Securing Cloud Environments Using CNAPPWiz Co-Founder, CTO Ami Luttwak on Why CNAPP Is a Game Changer for Security Teams
In recent years, a wide range of organizations have made unprecedented migrations to cloud. But as businesses increasingly rely on cloud-based technologies, the need to mitigate cybersecurity threats has never been greater. Is CNAPP the solution to defending against adversaries in the cloud?
Cloud-native application protection platforms, or CNAPPs, are a relatively new category of cloud security solutions designed to provide enhanced protection to cloud environments and workloads.
"CNAPP is not just a technology; it is a whole new approach to security in this highly dynamic, complicated, agile world of cloud," said Ami Luttwak, co-founder and CTO at Wiz. "The difference CNAPP is making is to help companies and security teams effectively use cloud - but without impacting their security and risk profile."
In this video interview with Information Security Media Group at RSA Conference 2023, Luttwak also discusses:
- How adversaries are leveraging the power of cloud;
- Why cloud security requires a collaborative approach across the organization;
- Lessons learned from the CNAPP journey.
Ami Luttwak is Co-founder and Chief Technology Officer of Wiz. In his role, Ami leads the strategic vision for Wiz. He has more than 15 years of experience in information security and is an expert in cloud security, spanning infrastructure, networks, and application development.
Previously, Ami was the CTO of Adallom, a leading cloud access security broker (CASB), prior to its acquisition by Microsoft in 2015. He was the CTO of Microsoft's Cloud Security Group and led product innovation for the company’s Israel's R&D group, overseeing acquisitions and incubation projects for leading products such as Azure Security Center, Azure Sentinel, and Azure Advanced Threat Protection.
Ami served as an R&D team leader and group architect in the Israeli Intelligence Corps and holds an M.Sc. and a B.Sc. in Computer Science from the Hebrew University. He has been featured as a cybersecurity expert in Forbes and ranked #24 on Globe Israel’s people of the year list in 2016.
Tom Field: Hi there. I'm Tom Field, senior vice president of editorial with Information Security Media Group. Topic of conversation is cloud native applications protection platforms. I am delighted to welcome to the studio, Ami Luttwak. He is the co-founder and chief technology officer with Wiz. Ami, thank you so much for joining me here in the studio.
Ami Luttwak: Yeah, great to be here.
Field: So I want to start with this particularly big topic. It's a hot new category, cloud native application protection platforms. A couple questions. One, what's the problem that we're solving here?
Luttwak: I think it's all about the provenance. And so it starts from cloud. Cloud is everyone, is moving to cloud. It's the biggest thing ever. And part of that is that it's also the biggest transformation for security. Since we started doing security for organizations, it's a huge change. And CNAPP, the acronym, that you just mentioned, is basically this new approach, new operating model on how to do security for cloud.
Field: Now, you talk about the migration that's been unprecedented, overused word, but accurate over the past three years. How have adversaries taken advantage of organizations that have been doing this without adequate protection?
Luttwak: So adversaries are also using the power of cloud and power of automations. It means that if you make a mistake in the cloud, let's say you accidentally expose one of your access keys or maybe expose the database, within hours, attackers can find it, get the data, and you'll have your data on Twitter. So the risks are that they also leverage the power of cloud, and you need to be ready.
Field: I've heard you say frequently, context is king. What do you mean by that?
Luttwak: So one of the key things about cloud security is that it is a team sport. All teams need to work together to fix the problems and prepare for any kind of risks that we make. Context is king because when I have context, I can explain to the other team why it is important. So I might have a lot of issues in the environment. But the context allows me to understand from business perspective, from a risk perspective that, oh, there's an entire attack path here. If we fix this, we can prevent an attacker to get in, get to our data, and exfiltrate it outside. So context is king because it allows all of the teams to cooperate and focus on what's important to fix.
Field: That makes sense. Now, CNAPP is a new category, but you've had the chance to see it evolve. What difference would you say that CNAPP is making now?
Luttwak: CNAPP is not just a technology. CNAPP is a whole new approach of how to do security in this highly dynamic, complicated, agile world of cloud. And this is a highly complex problem. It's not just because of cloud moving fast. It's also because of change of responsibility. Developers are building the cloud. Security team, many times, is left behind. The difference CNAPP is making is to help companies and help security teams effectively use cloud. But without impacting their security and risk profile.
Field: You've had a chance to work with organizations on their CNAPP journeys, their experiences. What lessons learn, would you say you have gained from their experiences?
Luttwak: So I think in many senses, that's what we need to understand. It's not just about a feature or a technology that you implement inside your company. If you use cloud and you want to be secure, it's not enough to deploy a CNAPP platform. It is also about culture. It starts from the top and goes to the bottom, the management is to say security is important. Engineers need to understand we are responsible, also in this journey to make sure what we build is insecure. And what is key and that's what I see in organizations that make a difference is not just deploying the CNAPP platform, but also understanding across the organization, from management to the different business units that we are all working on this together to make sure that environment is secure. I'm not going to say "Oh, that's the security team's responsibility." I don't care about that. No, the only way it can work is that if you deploy the right platform. It gives visibility, gives the context for everyone. But also all teams work together and cooperate. Developers taking responsibility, security helping them to decide what to do. When everything works together, it's music.
Field: So I introduced you as a co-founder of Wiz. Talk about the organization, the company, and how you're helping your customers today.
Luttwak: So Wiz is the fastest growing cybersecurity company in history. One of the key reasons for that ...
Field: It is a big statement.
Luttwak: It is, I agree, it's quite an unbelievable journey that we've been doing with our customers. And we've been working with the largest cloud environments in the world. And I think one of the key things that we understand, and also what helps our customers embrace cloud is that cloud is different. It requires a completely new approach to cloud security. And what Wiz focuses on is building this shared platform that all of the teams in the organization can use. So engineers, DevOps, security, compliance risk, all of them have a single place. That gives them amazing visibility. Very, very accurate context. And exactly what they need to do in order to effectively reduce risk and detect attackers in their environment. This platform is a game changer for teams that embed it, because it allows them to change the way they operate on security. And I think, for me in ways, what I'm proud of, is this new approach that we enable companies to do, it's not just the technology. It is the journey to modernize your security in the cloud.
Field: This is a crowded marketplace. We're talking about cloud migration. Vendor communities are migrating to the cloud as well. What distinguishes you? What distinguishes Wiz in this extremely crowded marketplace?
Luttwak: So Wiz excels in providing amazing visibility, unmatched context, but more than that, also a great user experience for all of the teams they use with not just the security, also the developers, also the DevOps, the ability for everyone to immediately understand. Immediately means that it's seamlessly deployed but immediately also means that you immediately see what you have to fix. Why? Because you have the context. It's a platform that is easy to deploy. But also easy to understand. This ease of use is so important, because a complex system means that developers wouldn't have even the time to look at it. Ease of use and clear focus on what needs to be done is what sets Wiz apart from all of the legacy approaches to security.
Field: Very well said. Ami, thank you so much. Appreciate your time today.
Luttwak: Thank you for having me.
Field: Again, we just heard from Ami Luttwak with Wiz. For Information Security Media Group, I'm Tom Field. Thank you for giving us your time and attention today.