Application Security , Cloud Security , Next-Generation Technologies & Secure Development

Wiz Fortifies Application Security With $450M Dazz Purchase

Buy of Application Security Startup Enhances Code-to-Cloud Vulnerability Management
Wiz Fortifies Application Security With $450M Dazz Purchase
Merav Bahat, co-founder and CEO, Dazz (Image: Chicbox Photography)

Wiz purchased an application security posture management startup led by the former head of Microsoft's cloud security business to address vulnerabilities from code to cloud.

See Also: Real-World Strategies for Securing Remote Workforces and Data

The New York-based cloud security behemoth said combining Wiz's cloud-native application protection platform with Silicon Valley-based Dazz's root-cause analysis and remediation capabilities will provide enterprises with unified vulnerability management and streamlined operations, according to Dazz Co-Founder and CEO Merav Bahat. She said the deal will help Dazz reach more Fortune 500 organizations.

"There's a big opportunity in the joint solution," Bahat told Information Security Media Group. "We can actually scale even faster being part of Wiz. We can reach a bigger customer base and have a larger market share with this joint solution. The fix is really there. It makes a lot of sense. And this being a unified solution, it also makes a lot of sense for the customers from an experience perspective."

Dazz, founded in 2021, employs 125 people and has raised $110 million in three rounds of outside funding, including a $50 million investment in July co-led by Greylock. The company has been led since inception by Bahat, who previously spent nearly five years at Microsoft, culminating in a stint leading its cloud security business. Wiz will pay $450 million for Dazz, a source familiar with the situation said (see: Wiz Buys Startup Gem Security for $350M to Spot Cloud Issues).

What Sets Dazz's Approach to Application Security Apart

The acquisition capitalizes on shared customer interests and a growing demand for end-to-end security solutions, with many organizations already using both Wiz and Dazz separately, according to Bahat. A shared DNA at Microsoft and history of collaboration between the two founding teams formed a natural fit for the acquisition, Bahat said, with Wiz enabling faster scaling and access to a larger customer base.

"We can grow independently," Bahat said. "We grew pretty, pretty fast. But with Wiz, which is the fastest-growing company in cyber history, we can grow even faster."

Combining Wiz and Dazz will give organizations a single platform that provides visibility from code to cloud, including misconfigurations, runtime vulnerabilities and CI/CD pipeline issues, Bahat said. Pairing Dazz's root-cause analysis with Wiz's cloud detection capabilities will reduce tool complexity, improve the speed-of-issue resolution, and empower teams to prioritize and remediate vulnerabilities effectively.

"The benefits for the security team - cloud security, app security teams, as well as engineering - are massive because it's a one-stop shop," Bahat said. "It allows engineering to be able to action security issues pretty quickly and painlessly, and actually to reduce the overall exposure that you have in the application and in the cloud."

Dazz distinguishes itself through its focus on root-cause analysis, Bahat said, with the company enabling precise remediation by identifying the origins of vulnerabilities and misconfigurations. Unlike rivals that emphasize detection, Dazz prioritizes actionable insights and remediation, Bahat said. By correlating vulnerabilities across cloud, code and CI/CD, Dazz reduces duplication and enhances prioritization.

"One of the things that makes us different is root-cause analysis functionality," Bahat said. "We connect cloud and code. We don't just focus on the pre-production. We look at applications across pre-production, production and runtime. We take data from all of these and help with the remediation flows."

How Wiz, Dazz Will Come Together

Dazz's technology will be rebuilt on Wiz's platform to ensure a unified architecture that benefits both new and existing customers, and Bahat said this process will involve parallel workstreams to maintain Dazz's current offerings while integrating its features into Wiz's ecosystem. Bahat said the objective is to eliminate the need for bolt-on solutions by putting Dazz's functionality natively into Wiz's infrastructure.

"The way we think about it, and that is Wiz's strategy, is not to have bolt-on solutions and stick them together with glue," Bahat said. "We really need to build Dazz on top of the Wiz platform, and that's something that we want to complete quickly and make sure that we have a unified architecture for our customers."

Both companies serve Fortune 500 customers - with notable success among tech and financial services organizations - and Bahat said Dazz can leverage Wiz's existing customer base to expand its offerings to upper mid-market and smaller enterprise companies. While Dazz has to date focused on North America and Europe, Bahat said Wiz's global footprint will enable greater reach into additional geographies.

"Where we overlap is the Fortune 500 and the larger tech companies," Bahat said. "It's at the high end of the customer base. This is where we collaborate, and this is where we find our solution really works well together. Obviously, Wiz will open the door for us to their entire customer base, and probably, we're going to address the larger marketplace together."

Key post-close milestones for Wiz and Dazz include completing product integration within a defined time frame and achieving rapid customer adoption of the unified platform, Bahat said. Success will also be measured by the increase in the number of customers using both the Dazz and Wiz solutions and by monitoring the volume of issues detected and resolved using the integrated platform, Bahat said.

"We can measure usage pretty easily in both companies," Bahat said. "To see that the usage of Dazz is growing really fast, and we can see that the customers are actually fixing issues that are assigned in the same platform."


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.