernel, 3 Redis, and 2 PostgreSQL - and every. single. one. worked π€―
100% success rate for day one.
Letβs see what we find tomorrow π
