Same here, I guess it's the circles you run. I just went to their homepage and I have no idea what they do. I already have CI/CD, code, etc.. "securing" it seems like, use aws secret stores?

In other words, their webpage is not telling me anything. Companies like these, always feel like instead of having a useful product, they hired useful networks of people to "spread the word" and sell sell sell to your network. Apparently I wasn't in the network. Sorry old and salty.

Companies have problems securing their workloads. Not just storing secrets. Off the top of my head, I've personally been able to centralize the following with a single tool (instead of gluing together a dozen different providers)

- scan cloud configurations for policy violations - detect and remediate infrastructure misconfigurations - real-time visibility into cloud resource inventories - early detection of issues - container vuln. scanning - runtime anomalous behavior - alerts and correlate security events - compliance mappings - id risky permissions in IAM policies - track changes and configuration drift over time - implement zero-trust policies across microservices - eforce network seg in containerized environments - run security checks during build and deploy stages - vulnerability assessments on running VMs and containers - policy-as-code for consistent security standards

As a meaningful tangent, how many layers of obscurity do you use to keep sales people from contacting you?

If you do interesting work, you’ll get cold emails unless you take steps to avoid them.

It's a whale, but a young whale.

Wiz has only been around for 5-years.

In your opinion, are they a whale because they make a great product... or just have a great marketing/PR/sales team? I am guessing "great product" because I cannot believe that Google cannot just rebuild it themselves (if not a great product).

Wiz is widely considered one of the strongest CNAPP/CSPM products on the market. I haven’t personally tested every single competitor’s solution, but I’ve found Wiz to outperform pan, crowdstrike, and prisma.

To answer your question. Google doesn't acquire Wis because Google can’t build a comparable product themselves. The real driver is that Wiz has already achieved market penetration and trust. Replicating that from scratch would be a massive undertaking, requiring not just a sophisticated product but also the brand credibility, customer relationships, and reputation for reliability. establishing that level of traction and trust is difficult, time-consuming, and expensive. I highly doubt Google would try to build a direct competitor from the ground up when acquiring Wiz allows them to leverage its existing success right away.

I highly doubt Google would be capable of building something like this from the ground up. Just take a look at one of their recent efforts Stadia.

The product is great. We’re using it since 2023. Very happy.

Regarding your google comment: Google builds Google products that can also be used by other people. I am pretty confident they cannot build something like Wiz. And not because they don’t have researchers and developers.