Security teams have spent decades fighting the same ghosts: misconfigurations, over-privileged identities, and unpatched CVEs. But today, AI has given those ghosts a megaphone. By plugging AI into real-time data and autonomous agents, we’ve empowered these systems to pull levers in our most sensitive environments. A minor oversight is no longer a localized error; in a hyper-connected AI ecosystem, it’s a systemic vulnerability.
At Wiz, our goal has always been to help teams protect everything they build and run, from cloud providers like Amazon Web Services, Google Cloud, Microsoft Azure, and Oracle Cloud to software-as-a-service (SaaS) environments like OpenAI to even custom hosted environments.
Last month at RSAC, we introduced the Wiz AI Application Protection Platform (AI-APP) to help security teams move from human speed to machine-speed defense. Wiz AI-APP secures the entire AI lifecycle and arms defenders with their own AI agents to autonomously investigate, prioritize, and remediate risks. Our trio of AI agents – Blue Agent (generally available), Green Agent (public preview), and Red Agent (launching today in public preview) – and Wiz Workflows can also come together to help security teams move even faster to respond to risks.
Now we’re taking this commitment further. Because the AI software lifecycle is evolving at incredible speed, we are continuing to push the boundaries of protection by announcing new capabilities that extend and deepen Wiz AI-APP coverage, from the first line of AI-generated code, through AI and agent studios, all the way to the edge of the cloud.
Organizations today are building and running applications across an increasingly complex mix of environments, from cloud, SaaS, PaaS, to on-prem infrastructure. That means the attack surface cannot be confined to a single place; it’s everywhere your business operates.
To keep up, security can’t be fragmented or reactive. It needs to be comprehensive, continuous, and built to span every layer of your environment. We’re committed to continuously investing in capabilities that help organizations secure everything they build and run, no matter the platform, environment, or architecture.
Our recent AI-APP launch extended the Wiz platform to secure AI applications from code to runtime, bringing the same depth of context and risk prioritization to AI applications. Today, we’re building on that commitment with new expansions across key areas:
Cloud platforms: Added support for Databricks, giving teams visibility into where sensitive data lives, how it’s classified and accessed, and how identities and infrastructure combine to create real, exploitable risk.
AI studios: Expanded coverage for platforms like AWS Agentcore, Gemini Enterprise Agent Platform, Microsoft Azure Copilot Studio, and Salesforce Agentforce, providing visibility into agents, models, and connected tools. AI studios reveal how interactions create new paths to data access and real-world impact.
Multi-cloud PaaS: Continued expansion across multicloud PaaS environments, including platforms like AgentCore, enabling teams to track workloads, identities, and exposures as infrastructure becomes more abstracted and distributed.
We are also excited to launch the Red Agent in Public Preview to help our customers stay ahead of attackers across this rapidly changing landscape, especially in the face of new advanced AI models like Mythos, making Zero-Day exploitation easier than ever. By reasoning about application behavior and adapting in real time, Red Agent acts as an AI-powered "intelligent attacker" that continuously and proactively discovers and validates complex, logic-driven vulnerabilities helping you stay one step ahead.
And we’re just getting started.
In addition to expanding Wiz coverage, we’re bringing more visibility into the state of cloud and AI technology with our new Technology Intel Center. The Technology Intel Center aggregates and centralizes a feed of relevant new features releases, migration updates, and end-of-life notices across cloud and AI tech providers in the Wiz platform. Like the Threat Intel Center, Wiz will automatically show teams where they have affected resources and, for those organizations using Wiz Cloud Cost, if the update will result in an impact on their cloud spend.
By unifying risk insights with the Tech Intel Center’s operational updates and cost data, Wiz transforms raw industry news into a personalized, actionable roadmap for your entire infrastructure. It’s no longer just about knowing what’s changing in the cloud. It’s about understanding exactly how those changes affect your deployment, its risk posture, and your bottom line before they even take effect.
AI-assisted coding is supercharging innovation at a breakneck pace. At Spotify, some of the best developers haven’t written a line of manual code in months thanks to AI, a trend that mirrors our own internal velocity here at Wiz. We’re also seeing new trends emerge in AI-assisted coding security: Wiz Research analyzed real applications built with AI-assisted coding tools and found 20% contained material security issues, including broken access controls and unprotected data endpoints.
It’s the ultimate double-edged sword: AI doesn’t just accelerate your code; it accelerates your risk. For application security teams, the speed of creation was already outpacing the speed of security. To stay ahead now, we must move beyond developer speed to machine-speed risk mitigation, providing visibility across these new AI coding tools and models, enforcing guardrails at the point of code generation, and remediating where developers work.
