
Cloud Security
Wiz Cloud Security Platform
Agentless cloud and AI security using a Security Graph to map attack paths from code to runtime.
Wiz Cloud Security Platform Overview
What it does
Wiz Cloud Security Platform is an agentless Cloud Native Application Protection Platform (CNAPP) rebranded as Wiz AI-APP, providing visibility and protection for cloud infrastructure, AI models, data, and applications from code to runtime. The platform connects via cloud APIs in minutes and uses a proprietary Security Graph to correlate vulnerabilities, misconfigurations, identities, network exposure, and AI-specific risks into prioritized attack paths.
How it works
The platform spans Wiz Cloud (core CNAPP), Wiz Code (IDE and pipeline scanning with code-to-cloud correlation), Wiz Defend (cloud detection and response), and Wiz Sensor (eBPF runtime protection). Orchestrate Workflows automates detection-to-remediation sequences, and Wiz Agents extend graph context into AI-driven investigation and response. The Wiz Integration (WIN) platform shares findings bidirectionally with SIEM, SOAR, ticketing, and vulnerability management tools across 200+ connectors.
Credentials and traction
Wiz holds SOC 2 Type II, ISO 27001, and FedRAMP High and Moderate authorizations, along with ISO 27017/27018/27701, SOC 3, PCI DSS v4.0.1, HIPAA, IRAP, and CSA STAR Level 1. Wiz was named a Leader in The Forrester Wave: Cloud Native Application Protection Solutions, Q1 2026, and a Leader in the 2025 IDC MarketScape for Worldwide CNAPP. Customers include Aon, Morgan Stanley, Salesforce, Fox, and Zendesk.
Key Capabilities
mapped to solution categoriesInstruments workload behavior at the kernel level via eBPF without a traditional user-space agent. Provides syscall-level visibility into process execution, network connections, and file access in running containers and VMs.
Enriches cloud misconfigurations, vulnerable workloads, and runtime detections with threat intelligence on active exploitation, prioritizing exposures attackers use over theoretical severity alone.
Correlates individual misconfigurations and CVEs into chained attack scenarios showing lateral movement paths from exposed entry point to a target asset. Produces a prioritized list of attack paths rather than a flat CVE inventory.
Analyzes container images and dependencies for CVEs, malicious or compromised packages, and SBOM generation across the build pipeline.
Analyzes IAM policies across AWS, Azure, and GCP to surface over-permissioned roles, unused permissions, and cross-account trust relationships that create lateral movement opportunities.
Enforces a single policy definition across AWS, Azure, and GCP resource types, translating to provider-native configurations rather than requiring separate policy sets per cloud.
Monitors running pod and container behavior against policy, detecting unexpected process execution, network connections, and privilege escalation at runtime rather than at image scan time.
Delivers scan results inside developer IDEs and pipeline stages so developers receive findings before code merges, reducing the cost and cycle time of remediation.
Exports compliance evidence pre-mapped to framework control requirements (SOC 2, ISO 27001, PCI DSS), in formats auditors can consume directly: not raw CSV exports requiring manual assembly.
Reads cloud volume snapshots out-of-band to assess workloads for vulnerabilities, secrets, and misconfigurations without agents or touching running instances.
Discovers and classifies sensitive data in IaaS and PaaS stores such as object storage, databases, and data warehouses, surfacing data exposure risk alongside infrastructure findings.
Scans infrastructure-as-code templates (Terraform, CloudFormation, Kubernetes manifests, and Helm charts) for misconfigurations and policy violations before deployment, so issues are caught in the pipeline rather than in production.
Continuously audits cloud and Kubernetes configuration across AWS, Azure, and GCP against security benchmarks, flagging misconfigurations and identity-permission gaps that create exploitable exposures.
Detects sensitive or regulated data in AI training, fine-tuning, or third-party LLM flows without appropriate controls, such as unencrypted PII in inputs or PHI sent to external APIs.
Maps data lineage and provenance across AI training and inference pipelines, tracing how PII, PHI, and IP move into models and external services.
Assesses the identities and service accounts that AI models, pipelines, and agents use, flagging over-permissioned non-human identities and access paths that violate least privilege. Reports identity risk as a posture finding, distinct from enforcing access policies at the model API at runtime.
Automatically discovers AI models, LLM API connections, ML pipelines, and AI-enabled SaaS applications in use across the organization, including those deployed without IT authorization.
Discovers AI model and inference endpoints and flags public exposure, weak authentication, default credentials, or excessive permissions as posture misconfigurations.
Verifies that sensitive data is stored and processed only in approved geographic regions, mapping data locations to applicable residency requirements (GDPR EEA, Australian Privacy Act, data sovereignty laws).
Assigns risk scores to discovered data based on sensitivity, access exposure, and configuration, then continuously monitors access patterns and policy compliance to surface the highest-risk data stores for action.
Maps effective permissions to sensitive data stores across cloud IAM, database roles, and SaaS permissions, identifies over-privileged access and dormant entitlements.
Discovers and classifies sensitive data (PII, PHI, PCI data, IP) across cloud object storage, relational and NoSQL databases, data lakes, and SaaS platforms using content inspection and ML classification.
Detects how sensitive data moves and transforms through AI pipelines to prevent exposure.
Compliance
certificationsIntegrations
compatible toolsImplementation & support
Info last updated on May 27, 2026
Vendors
Is this your product?
Claim your profile to connect with the teams looking for your solutions.