Sold by: Wiz
Deployed on AWS
The Wiz Model Context Protocol (MCP) Server acts as an MCP-compatible service that translates plain-language queries into Wiz-specific operations, like querying resources, or assessing risks.
4.7
Overview
The Wiz Model Context Protocol (MCP) Server elevates the impact of Wiz's security offerings by providing a unified security data source, enhanced cloud visibility, and contextual intelligence. The MCP Server connects multiple security data sources through a central host and server setup, creating a single, contextual view of the security posture to simplify investigations and accelerate incident response and remediation. It offers instant access to cloud inventory, configurations, and security issues via a single host with a simple prompt. By enriching security investigations with precise business context, the MCP Server allows security teams to prioritize responses based on relevance, drastically improving the accuracy and effectiveness of threat mitigation. The Wiz MCP Server enhances Wiz Code by translating plain-language queries into powerful workflows, streamlining everything from issue discovery to pull request creation. Integrated with Wiz Defend, the MCP Server helps security teams identify and contain active threats faster with AI generated insights and action paths.
Highlights
- Unified security data source for cloud security posture.
- Completed visibility into cloud inventory, configurations, and security issues
- Contextual intelligence that enriches security investigations with context, enabling security teams to prioritize responses to critical threats.
Details
Sold by
Categories
Delivery method
Type
Supported services
Delivery option
v0.1.1s
Latest version
Operating system
Linux
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Trust Center
Access real-time vendor security and compliance information through their Trust Center powered by Drata or Vanta. Review certifications and security standards before purchase.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
This product is available free of charge. Free subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Vendor refund policy
n/a
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
v0.1.1s
Supported services: Learn more
- Amazon Bedrock AgentCore
Container image
Containers are lightweight, portable execution environments that wrap server application software in a filesystem that includes everything it needs to run. Container applications run on supported container runtimes and orchestration services, such as Amazon Elastic Container Service (Amazon ECS) or Amazon Elastic Kubernetes Service (Amazon EKS). Both eliminate the need for you to install and operate your own container orchestration software by managing and scheduling containers on a scalable cluster of virtual machines.
Version release notes
We are excited to share that the Wiz Model Context Protocol (MCP) Server is now available in the new AWS Marketplace AI Agents and Tools category.
The Wiz Model Context Protocol (MCP) Server is an innovative implementation that enables any MCP-compatible, LLM-powered application to interact with Wiz using plain language. It unifies diverse security data sources into a single, contextual view of your cloud security posture. This empowers teams to gain instant access to cloud inventory, configurations, and security issues, facilitating real-time cloud investigations, blast radius assessments, and AI-driven remediation actions through natural language prompts.
Additional details
Usage instructions
To allow the Wiz Model Context Protocol (MCP) Server to access your Wiz tenant, you need to configure specific environment variables.
Steps to Configure Wiz MCP Integration:
Navigate to Integrations in Wiz:
1. In the Wiz console, go to the Connect to Wiz > Integrations page. 2. Under the "Security Data Management" section, choose Wiz MCP. 3. On the "New Wiz MCP Integration" page: Enter a Display Name. Keep the default API scopes (Recommended). Click Add Integration. 4. After creation, copy the generated Client ID and Client Secret. These are crucial for authentication.Set Environment Variables:
Add the Client ID and Client Secret using the --environment-variables flag in your deployment command.
--environment-variables '{ "WIZ_CLIENT_ID":"your_client_id", "WIZ_CLIENT_SECRET":"your_client_secret" }'
2. Using GUI for Host Agent Deployment:If you are deploying via AWS Console GUI, 1) Click "Use on Amazon Bedrock AgentCore" 2) Click "Host Agent" add these variables under the "Advanced configurations" section.
For more detailed instructions and customer-specific access, please refer to the official documentation at https://docs.wiz.io/docs/set-up-wiz-mcp-server (Wiz customer access only).
AWS command line examples:
- Create an agent/MCP server This command creates a new agent runtime for the Wiz MCP server. Ensure you replace placeholders like 'your AmazonBedrockAgentCoreRuntimeDefaultServiceRole arn', '{your wiz client id}', and '{your wiz client secret}' with your actual values.
aws bedrock-agentcore-control create-agent-runtime --region us-east-1
--agent-runtime-name "wiz-mcp-server-stateless"
--description "Wiz MCP server"
--agent-runtime-artifact '{
"containerConfiguration": {
"containerUri": "709825985650.dkr.ecr.us-east-1.amazonaws.com/wiz/wiz-mcp:v0.1.1-stateless"
}
}'
--role-arn "your AmazonBedrockAgentCoreRuntimeDefaultServiceRole arn"
--network-configuration '{ "networkMode": "PUBLIC" }'
--protocol-configuration '{ "serverProtocol": "MCP" }'
--environment-variables '{
"WIZ_CLIENT_ID": "{your wiz client id}",
"WIZ_CLIENT_SECRET": "{your wiz client secret}",
"Wiz_MCP_TRANSPORT": "http",
"Wiz_MCP_PORT": "8000",
"Wiz_MCP_HOST": "0.0.0.0"
}'
- List Agent Runtime Use this command to retrieve details about the created agent runtime. Replace '{your agentRuntimeId in the output of create command}' with the actual ID from the previous step.
