Wiz Cloud Security Platform
Agentless CNAPP using proprietary Security Graph to map attack paths across multi-cloud environments.
Vendor Information
Wiz Cloud Security Platform Overview
Wiz is an agentless cloud-native application protection platform (CNAPP) that provides comprehensive security across AWS, Azure, GCP, Oracle Cloud, and Kubernetes through 100% API-based scanning without requiring agent deployment. The platform's proprietary Security Graph technology analyzes relationships between cloud resources to identify toxic combinations of vulnerabilities, misconfigurations, excessive permissions, and network exposures that create complete attack paths from external entry points to critical data, enabling teams without deep cloud expertise to understand and prioritize actual business risk.
The platform automatically discovers and inventories all cloud resources, then uses graph-based risk analysis to correlate issues across infrastructure, workloads, identities, and data to surface the small percentage of risks that truly matter. Wiz has evolved into a unified multi-product platform including Wiz Cloud (core CNAPP with code-to-cloud traceability), Wiz Code (application security with IDE scanning and IaC analysis), Wiz Defend (cloud detection and response), and Wiz Sensor (eBPF-based runtime protection), with API deployment completing in under 60 seconds and the Wiz Integration (WIN) platform enabling bidirectional security finding sharing across 200+ integrations.
Founded in 2020 and headquartered in New York, Wiz serves over 700 customers including more than 50% of the Fortune 100. The platform maintains SOC 2 Type II, ISO 27001, ISO 27701, HIPAA compliance, and FedRAMP Moderate authorization, and is recognized as a Leader in the IDC MarketScape Worldwide CNAPP 2025 Vendor Assessment and as a representative vendor in Gartner's CNAPP category.
Key Capabilities
Standardized capabilities mapped to this product's security niche
Instruments workload behavior at the kernel level via eBPF without a traditional user-space agent. Provides syscall-level visibility into process execution, network connections, and file access in running containers and VMs.
Populates exercise technique selection from current threat intelligence about adversaries relevant to the organization, focusing exercise scope on realistic threats rather than theoretical coverage.
Correlates individual misconfigurations and CVEs into chained attack scenarios showing lateral movement paths from exposed entry point to a target asset. Produces a prioritized list of attack paths rather than a flat CVE inventory.
Scans container base images and dependencies for packages with known malicious behavior or compromise (typosquatting, backdoored releases) beyond CVE matching on legitimate code.
Analyzes IAM policies across AWS, Azure, and GCP to surface over-permissioned roles, unused permissions, and cross-account trust relationships that create lateral movement opportunities.
Enforces a single policy definition across AWS, Azure, and GCP resource types, translating to provider-native configurations rather than requiring separate policy sets per cloud.
Monitors running pod and container behavior against policy, detecting unexpected process execution, network connections, and privilege escalation at runtime rather than at image scan time.
Delivers scan results inside developer IDEs and pipeline stages so developers receive findings before code merges, reducing the cost and cycle time of remediation.
Exports compliance evidence pre-mapped to framework control requirements (SOC 2, ISO 27001, PCI DSS), in formats auditors can consume directly: not raw CSV exports requiring manual assembly.
Reads cloud volume snapshots out-of-band to assess workloads without deploying agents or sending traffic to running instances. Enables coverage of systems that cannot run agents (mid-migration, locked-down, or legacy.
Discovers and classifies sensitive data across cloud storage, databases, and SaaS, then maps access and data flows. Adds a data risk layer to infrastructure posture.
Integrations
Compatible tools and platforms
Solution Details
Compliance & Certifications
Regulatory frameworks and security certifications
Deployment Options
Where and how this solution can be deployed
Support Channels
Available support and communication options
Pricing Model
How this solution is priced
How to buy
This profile hasn’t been claimed yet. Contact the vendor directly for pricing and purchasing options.
Is this your company?
Claim Your Profile