Sold by: Wiz
Deployed on AWS
The Wiz Model Context Protocol (MCP) Server acts as an MCP-compatible service that translates plain-language queries into Wiz-specific operations, like querying resources, or assessing risks.
4.7
Overview
The Wiz Model Context Protocol (MCP) Server elevates the impact of Wiz's security offerings by providing a unified security data source, enhanced cloud visibility, and contextual intelligence. The MCP Server connects multiple security data sources through a central host and server setup, creating a single, contextual view of the security posture to simplify investigations and accelerate incident response and remediation. It offers instant access to cloud inventory, configurations, and security issues via a single host with a simple prompt. By enriching security investigations with precise business context, the MCP Server allows security teams to prioritize responses based on relevance, drastically improving the accuracy and effectiveness of threat mitigation. The Wiz MCP Server enhances Wiz Code by translating plain-language queries into powerful workflows, streamlining everything from issue discovery to pull request creation. Integrated with Wiz Defend, the MCP Server helps security teams identify and contain active threats faster with AI generated insights and action paths.
Highlights
- Unified security data source for cloud security posture.
- Completed visibility into cloud inventory, configurations, and security issues
- Contextual intelligence that enriches security investigations with context, enabling security teams to prioritize responses to critical threats.
Details
Sold by
Categories
Delivery method
Type
Supported services
Delivery option
v0.1.1s
Latest version
Operating system
Linux
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Trust Center
Access real-time vendor security and compliance information through their Trust Center powered by Drata. Review certifications and security standards before purchase.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
This product is available free of charge. Free subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Vendor refund policy
n/a
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
v0.1.1s
Supported services: Learn more
- Amazon Bedrock AgentCore
Container image
Containers are lightweight, portable execution environments that wrap server application software in a filesystem that includes everything it needs to run. Container applications run on supported container runtimes and orchestration services, such as Amazon Elastic Container Service (Amazon ECS) or Amazon Elastic Kubernetes Service (Amazon EKS). Both eliminate the need for you to install and operate your own container orchestration software by managing and scheduling containers on a scalable cluster of virtual machines.
Version release notes
We are excited to share that the Wiz Model Context Protocol (MCP) Server is now available in the new AWS Marketplace AI Agents and Tools category.
The Wiz Model Context Protocol (MCP) Server is an innovative implementation that enables any MCP-compatible, LLM-powered application to interact with Wiz using plain language. It unifies diverse security data sources into a single, contextual view of your cloud security posture. This empowers teams to gain instant access to cloud inventory, configurations, and security issues, facilitating real-time cloud investigations, blast radius assessments, and AI-driven remediation actions through natural language prompts.
Additional details
Usage instructions
To allow the Wiz Model Context Protocol (MCP) Server to access your Wiz tenant, you need to configure specific environment variables.
Steps to Configure Wiz MCP Integration:
Navigate to Integrations in Wiz:
1. In the Wiz console, go to the Connect to Wiz > Integrations page. 2. Under the "Security Data Management" section, choose Wiz MCP. 3. On the "New Wiz MCP Integration" page: Enter a Display Name. Keep the default API scopes (Recommended). Click Add Integration. 4. After creation, copy the generated Client ID and Client Secret. These are crucial for authentication.Set Environment Variables:
Add the Client ID and Client Secret using the --environment-variables flag in your deployment command.
--environment-variables '{ "WIZ_CLIENT_ID":"your_client_id", "WIZ_CLIENT_SECRET":"your_client_secret" }'
2. Using GUI for Host Agent Deployment:If you are deploying via AWS Console GUI, 1) Click "Use on Amazon Bedrock AgentCore" 2) Click "Host Agent" add these variables under the "Advanced configurations" section.
For more detailed instructions and customer-specific access, please refer to the official documentation at https://docs.wiz.io/docs/set-up-wiz-mcp-server (Wiz customer access only).
