Security Stack Logo
Wiz Cloud Security Platform logo

Cloud Security

Wiz Cloud Security Platform

Agentless cloud and AI security using a Security Graph to map attack paths from code to runtime.

Cloud-Native Application Protection Platform (CNAPP)AI Security Posture Management (AISPM)Data Security Posture Management (DSPM)

Wiz Cloud Security Platform Overview

What it does

Wiz Cloud Security Platform is an agentless Cloud Native Application Protection Platform (CNAPP) rebranded as Wiz AI-APP, providing visibility and protection for cloud infrastructure, AI models, data, and applications from code to runtime. The platform connects via cloud APIs in minutes and uses a proprietary Security Graph to correlate vulnerabilities, misconfigurations, identities, network exposure, and AI-specific risks into prioritized attack paths.

How it works

The platform spans Wiz Cloud (core CNAPP), Wiz Code (IDE and pipeline scanning with code-to-cloud correlation), Wiz Defend (cloud detection and response), and Wiz Sensor (eBPF runtime protection). Orchestrate Workflows automates detection-to-remediation sequences, and Wiz Agents extend graph context into AI-driven investigation and response. The Wiz Integration (WIN) platform shares findings bidirectionally with SIEM, SOAR, ticketing, and vulnerability management tools across 200+ connectors.

Credentials and traction

Wiz holds SOC 2 Type II, ISO 27001, and FedRAMP High and Moderate authorizations, along with ISO 27017/27018/27701, SOC 3, PCI DSS v4.0.1, HIPAA, IRAP, and CSA STAR Level 1. Wiz was named a Leader in The Forrester Wave: Cloud Native Application Protection Solutions, Q1 2026, and a Leader in the 2025 IDC MarketScape for Worldwide CNAPP. Customers include Aon, Morgan Stanley, Salesforce, Fox, and Zendesk.

Key Capabilities

mapped to solution categories
Cloud-Native Application Protection Platform (CNAPP)

Instruments workload behavior at the kernel level via eBPF without a traditional user-space agent. Provides syscall-level visibility into process execution, network connections, and file access in running containers and VMs.

Enriches cloud misconfigurations, vulnerable workloads, and runtime detections with threat intelligence on active exploitation, prioritizing exposures attackers use over theoretical severity alone.

Correlates individual misconfigurations and CVEs into chained attack scenarios showing lateral movement paths from exposed entry point to a target asset. Produces a prioritized list of attack paths rather than a flat CVE inventory.

Analyzes container images and dependencies for CVEs, malicious or compromised packages, and SBOM generation across the build pipeline.

Analyzes IAM policies across AWS, Azure, and GCP to surface over-permissioned roles, unused permissions, and cross-account trust relationships that create lateral movement opportunities.

Enforces a single policy definition across AWS, Azure, and GCP resource types, translating to provider-native configurations rather than requiring separate policy sets per cloud.

Monitors running pod and container behavior against policy, detecting unexpected process execution, network connections, and privilege escalation at runtime rather than at image scan time.

Delivers scan results inside developer IDEs and pipeline stages so developers receive findings before code merges, reducing the cost and cycle time of remediation.

Exports compliance evidence pre-mapped to framework control requirements (SOC 2, ISO 27001, PCI DSS), in formats auditors can consume directly: not raw CSV exports requiring manual assembly.

Reads cloud volume snapshots out-of-band to assess workloads for vulnerabilities, secrets, and misconfigurations without agents or touching running instances.

Discovers and classifies sensitive data in IaaS and PaaS stores such as object storage, databases, and data warehouses, surfacing data exposure risk alongside infrastructure findings.

Scans infrastructure-as-code templates (Terraform, CloudFormation, Kubernetes manifests, and Helm charts) for misconfigurations and policy violations before deployment, so issues are caught in the pipeline rather than in production.

Continuously audits cloud and Kubernetes configuration across AWS, Azure, and GCP against security benchmarks, flagging misconfigurations and identity-permission gaps that create exploitable exposures.

AI Security Posture Management (AISPM)

Detects sensitive or regulated data in AI training, fine-tuning, or third-party LLM flows without appropriate controls, such as unencrypted PII in inputs or PHI sent to external APIs.

Maps data lineage and provenance across AI training and inference pipelines, tracing how PII, PHI, and IP move into models and external services.

Assesses the identities and service accounts that AI models, pipelines, and agents use, flagging over-permissioned non-human identities and access paths that violate least privilege. Reports identity risk as a posture finding, distinct from enforcing access policies at the model API at runtime.

Automatically discovers AI models, LLM API connections, ML pipelines, and AI-enabled SaaS applications in use across the organization, including those deployed without IT authorization.

Discovers AI model and inference endpoints and flags public exposure, weak authentication, default credentials, or excessive permissions as posture misconfigurations.

Data Security Posture Management (DSPM)

Verifies that sensitive data is stored and processed only in approved geographic regions, mapping data locations to applicable residency requirements (GDPR EEA, Australian Privacy Act, data sovereignty laws).

Assigns risk scores to discovered data based on sensitivity, access exposure, and configuration, then continuously monitors access patterns and policy compliance to surface the highest-risk data stores for action.

Maps effective permissions to sensitive data stores across cloud IAM, database roles, and SaaS permissions, identifies over-privileged access and dormant entitlements.

Discovers and classifies sensitive data (PII, PHI, PCI data, IP) across cloud object storage, relational and NoSQL databases, data lakes, and SaaS platforms using content inspection and ML classification.

Detects how sensitive data moves and transforms through AI pipelines to prevent exposure.

Compliance

certifications
CCPACSA STAR Level 1FedRAMP HighFedRAMP ModerateGovRAMPHIPAAIRAPISO 27001ISO 27017ISO 27018ISO 27701PCI DSSSOC 2 Type IISOC 3TX-RAMP

Integrations

compatible tools
AWSAzureCI/CD PipelinesGoogle CloudJiraKubernetesPagerDutyServiceNowSIEM platformsSlack

Implementation & support

Deployment model
CloudSaaS
Pricing structure
Custom / Enterprise
Support channels
24/7 SupportCustomer Success TeamEmail SupportKnowledge BaseTraining / Academy

Info last updated on May 27, 2026

Vendors

Is this your product?

Claim your profile to connect with the teams looking for your solutions.

Security Stack Logo

The curated research platform for enterprise cybersecurity solutions.

All product and company names, logos, and brands are property of their respective owners and are used on this website for identification purposes only. Security Stack does not endorse any vendor, product, or service listed, and makes no warranties, express or implied, as to the accuracy or completeness of this content, including any warranties of merchantability or fitness for a particular purpose.

© 2026 Security Stack. All rights reserved.