Wiz for Government achieves FedRAMP High authorization, strengthening security for AWS customers

Amazon Web Services (AWS) and Wiz are excited to share that Wiz for Government has achieved a FedRAMP High authorization. This milestone reinforces Wiz’s commitment to working with AWS and helping U.S. public sector organizations and partners securely manage their environments from code to cloud to runtime.

With its FedRAMP High authorization, Wiz for Government is validated as meeting the rigorous security standards necessary to safeguard systems that manage highly sensitive and mission-critical government data; ensuring robust confidentiality, integrity, and availability for essential operations and assets. This validation helps government agencies use Wiz to proactively reduce their attack surface and exposure in their mission critical environments. Wiz for Government gives security, development, compliance, and operations teams a unified view of risk across the software development lifecycle—facilitating faster, more effective remediation.

Wiz—an AWS public sector partner and their Cloud Native Application Protection Platform (CNAPP) offering built on AWS GovCloud (US)—is available in the AWS Marketplace. With the U.S. government-focused offering Wiz for Government, customers—who use the secure infrastructure and services available from AWS, along with Wiz’s FedRAMP offering—are better able to meet strict regulatory compliance, including Federal Information Security Modernization Act (FISMA), Federal Risk and Authorization Management Program (FedRAMP), Cybersecurity Maturity Model Certification (CMMC), and International Traffic in Arms Regulations (ITAR) requirements.

The Wiz’s CNAPP offering provides:

• Developer guardrails for securing every stage of the software development lifecycle (SDLC) to gain visibility and prevent risks in code, pipeline, registries and images.
• Automated risk assessment for cloud to quickly and accurately prioritize critical attack paths to help drive continuous monitoring for proactive risk reduction.
• High fidelity threat detection for active cyber defense, with the ability to trace from runtime events back to exact lines of code to accelerate root cause analysis and remediation.

Figure 1: Wiz prioritizes risks based on threat intelligence and potential impact, helping teams to reduce alert fatigue and focus on high threat alerts

Purpose-built to support critical missions

By providing a single source of truth for cloud security, Wiz empowers public sector organizations to reduce complexity, improve collaboration across teams, and accelerate decision-making. This modern approach facilitates faster, more secure deployments to help teams stay mission-focused while addressing evolving threats and reducing the overhead tied to traditional compliance and authorization processes.

Government agencies, including the U.S. Navy’s COSMOS program and the Marine Corps’ Operation Stormbreaker, have been utilizing Wiz to help rapidly bring advanced cloud capabilities to their personnel while abiding by strict security regulations. For the Navy COSMOS program, AWS and Wiz are helping to significantly expedite and simplify the secure onboarding of cloud workloads. Together, Wiz and AWS have helped COSMOS to reduce timelines for cloud account onboarding processes from three months to less than 30 minutes.

These impactful results, driven by the combined power of Wiz and AWS, demonstrate a shared commitment to empowering public sector missions with agility and robust security. Take the example of Wiz’s integration with Amazon GuardDuty. This integration ingests threat detection alerts from GuardDuty into the Wiz Defend product. These findings are enriched with cloud-context from other findings collected through Wiz to provide a unified, context-rich view, reducing alert fatigue and improving investigation and response times.

Accelerating the path from Moderate to FedRAMP High through AWS

Wiz’s FedRAMP High authorization comes just over a year after Wiz for Government’s initial FedRAMP Moderate designation. The uplift from Moderate to High reflects Wiz’s continuing dedication to its public sector customers—enabling them to quickly identify, prioritize, and reduce real risk across sensitive environments.

Wiz was able to complete this authorization uplift while continuing to invest and expand the capabilities of Wiz for Government. Since their initial FedRAMP Moderate authorization in August 2024, Wiz has brought in data security posture management (DSPM) to identify and prioritize risks exposing sensitive data, Wiz Code to deliver continuous integration/continuous delivery (CI/CD) pipeline and application security posture management (ASPM), and Wiz Defend to enrich runtime events with cloud context for more accurate threat detection capabilities into their FedRAMP offering.

