惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

H
Hackread – Cybersecurity News, Data Breaches, AI and More
C
Check Point Blog
Hacker News: Ask HN
Hacker News: Ask HN
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
WordPress大学
WordPress大学
P
Proofpoint News Feed
V
Visual Studio Blog
C
Cyber Attacks, Cyber Crime and Cyber Security
N
Netflix TechBlog - Medium
C
CXSECURITY Database RSS Feed - CXSecurity.com
博客园 - 聂微东
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
博客园 - 叶小钗
Cisco Talos Blog
Cisco Talos Blog
S
Schneier on Security
T
Threat Research - Cisco Blogs
腾讯CDC
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
The Hacker News
The Hacker News
Google DeepMind News
Google DeepMind News
Microsoft Security Blog
Microsoft Security Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
GbyAI
GbyAI
N
News | PayPal Newsroom
L
LINUX DO - 最新话题
酷 壳 – CoolShell
酷 壳 – CoolShell
P
Palo Alto Networks Blog
T
Tenable Blog
S
Secure Thoughts
T
Threatpost
V2EX - 技术
V2EX - 技术
大猫的无限游戏
大猫的无限游戏
Martin Fowler
Martin Fowler
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Vercel News
Vercel News
罗磊的独立博客
P
Privacy & Cybersecurity Law Blog
Engineering at Meta
Engineering at Meta
小众软件
小众软件
Google DeepMind News
Google DeepMind News
N
News and Events Feed by Topic
Y
Y Combinator Blog
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
C
Cybersecurity and Infrastructure Security Agency CISA
P
Proofpoint News Feed
L
Lohrmann on Cybersecurity
P
Privacy International News Feed
H
Heimdal Security Blog
量子位
B
Blog