To help address security concerns earlier in the AI-assisted software development lifecycle, we’re introducing three new capabilities into Wiz Code:
Wiz AI-BOM: Code and Shadow AI Visibility
Wiz has always started from a foundation of visibility and context: you can't protect what you can't see or don't fully understand. Vibe coding tools introduce two main visibility gaps for security teams. First, because AI-assisted coding tools are so easy to use, they allow both developers and non-technical employees to bypass standard IT/security reviews, creating a new Shadow AI attack surface. Second, when these teams start to build with AI tools, security teams often have no way to see what AI frameworks, models, or extensions are active in their environment or contributing to their codebase.
To help with these challenges, Wiz’s dynamic AI-Bill of Materials (AI-BOM) can now automatically inventory AI frameworks (like LangChain), models, and IDE extensions, including Gemini Code Assist, GitHub Copilot, and Cursor.
By mapping these resources onto the Wiz Security Graph, we aren’t just eliminating Shadow AI; we’re giving security teams a living, breathing map of how AI frameworks interact with their proprietary data. No more shadow AI, and instead a continuously monitored picture of your AI tool landscape.
Secure Guardrails: Prevention Integrated into the Agentic Coding Flow
AI models are optimized to make things work, not necessarily to make them secure. They often default to "allow all" permissions or client-side logic to get a prototype running, or may rely on open source repos and examples with pre-existing errors to generate solutions.
To help catch issues earlier in the dev lifecycle, Wiz will scan AI-generated code in tools like Lovable (available in May), identifying risk before it hits the pipeline. Using post-code generation inline hooks, Wiz injects organizational security guardrails and start-secure best practices before the AI writes the code, and scans the output.
These guardrails can work alongside existing rules within an AI IDE, layering in best practices and context from Wiz to strengthen the overall security posture of code from the start. Security teams can trust that the tools their partner dev teams use every day have the right security controls baked in from the start, and devs don’t have to worry about keeping up with every new best practice, and instead focus on shipping.
Agentic Remediation: Self-healing Code Bases
Finally, the app landscape is evolving quickly and new vulnerabilities and findings may be added or discovered after code has been deployed. Keeping up with vulns has always been a significant lift on development teams, but it’s now next to impossible at AI scale without leveraging AI for remediation.
We’re now releasing new pre-built skills that can be used within AI IDEs like Claude Code, Cursor, and more to feed AI agents with full code-to-cloud context and validated attack surface findings from the Wiz Security Graph. Our first Remediation Skill can be run natively in the AI IDE as a simple command, building from a predefined set of actions and best practices built from the Wiz Green Agent in order to analyze the code, identify Issues, and deploy fixes all right within the dev console.
These new self-healing capabilities enable developers to rapidly burn down real, exploitable risks right within their existing workflows.
Finally, we’re expanding our ability to ingest context across infrastructure layers; visibility cannot stop at the borders of your VPC. Our latest integrations with Cloudflare, Akamai, Vercel and Google Cloud Apigee bring the cloud “edge” into the Wiz Security Graph, breaking down the silos between your core cloud environment and the external services that handle your traffic and APIs:
Securing the AI Frontier with Cloudflare: The Wiz Cloudflare integration provides visibility from cloud to edge. It surfaces how AI applications are exposed through DNS and infrastructure, identifying unprotected endpoints, and enforcing guardrails against threats like prompt injection and PII exposure.
Hardening the Network Edge with Akamai: Your internet edge is often the first line of defense. By pulling in Akamai Edge DNS and Property Manager configurations, Wiz analyzes your edge posture alongside your cloud workloads. This allows security teams to see how an edge misconfiguration might create a direct path to an exploitable vulnerability deep within their infrastructure.
Unifying Frontend and Backend with Vercel: Frontend deployments should never be a security black box. We now ingest Vercel projects, domains, and firewall settings directly into the Wiz Security Graph. This ensures that a misconfigured frontend deployment is surfaced immediately, showing exactly how it impacts the rest of your system's security.
Mapping the API Ecosystem with Google Cloud Apigee: APIs are the glue of modern applications, but they are often difficult to track. With Google Cloud Apigee, customers can now see their entire API architecture, including gateways and environments, mapped within the Security Graph, providing a single source of truth for API risk management.
By breaking down these silos, Wiz ensures that whether a risk lives in a serverless function, an AI endpoint, or a global CDN configuration, you have the unified context needed to remediate it before it can be exploited.
Securing the AI frontier requires more than just new tools; it requires a fundamental shift in how security and development teams collaborate. These latest expansions to the Wiz platform provide the unified context teams need to prioritize what matters and remediate at scale.
With Wiz, you aren't just defending your infrastructure; you are building a resilient foundation for the next generation of AI-driven innovation.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。