- What powers agentic workflows
- Context from the Wiz Security Graph
- Intelligence from Wiz AI Agents
- Build with Wiz AI Skills
- What teams are building with Wiz
- Developers: Remediate production risk from the IDE
- Vulnerability Management: Prioritize exploitable vulnerabilities
- Security Operations: Accelerate threat investigations
- Penetration Testing: Turn penetration tests into continuous security
- Security Leadership: Understand compliance coverage

Security teams are moving beyond chat-based assistants to agentic workflows – AI assistants, custom agents, and AI-powered applications that reason across systems, coordinate actions, and automate complex security tasks from investigation through remediation.
Today, we’re excited to announce the general availability of Wiz MCP, making it easier than ever to securely connect AI assistants, custom agents, and AI-powered applications to the Wiz platform.
To understand, reason about, and act on security, AI assistants, custom agents, and AI-powered applications need trusted context, specialized security intelligence, and a secure way to interact with your environment.
That’s what Wiz MCP makes possible.
What powers agentic workflows
Context from the Wiz Security Graph
Everything starts with the Wiz Security Graph.
The Security Graph gives AI a contextual understanding of your environment across cloud infrastructure, identities, code, data, AI, and runtime. Through Wiz MCP, AI can securely retrieve and reason over the same findings, issues, vulnerabilities, threats, attack paths, relationships, ownership information, and other security insights available throughout the Wiz platform -grounding every decision in how your environment actually operates rather than isolated data points.
Intelligence from Wiz AI Agents
Context becomes action through Wiz AI Agents.
Red, Blue, and Green Agents continuously analyze your environment to validate exposures, investigate threats, and accelerate remediation. Through Wiz MCP, your AI can leverage those analyses and recommendations instead of recreating the same reasoning from scratch – bringing the intelligence that powers Wiz directly into your own AI experiences.
Build with Wiz AI Skills
Wiz MCP securely connects your AI to the Wiz platform. Beyond trusted security context, it provides access to verified Wiz AI Skills – predefined, agentic workflows that encapsulate Wiz security expertise and best practices.
Instead of orchestrating individual tool calls, your AI can execute reusable security playbooks for vulnerability triage, remediation, investigation, and more. These Skills simplify implementation, automate complex workflows, and help you accelerate development by reusing proven security workflows instead of building them from scratch.
What teams are building with Wiz
The best way to understand what’s possible is to see how different teams are building with Wiz today. From developers and vulnerability teams to SOC analysts and security leaders, these examples show how AI can combine trusted context from the Security Graph, intelligence from Wiz AI, and reusable Tools and Skills to automate the work security teams do every day.
Developers: Remediate production risk from the IDE
Developers can remediate production risk without leaving their IDE, while security teams know every fix is grounded in real production context.
Example prompt
“Identify the Wiz Issues with the greatest production impact on this repository, trace it to the code that introduced it, retrieve Green Agent remediation guidance, apply and test the fix, and open a pull request for review”
Behind the scenes
Uses the verified Wiz remediation skill
Retrieves the Wiz Issues and Security Graph context
Traces each issue to the responsible repository and code owner
Uses Green Agent analysis to determine the root cause and recommend remediation
Generates a code fix and opens a pull request
See it in action: Explore Green Agent and Code-to-Cloud Remediation. Then see how Cohere built an AI security agent with Wiz to automate vulnerability triage, investigation, and remediation.
Vulnerability Management: Prioritize exploitable vulnerabilities
Instead of sorting thousands of CVEs, teams can focus on the handful of vulnerabilities attackers can realistically exploit.
Example prompt
“Surface only the open vulnerabilities an attacker could realistically chain to reach sensitive data, explain the attack path for each, and rank them by what to remediate first.”
Behind the scenes
Retrieves active vulnerabilities across the environment
Uses the Security Graph to evaluate attack paths and blast radius
Correlates cloud exposure, identities, and affected resources
Prioritizes findings based on exploitability instead of severity
Recommends the next remediation actions
See it in action: Explore Attack Surface Management and how the Security Graph prioritizes exploitable vulnerabilities through attack path analysis.
Security Operations: Accelerate threat investigations
Analysts can investigate threats with complete context and automatically hand off a fully documented investigation for remediation.
Example prompt
“Investigate this threat end to end: pull the related cloud activity and blast radius, correlate the evidence against the SIEM, build a complete timeline, and hand off a documented investigation with recommended next steps”
Behind the scenes
Retrieves the threat and related Security Graph context
Uses Blue Agent analysis to determine impact and likely cause
Correlates evidence with the SIEM and other connected security tools
Builds a complete investigation timeline
Creates a ticket with findings and recommended next steps
See it in action: Explore Blue Agent, then see how Grammarly reduced security investigation time by more than 90% with AI-powered investigation workflows built on Wiz MCP.
Penetration Testing: Turn penetration tests into continuous security
One-time penetration tests become part of continuous cloud security operations instead of remaining static reports.
Example prompt
“Import this penetration test report into Wiz, map findings to my environment, and create Penetration Test Findings.”
Behind the scenes
Extracts findings from external security reports
Maps findings to cloud resources and repositories
Identifies existing findings to avoid duplication
Creates Penetration Test Findings within Wiz
See it in action: Explore Red Agent and the Import Security Reports Skill to operationalize external penetration testing.
Security Leadership: Understand compliance coverage
Security leaders can identify framework gaps, recommend missing controls, and accelerate audit preparation without manual analysis.
Example prompt
“Compare our internal security framework against existing Wiz policy coverage, identify the gaps, recommend custom rules to close them, and produce an auditable coverage summary.“
Behind the scenes
Maps compliance controls to existing Wiz policies
Identifies uncovered requirements and recommends custom rules
Generates an auditable framework coverage summary
Publishes results to your documentation tool for review
See it in action: Explore the Custom Compliance Mapping Skill and learn how Infosys uses Wiz MCP to automate recurring security workflows, including AI-generated weekly posture briefs that deliver prioritized security insights before teams even start their day.
These examples are just the beginning. Whether you’re extending an AI assistant, building a custom agent, or creating entirely new security workflows. Wiz MCP provides the trusted context, AI expertise, and reusable Skills to help you build with confidence. Stay tuned as we continue to share more real-world examples and best practices from teams building with Wiz.
