Today, we're excited to announce the launch of the Model Context Protocol (MCP) Server for Wiz, now available in preview for our customers. MCP, an innovative standard rapidly gaining traction across the AI industry, enables integration between applications and AI models. MCP servers have quickly become an AI enabler, gaining wide support from organizations like OpenAI, Microsoft, and Google. By adopting MCP, organizations slash integration efforts between LLM applications, amplifying the impact of the stack they own and promoting an AI-first approach.
Empowering Security Products with MCP
At Wiz, we've built our own MCP server to elevate the impact of our security offerings, delivering value in three key pillars:
Unified Security Data Source: The Wiz MCP Server connects multiple security data sources through a central host and server setup. This creates a single, contextual view of your security posture—simplifying investigations and speeding up incident response and remediation.
Cloud Visibility: Wiz MCP gives users instant access to cloud inventory, configurations, and security issues, all through a single host with just a simple prompt.
Contextual Intelligence: By using Wiz MCP, customers can enrich security investigations with precise business context. This allows security teams to prioritize responses based on relevance, drastically improving the accuracy and effectiveness of threat mitigation.
While the protocol offers great opportunities, it also introduces certain security risks. The following briefing by Wiz Research walks through these risks and provides guidance for teams interested in using MCP securely. Specifically, the Wiz MCP Server processes your queries and sends them to the MCP Host. Review your MCP Host's data handling and training settings to fully understand how your data from Wiz is processed.
Use Cases
The Wiz Model Context Protocol (MCP) Server enhances natural language understanding and powers automated workflows across the Wiz platform. Serving as an MCP-compatible service, it seamlessly translates plain-language queries into Wiz-specific operations, such as querying resources, assessing risks, and retrieving data from third-party security tools. Designed to complement our in-product AI assistant, Mika AI, the Wiz MCP Server adds robustness and simplifies integration with external systems.
Remediate Critical Issues Instantly—Right from Your IDE
Quickly surface and fix vulnerabilities in code without leaving your development environment.
The Wiz MCP Server enhances Wiz Code by translating plain-language queries into powerful workflows—streamlining everything from issue discovery to pull request creation.
Discovery: List all critical security issues in production environments
Analysis: Examine detailed information for a specific issue
Root Cause Investigation: Identify the underlying code vulnerability
Code Navigation: Open the affected file directly in Cursor (or other IDE)
Solution Design: Develop code remediation based on Wiz recommendations
Impact Assessment: Evaluate the potential effects of the proposed changes
Implementation: Apply the security fix to vulnerable code
Deployment: Submit remediation via GitHub pull request
Verification: Return to Wiz to confirm issue resolution and close the loop
Reduce Your Attack Surface—From Terminal to Triage
Harden your cloud environment with real-time threat detection and guided remediation, powered by AI.
Integrated with Wiz Defend, the MCP Server helps security teams identify and contain active threats faster—with AI-generated insights and action paths.
Discovery: Find all active Threats in the environment
Analysis: Detect resources impacted with malicious code execution / malware
Root Cause Investigation: Detect potential exposure of impacted resources
Fix Root Cause: Restrict public access to open ports on these resources using AWS CLI
Blast Radius Assessment: Evaluate the potential impact of the compromise by reviewing malicious activity on the resource
Remediation: Plan containment strategies using AI suggestions
Ask Anything About Your Cloud Posture—And Get Actionable Answers
Meet your AI-powered cloud security assistant. Get instant insights, from misconfigurations to toxic risk combos, just by asking.
The MCP Server unlocks conversational queries across Wiz Cloud, so you can search, assess, and act on security risks with natural language.
Inventory Discovery: Search for MongoDB instances across the cloud environment
Exposure Analysis: Check if any instance is accessible from the internet
Toxic Risk Combinations Assessment: Determine whether exposed resources contain additional cloud risks
Data Sensitivity Check: Determine if the exposed instance contains sensitive data
Conclusion
The MCP Server for Wiz marks a step forward in our agentic AI vision, empowering our customers with enhanced visibility, streamlined security operations, and more intelligent response capabilities. The MCP Server is currently available in preview for Wiz customers in the integration portal, details are accessible through our documentation. Stay tuned—as this technology evolves and matures, we will continue to update and extend our coverage of more cybersecurity scenarios.
