Cloud Security Posture Management (CSPM)

Continuous CSPM Across Clouds

Continuously detect and remediate misconfigurations from build time to run-time in your public clouds - AWS, GCP, Azure, OCI, Alibaba Cloud

Take Control of Your Cloud Misconfigurations

Wiz connects to your cloud environment and gives you complete visibility and actionable context on your most critical misconfigurations, so your teams can proactively and continuously improve your cloud security posture.

Comprehensive CSPM

Over 1,400 cloud misconfiguration rules, continuous CIS and compliance monitoring over 35 frameworks, IaC scanning, real-time detections, custom OPA-based rules, and auto-remediations.

Reduce Alert Fatigue Using Context

Contextualize your misconfigurations using the Wiz Security Graph, which surfaces only the misconfigurations that truly matter.

One Policy Across Cloud and Code

Enforce built-in Wiz policies and compliance frameworks across your cloud environments and IaC code, and build your own custom policies and frameworks.

Go Beyond CSPM

Effective network and identity exposure: Prioritize network and identity misconfigurations by focusing first on resources Wiz has verified to be exposed using the graph-based network and identity engine.

Attack path analysis: Your teams can easily discover which misconfigurations can lead to lateral movement paths that compromise high-value assets such as admin identities or crown jewel data stores.

Prioritize misconfigurations using context: Using the Wiz Security Graph, you can prioritize misconfigurations using operational, business and cloud context. For example, you can choose to ignore empty VPCs, or resources that are managed by a cloud service.

Automatic Posture Management and Remediation

  • Built-in rules:  Automatically assess over 1,400 configuration rules, unified across runtime (GCP, Azure, AWS, OCI, Alibaba) and IaC (Terraform, CloudFormation, Azure ARM templates).
  • OPA-based customization: Build custom rules using OPA (Rego) engine, by querying cloud native APIs and the OPA’s Rego querying language.
  • Real-time detections and remediations: Detect misconfigurations in near real-time and trigger automatic remediation flows.
Inbox user interface

Address Compliance Requirements with Confidence

  • Continuous monitoring: Automatically assess your compliance posture over more than 35 built-in compliance frameworks including CIS Azure/GCP/AWS/OCI/Alibaba, NIST CFS/SP/800-171/800-53, PCI DSS, SOC2, HiTrust and more.
  • Custom frameworks: Define your own organizational compliance baseline by creating new frameworks or duplicating existing ones and assign any Wiz built-in or custom policies to your custom frameworks
  • Heatmap: The compliance heatmap is a bird's-eye view that lets you pick out your weak spots across multiple applications and frameworks.
Customer profile user interface

Getting started is easy

Complete security for AWS, Azure, GCP, OCI, Alibaba Cloud, Kubernetes, and Openshift. Start securing your cloud with a 5 minute agentless install. Meet your new partner in cloud security.