Wiz Defend is a cloud-native threat detection and response platform that provides real-time monitoring and investigation capabilities across cloud environments. The platform combines eBPF-powered runtime signals with cloud and SaaS log analysis to detect threats and understand attack paths. The solution offers runtime workload protection through the Wiz Sensor, which monitors VMs, containerized environments, and serverless containers. For Kubernetes environments, it provides runtime file integrity monitoring, drift detection, and threat monitoring capabilities. The platform includes Cloud Investigation and Response Automation (CIRA) functionality that combines agentless and agent-based runtime capabilities for forensic data collection and analysis. It features Identity Threat Detection and Response (ITDR) to detect anomalies in user behavior and access patterns, as well as Data Detection and Response (DDR) for monitoring unusual access to sensitive data. Wiz Defend incorporates cloud threat intelligence through the Wiz Threat Center, providing insights into cloud-native attacker tactics, techniques, and procedures mapped to MITRE ATT&CK. The platform includes behavioral baselining technology and built-in detections for identifying suspicious activity across workloads, cloud, and Kubernetes control planes. The solution offers cloud-native containment playbooks and root-cause analysis capabilities to trace issues back to source code or configuration. Detections are enriched with context from the Wiz Security Graph to determine severity and facilitate response.