Expediting Forensic Investigations with Cado Security and Wiz

Today we’re excited to announce the official release of the Cado Security and Wiz integration to help security teams expedite forensics and incident response across critical cloud resources. 

Gaining access to cloud resources in a timely manner during an investigation often proves to be a significant obstacle faced by security teams. However, when it comes to incident response, speed is essential to efficiently managing risk, meet SLAs, and reduce the potential impact of threats. 

Wiz and Cado Security’s combined solution enables security teams to triage and fix risks that pose the most impactful threats to your cloud environment and have the context necessary to solve threats in the heat of an investigation. The integration with Wiz eliminates common cloud access obstacles while gaining a deeper understanding of the root cause, scope, and impact of cloud threats.

The Cado Security and Wiz integration enables security teams to:

• Accelerate response time to cloud threats: Customers are enabled to rapidly kick off forensics investigations of AWS EC2 instances and automate forensics investigations of cloud resources using Wiz's one-click forensics capabilities to accelerate the path to root cause and remediation.
• Gain deep insights into the impact of threats: This integration empowers customers with deep forensics analysis capabilities, such as Cado’s AI Investigator, to better understand the root cause, scope, and implications of cloud-based threats, improving an analyst’s ability to respond appropriately.
• Simplify incident response: Customers gain instant access to cloud resources and potentially compromised systems without configuring additional access requirements or having to work through other teams, saving analysts critical time during an investigation.

With the Cado Security and Wiz integration, organizations can rapidly kick off forensic investigations within the Cado Security platform, accelerating the path to root cause and remediation of cloud-based threats. Leveraging Wiz’s recently introduced Digital Forensics capabilities, security analysts can seamlessly copy captured EC2 volumes to a dedicated forensics account and apply specific tags. Based on these tags, the Cado Security platform will automatically discover and spin up a deeper forensic investigation, without analyst intervention. 

Enabling the Wiz Integration within the Cado Platform

The Cado Security platform delivers an automated approach to forensics and incident response. As soon as the solution discovers the EC2 volume within the organizations dedicated forensic account that Wiz dropped in, it is rapidly processed at scale, powered by Cado’s patented cloud-native architecture. Once the data is processed, the platform delivers key incident insights including an overview of key malicious and suspicious activity, a complete timeline of events, and more. 

Investigating an EC2 Instance within the Cado Platform

The Cado Security platform integration can be found in the Wiz integration (WIN) platform. For more information, you can check out the joint solution brief or contact our team for a demo.