AWS command line examples:
- Create an agent/MCP server This command creates a new agent runtime for the Wiz MCP server. Ensure you replace placeholders like 'your AmazonBedrockAgentCoreRuntimeDefaultServiceRole arn', '{your wiz client id}', and '{your wiz client secret}' with your actual values.
aws bedrock-agentcore-control create-agent-runtime --region us-east-1
--agent-runtime-name "wiz-mcp-server-stateless"
--description "Wiz MCP server"
--agent-runtime-artifact '{
"containerConfiguration": {
"containerUri": "709825985650.dkr.ecr.us-east-1.amazonaws.com/wiz/wiz-mcp:v0.1.1-stateless"
}
}'
--role-arn "your AmazonBedrockAgentCoreRuntimeDefaultServiceRole arn"
--network-configuration '{ "networkMode": "PUBLIC" }'
--protocol-configuration '{ "serverProtocol": "MCP" }'
--environment-variables '{
"WIZ_CLIENT_ID": "{your wiz client id}",
"WIZ_CLIENT_SECRET": "{your wiz client secret}",
"Wiz_MCP_TRANSPORT": "http",
"Wiz_MCP_PORT": "8000",
"Wiz_MCP_HOST": "0.0.0.0"
}'
- List Agent Runtime Use this command to retrieve details about the created agent runtime. Replace '{your agentRuntimeId in the output of create command}' with the actual ID from the previous step.
aws bedrock-agentcore-control get-agent-runtime
--agent-runtime-id {your agentRuntimeId in the output of create command}
--region us-east-1
- List Agent Runtime Endpoints This command lists the endpoints associated with your agent runtime. Replace '{your agentRuntimeId in the output of create command}' with the actual ID.
aws bedrock-agentcore-control list-agent-runtime-endpoints
--agent-runtime-id {your agentRuntimeId in the output of create command}
--region us-east-1
- Invoke Agent Runtime This command invokes the agent runtime to perform an action, e.g., listing tools. Replace '{your agentRuntimeArn in the output of create command}' with the actual ARN.
PAYLOAD_JSON='{"jsonrpc": "2.0", "id": 1, "method": "tools/list", "params": { "_meta": { "progressToken": 1}}}' PAYLOAD_BASE64=$(echo -n "$PAYLOAD_JSON" | base64) AGENT_ARN={your agentRuntimeArn in the output of create command}
aws bedrock-agentcore invoke-agent-runtime
--agent-runtime-arn "${AGENT_ARN}"
--payload="${PAYLOAD_BASE64}"
--content-type "application/json"
--accept "application/json, text/event-stream"
--qualifier "DEFAULT"
"output.json"
Resources
Vendor resources
Support
Vendor support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Wiz provides an entirely new approach to cloud security that for the first time identifies the actual risks hidden in your cloud infrastructure.
By Wiz
All in one solution to reduce risk from code to runtime. Wiz Go includes 300 Cloud Advanced workloads, 150 Defend Ingestion Units (GBs), 100 Runtime Sensors, and 50 Code Active Developers per month.
The Wiz Outpost Workload Scanner STIG AMI is intended for Wiz for Gov customers who want to deploy a Wiz Outpost to an AWS environment. Subscribing to this product is a prerequisite for successfully deploying an Outpost.
We provide full managed services for Wiz including the full onboarding of the platform in any AWS Environment.
We provide fully scalable security operations from 8x5 to 24x7 coverage.
Customer reviews
Dan M.
Comprehensive Cloud and Code Security with Excellent Visibility and Fast Deployment
Reviewed on Mar 05, 2026
Review provided by G2
What do you like best about the product?
Very easy to deploy and quick to start delivering value. It provides excellent visibility across a wide range of security risks and surfaces vulnerabilities that might otherwise go unnoticed. The remediation guidance, particularly the GenAI step-by-step explanations, is genuinely useful for helping teams understand and fix issues rather than just identifying them.
What do you dislike about the product?
Some capabilities are consumption-based, so it is important to understand how certain features could affect cost. That said, it is straightforward to control or limit additional spend if needed.
What problems is the product solving and how is that benefiting you?
Wiz provides us with a consolidated view of security risks across our cloud estate and code base. It has improved our visibility, helped us uncover issues we hadn’t previously detected, and made it easier for teams to prioritise and remediate vulnerabilities. Overall, it’s having a positive impact on our security posture.
Hospitality
Easy, Agentless Deployment, Useful and pertinent security alert.