aws bedrock-agentcore-control get-agent-runtime
--agent-runtime-id {your agentRuntimeId in the output of create command}
--region us-east-1
- List Agent Runtime Endpoints This command lists the endpoints associated with your agent runtime. Replace '{your agentRuntimeId in the output of create command}' with the actual ID.
aws bedrock-agentcore-control list-agent-runtime-endpoints
--agent-runtime-id {your agentRuntimeId in the output of create command}
--region us-east-1
- Invoke Agent Runtime This command invokes the agent runtime to perform an action, e.g., listing tools. Replace '{your agentRuntimeArn in the output of create command}' with the actual ARN.
PAYLOAD_JSON='{"jsonrpc": "2.0", "id": 1, "method": "tools/list", "params": { "_meta": { "progressToken": 1}}}' PAYLOAD_BASE64=$(echo -n "$PAYLOAD_JSON" | base64) AGENT_ARN={your agentRuntimeArn in the output of create command}
aws bedrock-agentcore invoke-agent-runtime
--agent-runtime-arn "${AGENT_ARN}"
--payload="${PAYLOAD_BASE64}"
--content-type "application/json"
--accept "application/json, text/event-stream"
--qualifier "DEFAULT"
"output.json"
Resources
Vendor resources
Support
Vendor support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Wiz provides an entirely new approach to cloud security that for the first time identifies the actual risks hidden in your cloud infrastructure.
By Wiz
All in one solution to reduce risk from code to runtime. Wiz Go includes 300 Cloud Advanced workloads, 150 Defend Ingestion Units (GBs), 100 Runtime Sensors, and 50 Code Active Developers per month.
The Wiz Outpost Workload Scanner STIG AMI is intended for Wiz for Gov customers who want to deploy a Wiz Outpost to an AWS environment. Subscribing to this product is a prerequisite for successfully deploying an Outpost.
At EliteOps, we specialize in enhancing cloud security with precision-tailored Wiz services for AWS, Azure, and GCP. We recognize that building a robust security practice is about more than just tools—it's about operationalizing security with a focus on people and processes as much as on deployment and configuration. Our approach merges deep technical expertise with strategic insights, ensuring transparent engagements and accountable results. Committed to proper cloud build procedures, we drive operational efficiency and strive to exceed customer expectations. We are more than just providers; we are partners dedicated to elevating your security and observability posture, streamlining your journey to cloud excellence.
Customer reviews
Education Management
Actionable, Risk-Based Cloud Visibility with Strong Prioritization and AI Insights
Reviewed on May 29, 2026
Review provided by G2
What do you like best about the product?
What I like best about Wiz is its ability to provide risk-based visibility across our cloud environment in a way that is actionable for both security and engineering teams.
The most valuable aspect is the contextual risk prioritization. Rather than managing large volumes of findings, Wiz helps us focus on the exposures that matter most and drive remediation where it has the greatest impact.
The platform is intuitive, scales well, and provides strong executive-level visibility into cloud risk. We've also found the AI capabilities helpful in accelerating investigations and understanding complex attack paths and security findings.
The most valuable aspect is the contextual risk prioritization. Rather than managing large volumes of findings, Wiz helps us focus on the exposures that matter most and drive remediation where it has the greatest impact.
The platform is intuitive, scales well, and provides strong executive-level visibility into cloud risk. We've also found the AI capabilities helpful in accelerating investigations and understanding complex attack paths and security findings.
What do you dislike about the product?
As with any mature security platform, there is a significant breadth of functionality, which can create a learning curve for new users. While the platform does a strong job of contextualizing risk, some of the more advanced capabilities and reporting options could be simplified further to accelerate adoption across broader technical teams.
As our cloud environment continues to evolve, I would also welcome continued investment in AI-driven recommendations and automation to further reduce investigation and remediation effort. These are relatively minor considerations, however, compared to the overall value the platform delivers.
As our cloud environment continues to evolve, I would also welcome continued investment in AI-driven recommendations and automation to further reduce investigation and remediation effort. These are relatively minor considerations, however, compared to the overall value the platform delivers.
What problems is the product solving and how is that benefiting you?
Wiz helps us address one of the biggest cloud security challenges: gaining clear visibility into risk across a rapidly evolving cloud environment while enabling teams to move quickly.
