CSPM

Contextual CSPM Across Clouds

Continuously detect and remediate misconfigurations from build time to runtime across your hybrid clouds – AWS, GCP, Azure, OCI, Alibaba Cloud, and VMware vSphere.

Take Control of Your Cloud Misconfigurations

Wiz connects to your cloud environment and gives you complete visibility and actionable context on your most critical misconfigurations, so your teams can proactively and continuously improve your cloud security posture.

Comprehensive CSPM

Over 1,400 cloud misconfiguration rules, continuous CIS and compliance monitoring over 100 frameworks, IaC scanning, real-time detections, data specific CSPM rules, custom OPA-based rules, and auto-remediations.

Reduce Alert Fatigue Using Context

Contextualize your misconfigurations using the Wiz Security Graph, which surfaces only the misconfigurations that truly matter.

One Policy Across Cloud and Code

Enforce built-in Wiz policies and compliance frameworks across your cloud environments and IaC code, and build your own custom policies and frameworks.

Deep Cloud Analysis with CSPM+

Effective network and identity exposure: Prioritize network and identity misconfigurations by focusing first on resources Wiz has verified to be exposed using the graph-based network and identity engine.

Attack path analysis: Your teams can easily discover which misconfigurations can lead to lateral movement paths that compromise high-value assets such as admin identities or crown jewel data stores.

Prioritize misconfigurations using context: Using the Wiz Security Graph, you can prioritize misconfigurations using operational, business, cloud and data context. For example, you can choose to ignore empty VPCs, or resources that are managed by a cloud service.

Automatic Posture Management and Remediation

  • Built-in rules: Automatically assess over 1,400 configuration rules, unified across runtime (GCP, Azure, AWS, OCI, Alibaba, VMware) and IaC (Terraform, CloudFormation, Azure ARM templates).
  • OPA-based customization: Build custom rules using OPA (Rego) engine, by querying cloud native APIs and the OPA’s Rego querying language.
  • Real-time detections and remediations: Detect misconfigurations in near real-time and trigger automatic remediation flows.
Inbox user interface

Address Compliance Requirements with Confidence

  • Continuous monitoring: Automatically assess your compliance posture over more than 100 built-in compliance frameworks including CIS Azure/GCP/AWS/OCI/Alibaba/ESXi, NIST CFS/SP/800-171/800-53, PCI DSS, SOC2, HiTrust and more.
  • Custom frameworks: Define your own organizational compliance baseline by creating new frameworks or duplicating existing ones and assign any Wiz built-in or custom policies to your custom frameworks.
  • Heatmap: The compliance heatmap is a bird's-eye view that lets you pick out your weak spots across multiple applications and frameworks.
Customer profile user interface

Case Study

Blackstone tackles advanced cloud-native security with Wiz

As Blackstone’s Security team explored cloud security solutions, they realized that to achieve the level of risk-centric security they wanted, they needed to find a tool with a deep understanding of cloud that would help them focus on key areas, not isolated issues. And then they found Wiz.

Read full storyBlackstone
EVEN MORE TO DISCOVERReady to see for yourself?
“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
Chipotle Logo
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Blackstone Logo
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Mars Logo
Greg PoniatowskiHead of Threat and Vulnerability Management