Sold by: Wiz
Deployed on AWS
The Wiz Model Context Protocol (MCP) Server acts as an MCP-compatible service that translates plain-language queries into Wiz-specific operations, like querying resources, or assessing risks.
4.7
Overview
The Wiz Model Context Protocol (MCP) Server elevates the impact of Wiz's security offerings by providing a unified security data source, enhanced cloud visibility, and contextual intelligence. The MCP Server connects multiple security data sources through a central host and server setup, creating a single, contextual view of the security posture to simplify investigations and accelerate incident response and remediation. It offers instant access to cloud inventory, configurations, and security issues via a single host with a simple prompt. By enriching security investigations with precise business context, the MCP Server allows security teams to prioritize responses based on relevance, drastically improving the accuracy and effectiveness of threat mitigation. The Wiz MCP Server enhances Wiz Code by translating plain-language queries into powerful workflows, streamlining everything from issue discovery to pull request creation. Integrated with Wiz Defend, the MCP Server helps security teams identify and contain active threats faster with AI generated insights and action paths.
Highlights
- Unified security data source for cloud security posture.
- Completed visibility into cloud inventory, configurations, and security issues
- Contextual intelligence that enriches security investigations with context, enabling security teams to prioritize responses to critical threats.
Details
Sold by
Categories
Delivery method
Type
Supported services
Delivery option
v0.1.1s
Latest version
Operating system
Linux
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Trust Center
Access real-time vendor security and compliance information through their Trust Center powered by Drata. Review certifications and security standards before purchase.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
This product is available free of charge. Free subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Vendor refund policy
n/a
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
v0.1.1s
Supported services: Learn more
- Amazon Bedrock AgentCore
Container image
Containers are lightweight, portable execution environments that wrap server application software in a filesystem that includes everything it needs to run. Container applications run on supported container runtimes and orchestration services, such as Amazon Elastic Container Service (Amazon ECS) or Amazon Elastic Kubernetes Service (Amazon EKS). Both eliminate the need for you to install and operate your own container orchestration software by managing and scheduling containers on a scalable cluster of virtual machines.
Version release notes
We are excited to share that the Wiz Model Context Protocol (MCP) Server is now available in the new AWS Marketplace AI Agents and Tools category.
The Wiz Model Context Protocol (MCP) Server is an innovative implementation that enables any MCP-compatible, LLM-powered application to interact with Wiz using plain language. It unifies diverse security data sources into a single, contextual view of your cloud security posture. This empowers teams to gain instant access to cloud inventory, configurations, and security issues, facilitating real-time cloud investigations, blast radius assessments, and AI-driven remediation actions through natural language prompts.
Additional details
Usage instructions
To allow the Wiz Model Context Protocol (MCP) Server to access your Wiz tenant, you need to configure specific environment variables.
Steps to Configure Wiz MCP Integration:
Navigate to Integrations in Wiz:
1. In the Wiz console, go to the Connect to Wiz > Integrations page. 2. Under the "Security Data Management" section, choose Wiz MCP. 3. On the "New Wiz MCP Integration" page: Enter a Display Name. Keep the default API scopes (Recommended). Click Add Integration. 4. After creation, copy the generated Client ID and Client Secret. These are crucial for authentication.Set Environment Variables:
Add the Client ID and Client Secret using the --environment-variables flag in your deployment command.
--environment-variables '{ "WIZ_CLIENT_ID":"your_client_id", "WIZ_CLIENT_SECRET":"your_client_secret" }'
2. Using GUI for Host Agent Deployment:If you are deploying via AWS Console GUI, 1) Click "Use on Amazon Bedrock AgentCore" 2) Click "Host Agent" add these variables under the "Advanced configurations" section.
For more detailed instructions and customer-specific access, please refer to the official documentation at https://docs.wiz.io/docs/set-up-wiz-mcp-server (Wiz customer access only).
