Reimagining cloud security using Amazon Neptune graph database with Wiz

Wiz wanted to reimagine security to efficiently capture interconnected risk factors and help organizations visualize and query their data in context. Traditional security solutions use siloed data sources for vulnerabilities, network exposures, and identities, making it difficult to understand the real risk to the customer environment. For example, vulnerabilities from within an internal network may be lower priority than those from the public internet, but traditional cybersecurity tools ignore such nuances. By viewing security in a contextual risk model, organizations can prioritize critical issues and focus remediation efforts on them.

Wiz recognized that answering complex security questions about any cloud environment required a graph data model. The company chose Neptune because it provided a fully managed, AWS-native graph database service that Wiz needed to unlock the full potential of its customers’ data. “Using Neptune, we can deliver a great security service without worrying about scaling or infrastructure growth,” says Sagi Tsofan, senior software engineer at Wiz. “This helps our team focus entirely on building our security service and core products.”

“The primary benefit for us is giving our customers broader context,” says Roy Reznik, cofounder and vice president of research and development at Wiz. “Context is king. Graph models that use Neptune store hundreds of billions of relationships to help us reveal a complete view of our customers’ cloud environments.”

Wiz uses agentless scanners to monitor customer workloads and send data to Amazon ElastiCache, a serverless, fully managed caching service delivering microsecond latency. Using Amazon ElastiCache for Valkey, Wiz off-loads the scan comparison process by utilizing the Redis data structures, allowing it to rightsize database instances and reduce CPU and memory consumption—resulting in a 20 percent cost savings. 

Wiz manages a high volume of data and uses Amazon Aurora—which provides high performance and availability at a global scale for PostgreSQL, MySQL, and DSQL—to store this data. The company then ingests the required security data into Neptune to generate a security graph for the customer’s cloud infrastructure.

Using Wiz’s solution, customers can clearly see the relationship between resources in the cloud environment, identify exposure risks, and prioritize vulnerabilities. And because of the global reach that AWS offers, Wiz can support its growing customer base worldwide. The company uses hundreds of Neptune clusters that are deployed over more than 20 AWS Regions. “Using AWS, we can rapidly scale up to meet almost any customer need, whether that involves adding more instances to a cluster or increasing the size of an existing instance,” says Tsofan. “We can scale as our customers scale.”

To strengthen security and achieve both high and medium authorizations from the Federal Risk and Authorization Management Program, Wiz uses AWS GovCloud (US) Regions, isolated US sovereign Regions that are operated by US citizens and deliver innovation for customers who have elevated compliance needs.

Wiz deploys one of the world’s largest security graphs and works closely alongside the Neptune engineering team to strategize, evolve, and scale its product. Committed to innovation, Wiz rapidly adopts and tries new features. “Because Neptune is a fully managed graph database that handles operational tasks, our engineering team doesn’t need to maintain the database infrastructure,” says Tsofan.

Using Neptune, Wiz analyzes a massive volume of security data, scanning billions of cloud resources daily. Its customers perform advanced analytics and run millions of searches on the graph every day. With support from the Neptune engineering team, Wiz optimized its ingestion pipeline to minimize latency and improve performance. “Given the massive volume of data we ingest, every fraction of a millisecond matters,” says Tsofan.

Wiz is also enhancing its security solution by incorporating generative AI through Amazon Bedrock—a comprehensive, secure, and flexible service for building generative AI applications and agents. This way, the company can provide enhanced remediation guidance. And it can help its customers reduce their mean time to remediation by generating straightforward instructions in common formats for addressing security issues. This AI-powered guidance helps security teams spend 40 percent less time investigating complex risks.