In the multi-cloud world, organizations rapidly deploy new servers, containers, and applications across multiple platforms. Each new cloud workload contains a multitude of hosted technologies-software that runs directly on a workload including server applications, libraries, programming languages, and virtual appliances.

The sprawl of hosted technologies in an organization can quickly create governance gaps. These gaps translate directly into security risks: vulnerable end-of-life (EOL) technologies left running in the environment, technologies from untrusted sources, and shadow technologies. 

Despite the risk, many teams still struggle to get the full picture of their technology inventory. Manual discovery and incomplete or siloed inventory can all get in the way of proper governance. 

Wiz brings unparalleled clarity to your software inventory through our new Hosted Technologies Inventory. This comprehensive view encompasses all hosted technology instances detected across your cloud environment, along with crucial context, so you can close governance gaps and proactively reduce technology risk. 

The Challenge: Navigating the Complexity of Hosted Technologies

The sheer volume and diversity of technologies can create complex governance gaps:

• Software Sprawl and Version Drift: Rapid deployment often leads to running multiple versions of the same software or failing to retire unsupported components. This sprawl creates systemic security vulnerabilities because End-of-Life (EOL) technologies are no longer supported or patched. 

• Unmanaged and Shadow Software: New applications and libraries are frequently deployed without security oversight. This shadow IT can expand the attack surface and bypass crucial security controls, potentially leading to data exposure and compliance issues.

The Wiz Solution: Unified Technology Visibility and Context

With the new Hosted Technologies Inventory in Wiz, you gain a unified view of all hosted software in your environment. It acts as a central control panel, bringing together data across different discovery sources from code, cloud and the external attack surface. This consolidation ensures immediate visibility and eliminates the time wasted switching between siloed software management tools

Wiz goes beyond a simple inventory to deliver actionable management insights through risk-aware software intelligence. Every piece of installed software is immediately tied to its full context, encompassing:

1. Comprehensive Software Intelligence: This includes the technology metadata (including vendor details, category, popularity, and known risks) and the software instance details (such as version, EOL status, validated in runtime status, and detection method).

2. Detailed Environmental Context: This covers the hosting workload's ecosystem, including its subscription, project, public exposure status, and risk insights.

This allows teams to instantly cut through the noise and prioritize remediation based on software risk and blast radius.

Comprehensive Use Cases for Software Governance

The powerful searching, filtering, and grouping functions available on the Hosted Technologies page enable precise governance across the entire software lifecycle.

1. Proactive Lifecycle Management and Risk Mitigation

The platform empowers your teams to continuously manage software health, shifting from firefighting to proactive risk mitigation:

• Track End-of-Life (EOL) Status: Easily monitor the lifecycle status of all deployed software to find EOL technologies, upcoming EOL technologies, or those that have exceeded a specific grace period. 

• Investigate Version Sprawl: Group results by version to immediately identify fragmentation and standardize on a single, secure release, thereby reducing security vulnerabilities and management overhead.

• Identify High-Risk Instances: Filter the inventory to instantly pinpoint business-critical software assets that present immediate risk. This includes identifying hosted technologies that are publicly accessible, handle sensitive data, and are running vulnerable or outdated versions. 

2. Endpoint Coverage and Shadow IT 

• Audit Endpoint Security Coverage: The inventory provides a complete view of endpoint security software installed across your resources. Use this to track agent coverage gaps, verify that agent software is running the latest version, and identify resources running redundant agents for consolidation opportunities.

• Identify and Address Shadow AI: Easily identify and manage unwanted hosted technology resources by filtering for the AI category and the unwanted technology status. Governing this is essential, given that employees often use generative AI tools without IT oversight, posing significant data privacy and compliance risks.

3. Business Analysis 

• Analyze Vendor Dominance: Grouping by Vendor instantly reveals which software vendors are most dominant in your environment, providing key insights for licensing and software management.

• Analyze Software Distribution by Project: Grouping by Project provides clear accountability, allowing you to monitor software usage patterns and instantly determine which business units have the most diverse software tools, highlighting areas for standardization and governance enforcement.

Ask the Expert: Querying Inventory with Mika AI 

The deep, contextual data of the Hosted Technologies Inventory is brought to life by Mika AI. Wiz allows users to get immediate, risk-prioritized answers using simple natural language. Ask Mika to:

• Show me vulnerable end of life technologies in my environment

• Create a migration plan for technologies reaching end of life in the next 6 months

• Show me the most dominant software vendors in my environment

Continuous Assurance: Monitoring What Matters

Wiz turns software inventory management into a continuous process. Any customized search, filter, or grouping performed on the Hosted Technologies page can be saved as a Monitored Metric.

This feature enables continuous tracking of key trends over time, such as the count of end-of-life resources or the number of machines running endpoint security software, without manual recalculation. You can also save these customized views as widgets to create personalized software management dashboards or exported as reports for audit and compliance purposes.

What’s Next: Automating Software Management

The hosted technologies inventory is the first step towards further enabling automated software lifecycle management and governance enforcement in Wiz:

• Advanced Lifecycle Management with "Versions Behind Latest": We plan to enrich the hosted technology inventory with a "versions behind latest" property. This will allow you to filter hosted technologies by how many versions behind the latest release they are, making it easier to prioritize patching and track upgrade progress without manually updating queries.

• New Software Management Rules: Building on the inventory data, we plan to enable Software Management rules. These rules will allow you to identify and manage software applications and components based on patch status, version compliance, security reputation, and internal requirements across your cloud environment.

The new Hosted Technologies page is now Generally Available. Check it out in Wiz or request a demo today to unlock full visibility and control over your cloud software environment.