AWS command line examples:
- Create an agent/MCP server This command creates a new agent runtime for the Wiz MCP server. Ensure you replace placeholders like 'your AmazonBedrockAgentCoreRuntimeDefaultServiceRole arn', '{your wiz client id}', and '{your wiz client secret}' with your actual values.
aws bedrock-agentcore-control create-agent-runtime --region us-east-1
--agent-runtime-name "wiz-mcp-server-stateless"
--description "Wiz MCP server"
--agent-runtime-artifact '{
"containerConfiguration": {
"containerUri": "709825985650.dkr.ecr.us-east-1.amazonaws.com/wiz/wiz-mcp:v0.1.1-stateless"
}
}'
--role-arn "your AmazonBedrockAgentCoreRuntimeDefaultServiceRole arn"
--network-configuration '{ "networkMode": "PUBLIC" }'
--protocol-configuration '{ "serverProtocol": "MCP" }'
--environment-variables '{
"WIZ_CLIENT_ID": "{your wiz client id}",
"WIZ_CLIENT_SECRET": "{your wiz client secret}",
"Wiz_MCP_TRANSPORT": "http",
"Wiz_MCP_PORT": "8000",
"Wiz_MCP_HOST": "0.0.0.0"
}'
- List Agent Runtime Use this command to retrieve details about the created agent runtime. Replace '{your agentRuntimeId in the output of create command}' with the actual ID from the previous step.
aws bedrock-agentcore-control get-agent-runtime
--agent-runtime-id {your agentRuntimeId in the output of create command}
--region us-east-1
- List Agent Runtime Endpoints This command lists the endpoints associated with your agent runtime. Replace '{your agentRuntimeId in the output of create command}' with the actual ID.
aws bedrock-agentcore-control list-agent-runtime-endpoints
--agent-runtime-id {your agentRuntimeId in the output of create command}
--region us-east-1
- Invoke Agent Runtime This command invokes the agent runtime to perform an action, e.g., listing tools. Replace '{your agentRuntimeArn in the output of create command}' with the actual ARN.
PAYLOAD_JSON='{"jsonrpc": "2.0", "id": 1, "method": "tools/list", "params": { "_meta": { "progressToken": 1}}}' PAYLOAD_BASE64=$(echo -n "$PAYLOAD_JSON" | base64) AGENT_ARN={your agentRuntimeArn in the output of create command}
aws bedrock-agentcore invoke-agent-runtime
--agent-runtime-arn "${AGENT_ARN}"
--payload="${PAYLOAD_BASE64}"
--content-type "application/json"
--accept "application/json, text/event-stream"
--qualifier "DEFAULT"
"output.json"
Resources
Vendor resources
Support
Vendor support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Wiz provides an entirely new approach to cloud security that for the first time identifies the actual risks hidden in your cloud infrastructure.
By Wiz
All in one solution to reduce risk from code to runtime. Wiz Go includes 300 Cloud Advanced workloads, 150 Defend Ingestion Units (GBs), 100 Runtime Sensors, and 50 Code Active Developers per month.
The Wiz Outpost Workload Scanner STIG AMI is intended for Wiz for Gov customers who want to deploy a Wiz Outpost to an AWS environment. Subscribing to this product is a prerequisite for successfully deploying an Outpost.
![Wiz [Private Offer Only]](https://d7umqicpi7263.cloudfront.net/img/product/85427284-c5a1-4317-998d-0afd8d7f0f6d.png)
Wiz for Government is FedRAMP Moderate authorized cloud security solution that provides full visibility and continuous risk reduction in the cloud, securing everything government agencies build and run in the cloud.
Customer reviews
Rishabh G.
Outstanding Cloud Visibility Platform
Reviewed on Dec 11, 2025
Review provided by G2
What do you like best about the product?
It is a really great SAAS paltform giving complete visibility of your cloud environment
What do you dislike about the product?
can be a bit complex to understand in the beginning
What problems is the product solving and how is that benefiting you?
It provides us with comprehensive visibility into our cloud environment.
Health, Wellness and Fitness
Effortless Remediation Steps Make It a Standout
Reviewed on Dec 09, 2025
Review provided by G2
What do you like best about the product?
The remediation steps are actually actionable - not just 'fix this' but showing you exactly how. Also, the multi-cloud coverage means I'm not juggling different tools for our various portfolio companies' infrastructure.
What do you dislike about the product?
Takes a bit to learn their UX language, but once you get it, it makes sense. Sometimes the alert noise can be high until you tune it properly.
What problems is the product solving and how is that benefiting you?
We're dealing with patient health data, so any cloud misconfiguration could mean a HIPAA breach. Wiz catches stuff like exposed S3 buckets or overly permissive access before it becomes a problem. The continuous monitoring means I'm not constantly manually checking if PHI is actually protected. Also makes compliance audits way easier - I can actually show what controls we have in place instead of just saying 'trust me, it's secure.