Reviewed on Mar 04, 2026
Review provided by G2
What do you like best about the product?
First of all, the deployment was very easy: there was no agent to install and no complicated onboarding. It was up and running in less than half a day. For the smaller details, our TAM was available very quickly and knows the product almost perfectly. The issue tab is really useful to pinpoint exactly what you need to address quickly by providing a good context, and help to cut the alert fatigue drastically. That's a tool we're using daily and that is completely integrated into our alerting process.
The pertinence of issues are also very good, having a platform that we can trust about the severity of issues is a game changer.
The pertinence of issues are also very good, having a platform that we can trust about the severity of issues is a game changer.
What do you dislike about the product?
As today, unfortunately we didn't find a downside of WIZ compared to other product.
What problems is the product solving and how is that benefiting you?
Our first problem was the alert fatigue, we come from a regular CSPM, without any context. WIZ was able to cut the alert fatigue instantly, the user adoption of the tool was greatly improved by that.
Financial Services
Instant Cloud Visibility and Clear, Actionable Risk Insights
Reviewed on Mar 04, 2026
Review provided by G2
What do you like best about the product?
Wiz provides full visibility into our cloud resources. It was easy to set up; within minutes, I was able to connect Wiz to my entire environment. It then performs a full inventory of my environment and clearly presents the outstanding vulnerabilities and misconfigurations, and most importantly, the toxic combinations that should be addressed immediately. Also, Wiz support is excellent
What do you dislike about the product?
I honestly do not think there's anything I dislike about Wiz.
What problems is the product solving and how is that benefiting you?
Wiz is helping us solve issues around resource visibility and inventory. In a cloud environment, where resources can be spun up very easily, Wiz captures those changes quickly and highlights possible misconfigurations or other concerns that should be addressed. It also doesn’t just present findings; it correlates toxic combinations and indicates what specifically requires urgent attention. I find Wiz threat intel really good, especially because it correlates that intel with my resources and lets me know whether any of them are affected.
Wiz AI security is also great. As an organization that is rapidly embracing AI for our processes and workflows, Wiz provides full visibility into our usage of AI services across our cloud providers, including possible misconfigurations, Shadow AI, the use of sensitive data for AI model training, and publicly exposed MCPs within my environment.
Wiz AI security is also great. As an organization that is rapidly embracing AI for our processes and workflows, Wiz provides full visibility into our usage of AI services across our cloud providers, including possible misconfigurations, Shadow AI, the use of sensitive data for AI model training, and publicly exposed MCPs within my environment.
Renewables & Environment
Wiz Delivers Comprehensive, Low-Noise Security with High-Value Findings
Reviewed on Mar 04, 2026
Review provided by G2
What do you like best about the product?
Ever since we adopted Wiz, it has delivered to us in every sense ranging from code security all the way to infrastructure security, providing a comprehensive all in one platform which has helped us to consolidate our security tooling enormously. Wiz does well in showing us which findings require our attention and which ones perhaps do not, this is very different to other platforms that are out there which we have found to be overwhelming due to the amount of noise generated. On top of this, Wiz has helped us detect findings that all other providers missed which to us showcased the value of using Wiz as a security platform.
What do you dislike about the product?
There isn't really anything that I have disliked about Wiz, other than perhaps the cost which can be slightly higher than competitors however I think this ends up balancing out due to the value provided by Wiz.
What problems is the product solving and how is that benefiting you?
As with many businesses, security and more so visibility into issues within our platform has always been a pain point due to the amount of disconnected tools that we had to implement. Whereas with Wiz, it has helped us consolidate all of them into a singular comprehensive and connected platform.
Hospital & Health Care
Helpful Dashboards and Clear Resource Categorization for Faster Troubleshooting
Reviewed on Mar 03, 2026
Review provided by G2
What do you like best about the product?
Dashboards and how resources are being categorized for easy troubleshooting.
What do you dislike about the product?
The MITTR dashboard needs more work to be comprehensive especially on the Executive overview.
What problems is the product solving and how is that benefiting you?
It gives us the overview of our environment and every resources. Easy to track issues down to the source and providing a remediation steps which can be automated.