Cyber Tool Stack
All tools

Wiz

By Wiz

The agentless CNAPP that connects to cloud accounts through provider APIs and builds a security graph of resources, identities, network exposure, and data, correlating findings into attack paths rather than flat lists. Google's ~$32B acquisition of Wiz closed in March 2026; the platform continues under the Wiz brand inside Google Cloud and remains multi-cloud.

Verified Sources: 1, 2

Product type
Software
Deployment
SaaS
Organization size
Mid-marketEnterprise
Pricing tier
$$$

Capability checklist

CNAPP/CSPM

How Wiz measures up against the full Cloud-Native Application Protection / Posture Management taxonomy.

Misconfiguration detection (CSPM) — supported
Flags cloud configuration drift against benchmarks like CIS and provider best practices.
Agentless workload scanning — supported
Scans workloads via cloud provider APIs or snapshots without deploying agents.
Cloud entitlement management (CIEM) — supported
Identifies excessive or unused permissions across cloud identities.
Attack path analysis — supported
Correlates findings across identity, network, and data exposure to surface exploitable attack paths.
Infrastructure-as-code scanning — supported
Catches misconfigurations in Terraform and CloudFormation before they're deployed.
Vulnerability prioritization — supported
Finds and ranks OS and package CVEs across cloud workloads by real-world exploitability.
Compliance benchmark mapping — supported
Continuously maps posture to frameworks like CIS, SOC 2, and PCI.

Alternatives

Other Cloud-Native Application Protection / Posture Management tools with overlapping capabilities, sized for similar teams.

Appears in stacks

Real-world stacks that include Wiz.

Search Cyber Tool Stack

Jump to any tool, vendor, category, or glossary term.