Yohan B.
Outstanding Experience
Reviewed on Dec 09, 2025
Review provided by G2
What do you like best about the product?
As a tech lead security engineer, what I appreciate most about Wiz is its ability to prioritize what truly matters. The toxic-combination engine is exceptionally effective at surfacing real, exploitable risks rather than overwhelming the team with noise. This also empowers our engineering teams to use Wiz autonomously daily, i.e. they can quickly understand what needs to be fixed first, without relying on security for constant supervision. That independence has been a major productivity boost and reduces friction, while the security team still maintains oversight for high-risk scenarios the tool might not fully capture.
On top of that, the CNAPP platform is comprehensive, and require only a few amount of time to set up and integrate everything in our ecosystem. We leverage Wiz across our cloud infrastructure, workloads, and runtime using the Wiz Sensor, which performs reliably with minimal overhead. The security graph makes exploration intuitive and gives us the context we need to understand issues end-to-end.
The customer success team is also one of the best I’ve worked with, which is highly appreciated.
On top of that, the CNAPP platform is comprehensive, and require only a few amount of time to set up and integrate everything in our ecosystem. We leverage Wiz across our cloud infrastructure, workloads, and runtime using the Wiz Sensor, which performs reliably with minimal overhead. The security graph makes exploration intuitive and gives us the context we need to understand issues end-to-end.
The customer success team is also one of the best I’ve worked with, which is highly appreciated.
What do you dislike about the product?
Overall, the platform work very well, and there are no big drawbacks. However, there is one challenge around KPIs, metrics, and vulnerability tracking in autoscaling environments. Because resources scale in and out frequently, we often lose track of what was actually fixed by engineering versus what simply disappeared due to autoscaling events. Vulnerabilities may appear “closed” when the underlying resource is terminated, only to reappear when a new instance is spun up. But overall, you still can follow the big picture of your vulnerabilities.
What problems is the product solving and how is that benefiting you?
Wiz brings us clarity to the complexity of managing cloud security at scale. It consolidates visibility across cloud resources, workloads, and runtime into a single, coherent platform. The prioritization model ensures that both security and engineering teams stay focused on the risks that matter most, rather than sifting through thousands of low-impact findings.
It also enables engineering teams to take meaningful action independently, which greatly accelerates remediation and reduces operational overhead for the security team. At the same time, it doesn’t replace the need for dedicated security expertise, we still rely on our team to investigate nuanced, high-risk cases and validate critical exposures. But Wiz provides a rich layer of insight with almost no additional effort required from engineers, making the entire organization more efficient and more secure.
It also enables engineering teams to take meaningful action independently, which greatly accelerates remediation and reduces operational overhead for the security team. At the same time, it doesn’t replace the need for dedicated security expertise, we still rely on our team to investigate nuanced, high-risk cases and validate critical exposures. But Wiz provides a rich layer of insight with almost no additional effort required from engineers, making the entire organization more efficient and more secure.
Alvaro M.
Wiz: Exceptional User Experience and Enhanced Efficiency
Reviewed on Dec 09, 2025
Review provided by G2
What do you like best about the product?
Wiz is a truly impressive tool. The user experience stands out, as it allows access to the platform through an interface adapted to each user's role. Additionally, Wiz's ability to prioritize critical aspects significantly contributes to improving work efficiency.
What do you dislike about the product?
The truth is that I don't find any negative aspect in Wiz, as for the use we give it, it turns out to be an excellent tool.
What problems is the product solving and how is that benefiting you?
Wiz provides us with centralized visibility of our multicloud environment, covering both the configuration of different clouds (CSPM) and the protection of workloads and applications (CNAPP). Having all findings visible and prioritized in one place allows us to organize and tackle the work much more efficiently.
Consulting
Effortless Adoption and Prioritization Across Teams
Reviewed on Dec 08, 2025
Review provided by G2
What do you like best about the product?
I appreciate the ease of use, the ability to prioritize tasks, and the clear communication regarding issues. Additionally, I have noticed how quickly it has been adopted by various teams.
What do you dislike about the product?
The only aspect that left me disappointed was the transition from the previous "all in" licensing model to a pricing structure based more on specific features or workloads.
What problems is the product solving and how is that benefiting you?
Wiz helped us take enormous amounts of data about our systems, and turn it into actionable insights. Acting on those insights has generated tangible improvements in our security and responsiveness as new risks emerge.