Resolved Security

Integrating Resolved Security with Wiz creates a streamlined path from vulnerability identification to safe, automatic remediation with Resolved’s secure code libraries, Wiz identifies risks in packages and prioritizes them; Resolved delivers secured drop-in versions of vulnerable packages that can be instantly applied to production or development environments. Together, Wiz and Resolved eliminate exposure windows, reduce developer toil, and close the gap between detection and remediation across the software supply chain.

Market Challenge

Modern cloud applications rely heavily on open-source libraries. When vulnerabilities are found, patching them typically requires dependency upgrades - often blocked by breaking changes, frozen frameworks, or resource constraints. As a result, vulnerable versions remain in production for months. Security and engineering teams need a safe, fast way to apply fixes without disrupting releases or taking on technical debt.

Key Benefits of the Integration

• Accelerate remediation by automatically adopting secure-by-default open-source packages and libraries enhanced with upstream security fixes.

• Reduce mean time to remediate (MTTR) for critical vulnerabilities from weeks to hours.

• Minimize risk by closing exploitable attack paths identified by Wiz with Resolved’s verified secured builds.

• Eliminate upgrade friction & reduce developer and QA toil by saving the effort involved in disruptive dependency upgrades.

• Strengthen DevSecOps alignment by connecting Wiz’s cloud-level visibility with Resolved’s automated code-level fixes.

Better Together

Wiz delivers deep visibility into risks across cloud workloads, containers, and serverless environments, identifying toxic combinations that lead to exploitable attack paths. Resolved Security complements Wiz by providing pre-hardened, secured libraries. When Wiz detects a Resolved-managed component in code or images, it automatically queries Resolved’s security advisory feed. This lets Wiz verify which vulnerabilities have already been remediated with Resolved’s code libraries and close them out in Wiz’s Findings. The result is a continuous vulnerability-to-remediation workflow: Wiz discovers and prioritizes the risks that matter, Resolved delivers the fixed and validated components, and Wiz updates remediation status based on Resolved’s advisories. This integration transforms vulnerability management from reactive to preventive. Customers can patch faster, reduce attack surface, and maintain secure software without costly dependency upgrades - empowering security and development teams to work together toward resilient, release-ready systems.

Use Case Overview

Use Case: Organizations using Wiz for cloud vulnerability management want to not only identify risky packages but also fix them automatically - without breaking their apps.

Challenge: Security teams rely on Wiz to uncover high-risk vulnerabilities in deployed workloads and container images. However, when developers attempt to upgrade the affected open-source components, dependency conflicts or compatibility issues often stall remediation. This creates a prolonged window of exposure and friction between security and engineering.

Solution: The Wiz + Resolved Security integration bridges this gap by automatically mapping Wiz vulnerability findings to corresponding secured component versions provided by Resolved. Through Wiz’s Issues API, Resolved identifies which vulnerable libraries are exploitable and provides immediate, drop-in replacements - with back-ported security patches and verified for functional compatibility.

Customers can view and remediate vulnerabilities directly from Wiz, confident that each fix maintains stability while removing the risk. The integration empowers teams to remediate at scale, transforming Wiz’s prioritized insights into verified, production-ready security action.