Wiz Blog | RSS feed

Meet Wiz for M365: Bringing SaaS into the Security Graph Bringing Security Visibility to Vercel with Wiz Axios NPM Distribution Compromised in Supply Chain Attack Tracking TeamPCP: Investigating Post-Compromise Attacks Seen in the Wild The Wiz Blue Agent, now Generally Available Beyond the Badge: What Achieving Microsoft’s Certified Software Designation Means for Your Cloud Security Introducing the Green Agent: AI-Powered Remediation for the Cloud Three’s a Crowd: TeamPCP trojanizes LiteLLM in Continuation of Campaign KICS GitHub Action Compromised: TeamPCP Strikes Again in Supply Chain Attack Introducing the Wiz Red Agent- AI-Powered Attacker Introducing Wiz AI Application Protection Platform (AI-APP) Introducing Wiz Agents & Workflows: Security at the Speed of AI AI Runtime Threat Detection: From Input to Real-World Impact Trivy Compromised: Everything You Need to Know about the Latest Supply Chain Attack It’s Official: Wiz Joins Google Understanding and Reducing AI Risk in Modern Applications Introducing Wiz Tenant Manager: Multi-Tenant Management for Federated Organizations The Agile FedRAMP Playbook, Part 4: Reactive Risk Management through Enriched Incident Response Wiz Achieves CPSTIC Certification in Spain Seeing AI Clearly: Building Visibility Across Modern AI Applications The Agile FedRAMP Playbook, Part 3: Preventative Risk Management by building Secure by Design Wiz Leads the 2026 Latio Application Security Report with awards in 4 categories Building an Agentic Cloud Security Ecosystem: A Reference Architecture with Wiz MCP and Infosys Cyber Next The Agile FedRAMP Playbook, Part 2: Proactive Risk Management with Continuous Monitoring Cloud-native Security for your Windows environment: Announcing the Wiz Runtime Sensor for Windows Would You Click ‘Accept’? Automatically detecting malicious Azure OAuth applications using LLMs Wiz Named a Leader in The Forrester Wave™: Cloud Native Application Protection Solutions, Q1 2026 From Detection to Remediation: It’s Time to Rethink AppSec Around Exploitability and Root Cause Fixes The Agile FedRAMP Playbook, Part 1: Why Risk is Your Best Starting Point Introducing AI Cyber Model Arena: A Real-World Benchmark for AI Agents in Cybersecurity Wiz + Spotify Backstage: Security at the Developer’s Desk Building AI Security Together: New Ways to Partner with Wiz for AI Security in 2026 Hacking Moltbook: The AI Social Network Any Human Can Control The Year in Wiz Research: 2025 Most Read Blogs WizExtend is Here: AI and Cloud Security Insights in Your Daily Workflow From Detection to Remediation: Wiz in Your JetBrains IDE Agentic Browser Security: 2025 Year-End Review CodeBreach: Infiltrating the AWS Console Supply Chain and Hijacking AWS GitHub Repositories via CodeBuild A 90-Day Action Plan to Turn Resolutions into Results with Wiz Introducing the Wiz Partner Alliance: A New Chapter for Partner Success Preparing for Post-Quantum Cryptography Wiz Recognized as a 2025 Customers’ Choice in the Gartner® Peer Insights™ Voice of the Customer for CNAPP Expanding the Zero Critical Club to set a new standard for AppSec and SecOps teams Snipping the Long Tail of Shai-Hulud 2.0 Protecting Against Zero-Day Vulnerabilities with SOC-Level ASM Alert MongoBleed (CVE-2025-14847) exploited in the wild: everything you need to know The Kenna Transition: Your Strategic Shift to Exposure Management From MCP to Vibe Coding: Full Endpoint Visibility in Wiz AI Security Bringing Oracle Cloud Identity to Wiz Zero‑Days in the Age of AI: Behind the Scenes of ZeroDay.cloud 2025, with a Record High of CVEs in Critical Cloud Infra Gogs 0-Day Exploited in the Wild Code to Cloud Attacks: From Github PAT to Cloud Control Plane Top AWS re:Invent Announcements for Security Teams in 2025 React2Shell: Technical Deep-Dive & In-the-Wild Exploitation of CVE-2025-55182 React2Shell (CVE-2025-55182): Everything You Need to Know About the Critical React Vulnerability Wiz Product Announcements at re:Invent 2025: Expanding Visibility from Code to Cloud Introducing Wiz SAST: Where Code Risk Meets Cloud Context Wiz Becomes Fastest Security ISV to Reach $1 Billion in AWS Marketplace Lifetime Sales It's Here! Wiz Exposure Management is Now GA Shai-Hulud 2.0 Aftermath: Trends, Victimology and Impact Service Catalog is Here: Expand Risk Visibility for Your Service and Its Dependencies, Simplify Issue Ownership WizOS: Powering Secured Image Adoption with AI 3 OAuth TTPs Seen This Month — and How to Detect Them with Entra ID Logs Mastering Software Governance with Hosted Technologies Inventory Shai-Hulud 2.0 Supply Chain Attack: 25K+ Repos Exposing Secrets Get Certified on Wiz Defend for Threat Detection and Response Blueprint for Security: A Guide to Code, Governance, and Response Frameworks Google Unified Security Recommended Program Names Wiz Among First 3 Strategic Partners Introducing Posture Issues: Transform Security Findings into Actionable Outcomes Empower and Accelerate Your SOC with the Blue Agent Exposure Report: 65% of Leading AI Companies Found with Verified Secret Leaks Wizdom 2025 Product Announcements: Extending the Cloud Operating Model When AI Becomes the Heart of Security: Powering a Future You Can Trust AI-Powered Wiz: From Agents to Everyday Intelligence Defend Agentless Workload Detection: Bringing Visibility to Blind Spots in Threat Detection Securing AI Agents with Wiz AI-SPM Introducing Wiz ASM: Context-Driven Attack Surface Management Securing Critical Infrastructure in the Cloud Era: A Policy and Technology Blueprint How CISOs Should Plan Security Budgets for 2026 Beyond the Checkbox: How Wiz Transforms SOC 2 into a Security Powerhouse Bringing Visibility to Kubernetes: Unified Inventory and Network Insight The Foundation Modern AppSec Is Still Missing: Code to Cloud, Rebuilt the Right Way Dismantling a Critical Supply Chain Risk in VSCode Extension Marketplaces Introducing HoneyBee: How We Automate Honeypot Deployment for Threat Research RediShell: Critical Remote Code Execution Vulnerability (CVE-2025-49844) in Redis, 10 CVSS score Defending against database ransomware attacks AI Security 101: Mapping the AI Attack Surface Introducing zeroday.cloud: First-of-its-kind cloud and AI hacking competition Unifying Cloud Risk and Network Defense: Wiz and Check Point The emerging use of malware invoking AI Wiz achieves FedRAMP High authorization Wiz + HCP Terraform: Close the IaC-to-Cloud Infrastructure Security Gap IMDS Abused: Hunting Rare Behaviors to Uncover Exploits Beyond CVEs: The Exploitation of Everyday Misconfigurations Wiz Research Discovers One in Five Organizations Exposed to Systemic Risks in Vibe-Coded Applications - Here's How to Secure Them Introducing Wiz Incident Response: Your Expert Partner for Cloud Security Incidents Shai-Hulud: Ongoing Package Supply Chain Worm Delivering Data-Stealing Malware DORA Compliance in the Cloud Era: Insights from Deloitte and Wiz How Wiz Customers like Brex and FICO See AI Changing Security Wiz Recognized as a Leader in the 2025 IDC MarketScape for ASPM
Introducing Runtime Threat Detection for Google Cloud Run
Shashank Golla, Shahar Yakov · 2026-05-19 · via Wiz Blog | RSS feed

