Wiz

Wiz Certified Cloud User Exam

Who should take this exam?

The Wiz Certified Cloud Users Exam is a product-based exam that validates the knowledge, skills, and abilities required for effective day to day use of the Wiz platform. It focuses on the core user journey: understanding the platform’s purpose, investigating and managing security Issues, analyzing risks across different domains, and using platform features to report on and automate security tasks. It is recommended that a candidate have at least 3-6 months of experience with Wiz prior to attempting this certification exam.

Exam Details

  • Content: 60 multiple-choice single response and multiple-choice multiple response items

  • Time allotted to complete the exam: 1.5 hours to complete the question portion of the exam with a total seat time of approximately 2 hours, to allow for identification verification by the exam proctor, reading opening screens, and completing the brief survey.

  • Prerequisites: None required

  • Exam preparation: While not a prerequisite, we do offer one recommended enablement course to prepare for this exam: Wiz Cloud Core. This training offering may help you increase your expertise on topics that may appear on your exam. Click here to access our customer training portal. Reviewing Wiz documentation within the product, especially topics included on the exam blueprint (see below), will also help you to prepare for this exam.

  • Passing score: Wiz exams are pass or fail exams. The exams are scored against a minimum standard established by Wiz subject matter experts who follow certification industry best practices and guidelines. To evaluate candidates fairly when taking Wiz Certified exams, Wiz uses statistical analysis to set passing scores. To ensure consistency across varying exam forms and item difficulties, the Wiz Certification team uses scaled scoring models. Candidates will receive a score on a scale between 300-1000 with the passing scaled score set at 700.

  • References: No online or hard copy materials are allowed during the exam.

  • Registration fee: US$150 plus applicable taxes as required by local law

  • How to take this exam: This exam is available through the third-party Kryterion testing platform. Exams are delivered remotely through online proctoring and in person at Kryterion testing facilities in major cities worldwide. To register for the exam, visit: Wiz (webassessor.com) and follow the steps on the page. For more information on scheduling an exam, click here.

  • Badge and Certificate: Within one business days of passing the exam, you will receive an email from our virtual badge partner, Accredible. This will allow you to share your accomplishment via social media platforms and print out a hard copy of your certificate if you prefer.

  • Retake policy: If you do not pass the exam on your first try, you may retake the exam 24 hours after your first attempt. If you fail again, there is a 7-day waiting period. Each subsequent failure requires a 6-month waiting period. All exam attempts require full payment of the registration fee.

  • Recertification: Once certified, you can maintain your certification by retaking the exam within 2 years of your certification date. You are eligible to attempt recertification 18 months following your initial certification date.

Exam Blueprint

The Wiz Certified Cloud User exam measures your knowledge and skills related to the following topic areas. A candidate should have hands on experience with Wiz Cloud and have demonstrated competency in each of the tasks and objectives below.

  • I. Wiz Cloud Fundamentals (15%)

    A. Identify and differentiate the primary capabilities of Wiz Cloud from other Wiz products like Wiz Code and Wiz Defend

    B. Explain the primary benefits of agentless scanning for cloud security

    C. Differentiate between a Finding and an Issue

    D. Explain how Policies relate to Findings and Issues (i.e. Rules generate Findings while Graph Controls correlate data on the Security Graph including Findings to generate Issues)

    E. Differentiate between types of Issues (e.g. risk vs. posture) and identify how quickly each should be remediated

    F. Differentiate between the Threat Intel Center and the Threats page (i.e. active malicious activity detected by Runtime Sensors, if installed)

    G. Recognize that Runtime Sensors are a pre-requisite for Wiz Cloud to generate Threats and identify the primary benefits of adding Runtime Sensors without adding Wiz Defend log sources (e.g. faster detections, process trees, runtime validation of vulnerabilities, etc.)

    H. Describe the purpose of Projects and User Roles for organizing access and visibility

    I. Explain the function of lenses for filtering data across the platform

    J. Identify which page in the portal lists updated Policies and understand that Wiz regularly updates Policies automatically, which can in turn create or resolve Issues without the user doing anything

  • II. Investigating and Managing Issues (30%)

    A. Differentiate between various types of Issues (e.g. Graph Control, Posture, Threat Detection, etc.)

    B. Interpret the components of a Wiz Issue, including severity, attack path analysis, and other evidence

    C. Determine the most appropriate action for an Issue (e.g. remediate, ignore, assign) based on a scenario

    D. Explain the process for temporarily ignoring a specific Issue, explain when Ignore Rules should be used instead, and describe how Ignore Rules target Findings directly, and therefore Issues only indirectly

    E. Describe how integrations with ticketing and messaging systems (e.g., Jira, Slack) are used in the remediation workflow

    F. Explain the process of automatic Issue resolution after a fix is deployed in the cloud environment

    G. Describe how to use bulk actions to manage multiple Issues simultaneously

    H. Describe how to use the Remediation tab on the Issue details drawer to identify recommended remediation flows

    I. Explain Issue severities and likelihood vs. impact

    J. Identify why an Issue is automatically resolved

  • III. Analyzing Cloud Risk Domains (30%)

    A. Explain vulnerability management in Wiz

    B. Analyze cloud resource misconfigurations in Wiz

    C. Describe sensitive data exposure and misconfiguration in Wiz

    D. Analyze Findings and associated functionality involving exposed secrets and explain their potential impact

    E. Analyze Findings and associated functionality related to excessive permissions and identity-based risks

    F. Analyze Findings and associated functionality related to direct or indirect exposure to the Internet

    G. Interpret compliance posture against a given framework and identify non-compliant resources

    H. Analyze common security Findings specific to containerized environments

    I. Identify security risks within AI pipelines and models, such as exposed secrets or sensitive training data, to ensure the secure use of AI services

    J. Describe how Wiz scans and detects malware

  • IV. Reporting, Automation, and Integrations (15%)

    A. Describe the purpose of Automation Rules for tasks like auto-assigning Issues, creating tickets in third-party tools like Jira and ServiceNow, and sending notifications to tools like Slack

    B. Describe how to generate built-in Reports and store them in third-party tools like S3

    C. Explain the purpose of Boards

    D. Describe the primary benefit of the Wiz API for programmatic access, and identify the purposes of the API Explorer, API Console, and Security Graph Schema

    E. Given a scenario involving an AI-powered feature, select the appropriate best practice for reviewing and validating its recommendations

    F. Explain how to use Mika AI

    G. Identify the existence and purpose of the Wiz Browser Extension

  • V. Wiz Architecture and Data Collection (10%)

    A. Differentiate between agentless scanning and data collection via Runtime Sensors

    B. Identify Wiz scan defaults (i.e. automated and manual scans)

    C. Describe what CSPM near real-time scanning is and what is supported