Skip to main content

Wiz has entered the hardened Linux distribution game with WizOS - their answer to vulnerability-riddled container base images. Jeremy breaks down what this means for the secure development ecosystem.

Listen-on-SpotifyWatch-on-LinkedIn

This blog recaps Jeremy's short video on WizOS.

 

Watch or listen to Jeremy's full video above or continue below for a short, high-level summary.

What is WizOS?

A hardened, lightweight Linux distribution that's designed to be near CVE-free. Think Alpine, but with security baked in from the ground up rather than patched after the fact.

Current State

  • Focused on Golang architectures (narrow but growing)
  • Already in production use at Wiz (they've replaced Alpine internally)
  • Integrates with Wiz's platform to recommend secure base image alternatives
  • Shows critical vulnerabilities alongside WizOS remediation options

The Bigger Picture

This isn't just about Wiz. Chainguard pioneered this approach with Wolfi and their "start left, don't shift left" philosophy. Their recent $3.5B valuation (up from $1.1B last year) shows the market appetite for supply chain security tools.

What's Coming

Wiz plans to expand beyond Golang to support broader base images and common application layers. Expect to see WizOS variants for ASP.NET, databases, and other popular development stacks.

Why This Matters

Supply chain attacks have made vulnerable base images a critical risk. Rather than constantly patching vulnerabilities post-deployment, teams can start with foundations that are secure by design.

The shift from reactive security to proactive prevention is accelerating - and container base images are ground zero for this transformation.

Jeremy Nees
Post by Jeremy Nees
24 May 2025
Jeremy is our resident thought leader with a huge amount of knowledge on all things cloud, having worked across service provider environments, local government and large enterprise organisations. Jeremy is responsible for leading our enterprise cloud and security consulting and cloud-managed services, with a focus on the productisation of our wider global service offering.