Sold by: WizÂ
Deployed on AWS
The Wiz Model Context Protocol (MCP) Server acts as an MCP-compatible service that translates plain-language queries into Wiz-specific operations, like querying resources, or assessing risks.
4.7
Overview
The Wiz Model Context Protocol (MCP) Server elevates the impact of Wiz's security offerings by providing a unified security data source, enhanced cloud visibility, and contextual intelligence. The MCP Server connects multiple security data sources through a central host and server setup, creating a single, contextual view of the security posture to simplify investigations and accelerate incident response and remediation. It offers instant access to cloud inventory, configurations, and security issues via a single host with a simple prompt. By enriching security investigations with precise business context, the MCP Server allows security teams to prioritize responses based on relevance, drastically improving the accuracy and effectiveness of threat mitigation. The Wiz MCP Server enhances Wiz Code by translating plain-language queries into powerful workflows, streamlining everything from issue discovery to pull request creation. Integrated with Wiz Defend, the MCP Server helps security teams identify and contain active threats faster with AI generated insights and action paths.
Highlights
- Unified security data source for cloud security posture.
- Completed visibility into cloud inventory, configurations, and security issues
- Contextual intelligence that enriches security investigations with context, enabling security teams to prioritize responses to critical threats.
Details
Sold by
Categories
Delivery method
Type
Supported services
Delivery option
v0.1.1s
Latest version
Operating system
Linux
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Trust Center
Access real-time vendor security and compliance information through their Trust Center powered by Drata. Review certifications and security standards before purchase.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
This product is available free of charge. Free subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Vendor refund policy
n/a
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
v0.1.1s
Supported services: Learn moreÂ
- Amazon Bedrock AgentCore
Container image
Containers are lightweight, portable execution environments that wrap server application software in a filesystem that includes everything it needs to run. Container applications run on supported container runtimes and orchestration services, such as Amazon Elastic Container Service (Amazon ECS) or Amazon Elastic Kubernetes Service (Amazon EKS). Both eliminate the need for you to install and operate your own container orchestration software by managing and scheduling containers on a scalable cluster of virtual machines.
Version release notes
We are excited to share that the Wiz Model Context Protocol (MCP) Server is now available in the new AWS Marketplace AI Agents and Tools category.
The Wiz Model Context Protocol (MCP) Server is an innovative implementation that enables any MCP-compatible, LLM-powered application to interact with Wiz using plain language. It unifies diverse security data sources into a single, contextual view of your cloud security posture. This empowers teams to gain instant access to cloud inventory, configurations, and security issues, facilitating real-time cloud investigations, blast radius assessments, and AI-driven remediation actions through natural language prompts.
Additional details
Usage instructions
To allow the Wiz Model Context Protocol (MCP) Server to access your Wiz tenant, you need to configure specific environment variables.
Steps to Configure Wiz MCP Integration:
Navigate to Integrations in Wiz:
1. In the Wiz console, go to the Connect to Wiz > Integrations page. 2. Under the "Security Data Management" section, choose Wiz MCP. 3. On the "New Wiz MCP Integration" page: Enter a Display Name. Keep the default API scopes (Recommended). Click Add Integration. 4. After creation, copy the generated Client ID and Client Secret. These are crucial for authentication.Set Environment Variables:
Add the Client ID and Client Secret using the --environment-variables flag in your deployment command.
--environment-variables '{ "WIZ_CLIENT_ID":"your_client_id", "WIZ_CLIENT_SECRET":"your_client_secret" }'
2. Using GUI for Host Agent Deployment:If you are deploying via AWS Console GUI, 1) Click "Use on Amazon Bedrock AgentCore" 2) Click "Host Agent" add these variables under the "Advanced configurations" section.
For more detailed instructions and customer-specific access, please refer to the official documentation at https://docs.wiz.io/docs/set-up-wiz-mcp-server (Wiz customer access only).
AWS command line examples:
- Create an agent/MCP server This command creates a new agent runtime for the Wiz MCP server. Ensure you replace placeholders like 'your AmazonBedrockAgentCoreRuntimeDefaultServiceRole arn', '{your wiz client id}', and '{your wiz client secret}' with your actual values.
aws bedrock-agentcore-control create-agent-runtime --region us-east-1
--agent-runtime-name "wiz-mcp-server-stateless"
--description "Wiz MCP server"
--agent-runtime-artifact '{
"containerConfiguration": {
"containerUri": "709825985650.dkr.ecr.us-east-1.amazonaws.com/wiz/wiz-mcp:v0.1.1-stateless"
}
}'
--role-arn "your AmazonBedrockAgentCoreRuntimeDefaultServiceRole arn"
--network-configuration '{ "networkMode": "PUBLIC" }'
--protocol-configuration '{ "serverProtocol": "MCP" }'
--environment-variables '{
"WIZ_CLIENT_ID": "{your wiz client id}",
"WIZ_CLIENT_SECRET": "{your wiz client secret}",
"Wiz_MCP_TRANSPORT": "http",
"Wiz_MCP_PORT": "8000",
"Wiz_MCP_HOST": "0.0.0.0"
}'
- List Agent Runtime Use this command to retrieve details about the created agent runtime. Replace '{your agentRuntimeId in the output of create command}' with the actual ID from the previous step.
aws bedrock-agentcore-control get-agent-runtime
--agent-runtime-id {your agentRuntimeId in the output of create command}
--region us-east-1
- List Agent Runtime Endpoints This command lists the endpoints associated with your agent runtime. Replace '{your agentRuntimeId in the output of create command}' with the actual ID.
aws bedrock-agentcore-control list-agent-runtime-endpoints
--agent-runtime-id {your agentRuntimeId in the output of create command}
--region us-east-1
- Invoke Agent Runtime This command invokes the agent runtime to perform an action, e.g., listing tools. Replace '{your agentRuntimeArn in the output of create command}' with the actual ARN.