Google Cloud Run has become one of the most widely adopted platforms for deploying containerized workloads without managing infrastructure. Teams across industries use it to run APIs, event-driven pipelines, AI inference endpoints, and production services at scale. But as Cloud Run adoption grows, security teams face a persistent challenge: detecting threats, malicious processes, and active attacks inside containers while they're running.

Today, we're excited to announce that Wiz Runtime Sensor support for Google Cloud Run Containers is now generally available (GA). Teams running workloads on Cloud Run can now get continuous, real-time visibility into what's executing inside their containers, investigate with the help of the Wiz Blue Agent and respond automatically when something malicious is detected.

This release completes Wiz's serverless container coverage alongside AWS Fargate and Azure Container Apps, bringing the same runtime threat detection and response experience to Google Cloud.

Closing the Serverless Runtime Gap

Cloud Run's managed nature means Google handles the underlying infrastructure. Everything above that layer is your security team's responsibility: the container images you deploy, the IAM permissions your services run with, how they're exposed to the internet, and whether malicious activity is occurring inside those containers at runtime.

Wiz already provides agentless security coverage for Cloud Run as part of the core platform. With the Wiz GCP Connector, Wiz discovers and inventories every Cloud Run Service and Revision across your GCP projects, surfaces misconfigurations through built-in cloud configuration rules, identifies network and identity risk per revision, detects vulnerabilities at the package level with SBOM, surfaces attack paths through the Wiz Security Graph, and traces issues back to source via Code to Cloud.

With this release, Wiz now also provides runtime visibility, detection, and response capabilities for your Cloud Run containers: knowing what code is actually executing, identifying active threats as they unfold, and responding before damage is done.

Real-Time Threat Detection and Response for Cloud Run

Real-Time Threat Detection

The sensor continuously monitors process execution, system calls, and runtime behavior inside your Cloud Run containers. When suspicious activity is detected, such as a binary executing that wasn't present in the original image, a reverse shell being initiated, or a DNS query to a known malicious domain, Wiz surfaces a detection immediately. Each detection is enriched with cloud context from the Security Graph: what IAM permissions the revision holds, what data it can reach, and what other resources are at risk. The Wiz Runtime Sensor ships with 2000+ built-in threat detection rules. Customers can extend the detection library with their own rules tailored to their environment and application behavior.

Figure 1: An example detection of a suspected malware execution in Cloud Run

Correlating Detections into a Threat

Rather than surfacing individual alerts for every suspicious event, Wiz correlates related detections across the workload layer into a single consolidated threat. This is powered by Wiz's Detection Engine, which uses Correlation Threat Detection Rules to evaluate related events across a time window and group signals from different origins into one threat. A cryptomining attack on your Cloud Run Container, for example, may trigger multiple detections in quick succession: a file associated with a known cryptominer, a DNS query to a known mining pool, a cryptominer command line argument, and reverse shell activity. Instead of your team triaging each of those signals separately, Wiz groups them into one threat with all the underlying detections in a single view. Your team sees the full picture of what happened, with MITRE ATT&CK context for each detection, without the noise of managing every signal independently.

AI-Powered Threat Investigation with Wiz Blue Agent

When a threat is identified, the Wiz Blue Agent automatically investigates the threat end to end. Using specialized sub-agents for forensics and code analysis, it correlates runtime detections with cloud context and source code, surfaces a transparent chain of reasoning behind every verdict, and recommends response actions — reducing the manual triage burden on your security team.

An example of the investigation and verdict by the Wiz Blue Agent

Runtime Response Policies

Configure automated responses to detections: terminating a malicious process, blocking specific runtime behavior, or triggering a workflow. For ephemeral Cloud Run containers that may disappear before a human can respond, automated response closes the gap between detection and containment.

Start protecting your serverless container environments today

To deploy the Wiz Runtime Sensor on Google Cloud Run, see the Install Runtime Sensor for Google Cloud Run guide in Wiz Docs (login required). To test the sensor against a realistic attack scenario before deploying to production, see the Simulate a Live Attack for Google Cloud Run Sensor guide.

To review your existing Cloud Run posture without the Sensor, connect your GCP environment to Wiz and navigate to your Wiz Inventory today.

Want to see it in action? Schedule a demo.