Before Wiz, it was more difficult to correlate vulnerabilities, misconfigurations, exposed assets, and identity risks to understand which issues required immediate attention. Wiz provides the context needed to prioritize remediation based on actual risk, improving collaboration between security and engineering teams and allowing us to focus resources where they have the greatest impact.
From a business perspective, this has improved our ability to manage cloud risk at scale, strengthen our security posture, and provide leadership with better visibility into our overall risk landscape. The result is a more efficient and risk-informed approach to cloud security without slowing down innovation.
Before Wiz, it was more difficult to correlate vulnerabilities, misconfigurations, exposed assets, and identity risks to understand which issues required immediate attention. Wiz provides the context needed to prioritize remediation based on actual risk, improving collaboration between security and engineering teams and allowing us to focus resources where they have the greatest impact.
From a business perspective, this has improved our ability to manage cloud risk at scale, strengthen our security posture, and provide leadership with better visibility into our overall risk landscape. The result is a more efficient and risk-informed approach to cloud security without slowing down innovation.
Nigel H.
Wiz Leads Cloud Security with Powerful Insights and an Intuitive UI
Reviewed on May 24, 2026
Review provided by G2
What do you like best about the product?
Wiz is an incredible company. Their solutions have hit the right mark between visual representation of data, and actual technical insights. I've been incredibly impressed by it's balance of usability and powerful information. I've used a few different providers in the cloud security space, and Wiz is definately the leader for me.
What do you dislike about the product?
It can sometimes be hard to understand what new features I should be exploring. They incrementally improve the products at a fast rate, and it can be hard to keep up.
What problems is the product solving and how is that benefiting you?
Full cloud security coverage across our multiple cloud platforms.
Hospital & Health Care
Unified, Agentless Cloud Security Visibility That Helps Us Prioritize Risk
Reviewed on May 23, 2026
Review provided by G2
What do you like best about the product?
Wiz has made a big difference in how we approach cloud security. What I like most is how easy it is to get a complete, unified view of everything across our cloud environment without needing to deploy agents everywhere. The platform does a great job of connecting the dots between vulnerabilities, misconfigurations, and exposures, so instead of chasing a flood of alerts, we can focus on the issues that actually pose real risk. That context has really helped us prioritize and move faster when it comes to remediation.
What do you dislike about the product?
The platform can feel a bit overwhelming at first, and there’s a learning curve to fully understand the depth of features and data.
Pricing can be on the higher side to similar tools.
Pricing can be on the higher side to similar tools.
What problems is the product solving and how is that benefiting you?
Wiz is helping us solve the challenge of getting clear, end-to-end visibility across our cloud environment. Instead of dealing with multiple tools and a high volume of disconnected alerts, Wiz brings everything into a single platform.
The biggest benefit is speed and efficiency. Our team spends less time chasing noise and more time focusing on meaningful remediation. It’s also improved collaboration across security and engineering teams since everyone is working from the same data and insights, which helps us address issues faster and more effectively.
The biggest benefit is speed and efficiency. Our team spends less time chasing noise and more time focusing on meaningful remediation. It’s also improved collaboration across security and engineering teams since everyone is working from the same data and insights, which helps us address issues faster and more effectively.
Matvey N.
Quick to setup and clear view across our cloud environment
Reviewed on May 22, 2026
Review provided by G2
What do you like best about the product?
Agentless, quick to set up, no headaches. Best part: it doesn't drown you in alerts - it shows real attack paths, so you know what to fix first. The AI side is interesting and potentially in high demand - Mika answers tricky security questions and pulls reports in plain language, and the new agents (Green, Red, Blue) hint at where this is all heading.
What do you dislike about the product?
Licensing for WIZ Cloud and WIZ Code is the weak spot - it's rigid and not transparent enough, and figuring out what you actually need (and what it'll cost) takes more effort than it should.
Reporting could be more flexible. You also can't assign owners for fixing vulnerabilities, which makes remediation harder to track.
Reporting could be more flexible. You also can't assign owners for fixing vulnerabilities, which makes remediation harder to track.
What problems is the product solving and how is that benefiting you?
One clear view across our cloud, with the noise filtered out, so a small team can focus on the risks that actually matter - less manual digging, faster fixes.
Public Relations and Communications
Wiz’s Agentless Deployment Makes Security Easy
Reviewed on May 20, 2026
Review provided by G2
What do you like best about the product?
One of Wiz’s biggest advantages is its agentless deployment model
What do you dislike about the product?
Alert noise requires some tuning after deployment
What problems is the product solving and how is that benefiting you?
can gained visibility quickly over our cloud environment ( Azure in our case) without requiring extensive endpoint installations or infrastructure changes.