At AI speed, answering the questions behind a security finding becomes even more challenging. What actually caused this risk? Which resource or piece of code introduced it? Who owns it? And what’s the safest way to fix it without breaking production? Manually piecing together those answers across cloud infrastructure, identities, code, and runtime signals can take hours, or longer. To keep up with the pace of AI-driven development, security teams need AI-powered remediation, but that only works if the AI has the right context.
Wiz already has all the context security teams struggle to piece together: the full cloud environment through the Security Graph, code-to-cloud tracing, deep ownership context from across the environment, and historical patterns of remediation. To synthesize that context and turn it into action, this week we introduced the Wiz Green Agent. The Green Agent proactively investigates the top risks in your environment, automatically uncovering root causes and suggesting the most effective remediation plan.
By delivering the right context and guidance to the person best positioned to fix the issue, the Green Agent helps turn every team member into a security expert and every finding into a fix.
Remediation at Machine Speed with the Green Agent
To tackle complex cloud risks at AI speed, the Wiz Green Agent acts as a digital security investigator and remediation engine, combining prescribed security best practices with dynamic AI reasoning. It follows domain-specific investigation across risk domains in Wiz, like AI Security, and analyzes every Issue against proven methodologies, such as containing risks before applying fixes or selecting layer-appropriate remediations. For example, it may recommend updating source code before rebuilding a container or enforcing least-privilege access while validating the fix.
On top of this foundation, the Green Agent applies dynamic reasoning powered by large language models to evaluate each Issue in context—connecting signals, validating attack paths, and determining the true root cause. Rather than relying on static logic, it adapts its analysis to the environment and identifies the most effective remediation strategy to reduce exploitable risk without disrupting operations.
For example, if a vulnerable service is publicly exposed, the Green Agent will mark remediation steps that could impact availability as Suggested or Optional, include clear restore instructions, and flag any remediation steps that may affect application functionality. Teams get a transparent view of the investigation, seeing exactly what each step is doing and why.
Over time, the Agent continuously learns from resolved risks, correlating patterns across the environment to deliver smarter, faster recommendations, enabling a continuous resolution loop where critical risks are identified, assigned, and remediated in hours instead of weeks. For example, if similar Issues were historically ignored for the same reason, the Green Agent reflects that context in its recommendations.
From Issue to Action: The Green Agent to Scale Security
The Green Agent is your security team’s force multiplier. It makes its reasoning visible and actionable, surfacing each Issue with clear prioritization, investigation, and next steps - so every hour spent on remediation drives the highest-impact fix. Here’s how that shows up in practice:
End-to-End Investigation across the Cloud: Automatically traces high-priority Issues across cloud resources, IAM policies, network paths, and code commits to find the root cause. Teams can follow this analysis directly in the Investigation tab, where each step in the Green Agent’s analysis is laid out. As a result, teams can verify and understand exactly how the recommendation from Green Agent was derived.
Clear Verdict and Summary: After investigation, each Issue is surfaced with a clear verdict, Remediate or Ignore, along with a confidence score and any suggested Issue severity adjustments. The recommendation is highlighted immediately on top Issues, along with a concise summary that explains next steps for resolving and why it matters.
Guided Response and One-Click Action: From there, teams can take action immediately. The Green Agent enables one-click Issue assignment for the owner it identifies, while generating step-by-step remediation instructions with exact code fixes tailored to the environment - such as CLI commands , Terraform updates, or Kubernetes configuration changes. Teams can create pull requests or send Issue context directly to coding agents in a single click, while the same guidance is available via API and MCP to integrate fixes directly from their own agentic ecosystems.
The Green Agent becomes a strategic asset, transforming how organizations map ownership and manage risk in an AI-first era - turning the toughest part of security, remediation, into a machine-speed resolution engine.
Start your Path to Continuous Remediation
The Wiz Green Agent puts critical risks on a fast track to resolution, making Zero Criticals an even faster reality. Thanks to the Security Graph and rich ownership context from across Wiz, teams can see exactly which resources, code, and teams are involved in each Issue, enabling faster, more confident remediation.
Now in Public Preview, learn more about the Green Agent and our AI capabilities here (login required) or request a demo to see it in action.
