Cloud-native and AI-driven development keep accelerating, and security needs to move just as fast. As application security moves from siloed scanners to continuous exposure management, teams need clear visibility, real context, and a practical path to remediation, delivered where developers already work.
We are thrilled to share that Wiz has been heavily recognized in the 2026 Latio Application Security Report, authored by industry expert James Berthoty. Wiz was spotlighted and awarded four distinct badges, which reflects our continuous commitment to protecting applications all the way from code to runtime.
This year, Latio recognized Wiz with the following awards:
🏆 Application Security Platform Leader
🏆 Application Security Management Leader
🏆 AI Pentesting Innovator
🏆 Runtime Innovator
What the Latio Report Highlighted
At Wiz, our vision is to provide end-to-end application security that gives both security and engineering teams a single platform to reduce risk. The Latio report underscores this achievement, noting how traditional Application Security Posture Management (ASPM) has collapsed into broader exposure and universal vulnerability management.
James Berthoty highlights this evolution in the report:
Wiz has quickly evolved beyond cloud security to become a leader in the application security market as well. While its core code-to-cloud capabilities remain as strong as ever, the ability to ingest findings from other tools has also made Wiz a centralized vulnerability management platform.
James Berthoty
Validating Our Code-to-Cloud Approach: Exploitability Over Alerts
As the Latio report notes, application security tools must go beyond pure scanning functionalities and focus on developer experience and backlog reduction. If developers are bombarded with false positives, pipelines get blocked and friction grows.
By leveraging the Wiz Security Graph, Wiz provides teams with a single, unified view of risk across multicloud environments. Whether issues are tied to infrastructure resources or source code repositories, the Wiz graph provides a simple way to visualize relationships, ensuring the most relevant issues are routed to the right place with full context on what needs to be fixed and why.
This contextual approach empowers organizations to operationalize their cloud security, driving tangible outcomes like joining the 50% of Wiz customers in our "Zero Criticals Club", meaning they maintain zero outstanding critical misconfigurations or vulnerabilities across their production environment.
Driving Innovation in Runtime and AI Pentesting
To truly prioritize what matters, runtime remains the ultimate source of truth for assessing exploitability. We are proud to be named a Runtime Innovator and an AI Pentesting Innovator.
Latio specifically recognized our rapidly expanding in-house capabilities, including our AI-driven penetration testing, which uses dynamic payloads to safely test public exposures for exploitability from the outside in. By combining API discovery with Attack Surface scanning, and runtime function-level reachability, Wiz correlates static findings with real-world application behavior. This means security operations teams can validate if a static vulnerability is actually reachable and exploitable, drastically reducing noise.
On the runtime side, Wiz has significantly matured its attack surface management capabilities to include AI-driven penetration testing, along with API discovery and runtime function-level reachability. Bringing all of this data together in a single platform positions Wiz as the most complete code-to-cloud offering on the market, giving both security and engineering teams a single place to reduce risk and prioritize.
James Berthory
Thank You to Our Customers and Community
We believe this recognition from Latio is a milestone for the market, representing a major shift in how application security is delivered. Every innovation we build, from AI coding guardrails to deep runtime telemetry, is designed around the feedback and trust of our customers. We are excited to continue partnering with you to shape the future of cloud and AI security.
Read the full 2026 Latio Application Security Market Report here.
Shaping the Future: Securing the AI-Accelerated SDLC
As generative AI enables developers to move from prompt to commit in minutes, we are heavily investing in natively securing the AI-accelerated SDLC. Wiz provides secure-by-default capabilities by injecting deep organizational security context directly into frontier AI models and copilots, using Wiz Skills and Model Context Protocol (MCP). By discovering and inventorying foundation models and applying inline AI hooks to evaluate prompts and instantly scan AI-generated code before it is ever committed, we ensure teams can safely adopt these powerful AI developer tools without introducing new risks.
Ready to see Wiz in action? Get a personalized demo.