“Because all of the AWS services and infrastructure we use to support our platform were already authorized at FedRAMP High, it made it easier for us to achieve authorization for our own product without having to fill in extensive gaps with external or internally-developed solutions.”

-Ryan Kazanciyan, CIO and CISO of Wiz

The new uplift to FedRAMP High means existing Wiz customers do not need to migrate to a new environment. Current Wiz for Government customers can automatically benefit from FedRAMP High, minimizing disruption and accelerating time to value.

The Wiz solution: A new model for cloud security

Cloud and AI are reshaping how government agencies build, deploy, and secure systems. Designed for static, on-premise environments, legacy cyber security tools don’t adapt well and lack the visibility, speed, and context needed to manage today’s dynamic cloud workloads. They often operate in silos, covering only parts of the software lifecycle and creating security gaps that can lead to ungoverned shadow IT and AI.

The Wiz Security Graph, backed by Amazon Neptune, correlates all cloud resources and risks on a visual graph to identify critical attack paths (as shown in the following figure). This visualization helps teams understand the relationships around what is deployed, who has access, and which data could be potentially exposed within their AWS environment. The Security Graph allows tracing from cloud back to code to accelerate source remediation of identified risks.

Figure 2: The Wiz Security Graph enables quicker tracing of vulnerabilities and misconfigurations back to code repositories and images for remediation at the source

Through this actionable context presented through the Wiz Security graph, teams can proactively identify, prioritize, remediate, and prevent mission-critical risks. This approach reduces the alert fatigue faced with traditional tools and allows focus on the most critical risks representing the greatest potential for harm against the likelihood of occurrence.

Wiz for Government provides real-time visibility, continuous risk assessment, and prioritized remediation across the entire software lifecycle. To address the growing demand for cross organizational alignment, visibility, and democratization of security, the Wiz CNAPP contains three modules: Wiz Cloud, Wiz Defend, and Wiz Code.

Protect critical missions with continuous monitoring through Wiz Cloud

Wiz Cloud provides agencies with complete visibility within AWS environments with continuous monitoring and risk assessment. It uses cloud-native APIs to identify resources, vulnerabilities, misconfigurations, exposed secrets, over-privileged access, unprotected sensitive data, and more across network, device, application and workload, identity, and data layers. This helps agencies and government-adjacent organizations strengthen their exposure management.

Build securely with guardrails through Wiz Code

Wiz Code delivers comprehensive visibility and controls across the SDLC. Wiz connects directly into the integrated development environment (IDE), code repositories, or CI/CD pipeline to perform code-to-cloud analysis. By unifying cloud and application security, Code empowers teams to build securely by design and accelerate production readiness. Security and development teams operate from a shared policy framework, helping reduce risk early and move faster with confidence.

Detection and active cyber defense reimagined with Wiz Defend

Wiz Defend is purpose-built for modern cloud defense. It delivers cloud-native detection, investigation, and containment in a unified platform powered by Wiz threat intelligence, cloud native logs, Wiz’s runtime sensor, and the Wiz Security Graph. With thousands of pre-built detection rules and full context from the code and cloud, Defend equips teams to respond quickly, contain threats early, and accelerate root cause analysis to prevent future breaches.

A commitment to security

Customers with FedRAMP High and/or CMMC requirements can now take advantage of the comprehensive Wiz for Government offering built on AWS GovCloud (US). The Cloud Native Application Protection Platform (CNAPP) provides government agencies and government adjacent organizations with capabilities ranging from visibility, compliance and reporting, risk prioritization, vulnerability management, AI Security, application security posture management, and threat detection.

You can learn more by visiting the Wiz for Government webpage, or explore how Wiz assists other organizations with their government compliance journey on their FedRAMP solutions page. Reach out to receive a live demo to see Wiz in action.

To learn more about how Wiz works with AWS, visit the Wiz and AWS partner page.