PAYLOAD_JSON='{"jsonrpc": "2.0", "id": 1, "method": "tools/list", "params": { "_meta": { "progressToken": 1}}}' PAYLOAD_BASE64=$(echo -n "$PAYLOAD_JSON" | base64) AGENT_ARN={your agentRuntimeArn in the output of create command}
aws bedrock-agentcore invoke-agent-runtime
--agent-runtime-arn "${AGENT_ARN}"
--payload="${PAYLOAD_BASE64}"
--content-type "application/json"
--accept "application/json, text/event-stream"
--qualifier "DEFAULT"
"output.json"
Resources
Vendor resources
Support
Vendor support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Wiz provides an entirely new approach to cloud security that for the first time identifies the actual risks hidden in your cloud infrastructure.
All in one solution to reduce risk from code to runtime. Wiz Go includes 300 Cloud Advanced workloads, 150 Defend Ingestion Units (GBs), 100 Runtime Sensors, and 50 Code Active Developers per month.
The Wiz Outpost Workload Scanner STIG AMI is intended for Wiz for Gov customers who want to deploy a Wiz Outpost to an AWS environment. Subscribing to this product is a prerequisite for successfully deploying an Outpost.
![Wiz [Private Offer Only]](https://d7umqicpi7263.cloudfront.net/img/product/184534ac-8f72-4678-a3a1-79133b4c656d.png)
Wiz for Government is FedRAMP Moderate authorized cloud security solution that provides full visibility and continuous risk reduction in the cloud, securing everything government agencies build and run in the cloud.
Customer reviews
Antwon L.
Unmatched Cloud Visibility and Seamless Jira Integration
Reviewed on Nov 25, 2025
Review provided by G2
What do you like best about the product?
What I like best about Wiz is the insight visibility and overview of issues and vulnerabilities within a cloud environment. Being able to not only track the primary resource of each individual issue but to also be able to view that in a security graph at a very high level. This type of insight capabilities helps users like me understand the full history of the issue as well as the different access points. Also being able to integrate these issues/vulnerabilities directly into Jira for direct progress tracking improves the workflow of solving them within a timely manner.
What do you dislike about the product?
The only downside I have for Wiz is that it can give a ton of information and telemetry on your environment all at once. Which can seem kinda overwhelming when first onboarding Wiz because a user may not know exactly what areas to search for in Wiz, and as a result it can take some time to understand.
What problems is the product solving and how is that benefiting you?
Wiz is solving the gaps of public exposure and vulnerabilities that our cloud environment has had in the past. That directly benefits me by giving my team more visibility into our cloud environments security posture overall, and knowing that I'm taking the correct steps into making our cloud environment as secure as possible.
Manufacturing
Seamless Integration and Outstanding Detection Capabilities with Wiz
Reviewed on Nov 24, 2025
Review provided by G2
What do you like best about the product?
Our experience with Wiz has been overwhelmingly positive. Integrating both our cloud and on-premises environments was straightforward, quick, and efficient, thanks to clear documentation and highly responsive account contacts. In addition to the standard Cloud Provider onboarding, we found it easy to connect our Kubernetes clusters via APIs, a feature we haven’t encountered with other vendors.
Wiz also stood out for its flexibility: by using the CLI, we were able to scan our repositories even without access to the native Repository connector. We successfully onboarded our virtual environment as well, which allowed us to gain insight into on-premises security issues.
One of the platform’s greatest strengths is its interface. Resource discovery happens instantly, the inventory fills rapidly, and projects can be segmented to provide team-specific access. The detection capabilities are exceptional, identifying everything from cloud misconfigurations to sensitive data exposure and new AI-related risks, all with customizable dashboards.
Wiz also stood out for its flexibility: by using the CLI, we were able to scan our repositories even without access to the native Repository connector. We successfully onboarded our virtual environment as well, which allowed us to gain insight into on-premises security issues.
One of the platform’s greatest strengths is its interface. Resource discovery happens instantly, the inventory fills rapidly, and projects can be segmented to provide team-specific access. The detection capabilities are exceptional, identifying everything from cloud misconfigurations to sensitive data exposure and new AI-related risks, all with customizable dashboards.
What do you dislike about the product?
There are a few minor bugs that do not affect the overall functionality of the service, such as issues with the history of the Mika AI assistant. Additionally, project segregation currently does not exclude Entra ID findings that are unrelated to the specific project. However, both of these issues have been addressed.
What problems is the product solving and how is that benefiting you?
Usage of the project helping us to increase visibility and speed-up findings resolution.
Information Technology and Services
Revolutionized Our Cloud Security Posutre with Unmatched Visibility and Support
Reviewed on Nov 18, 2025
Review provided by G2
What do you like best about the product?
Wiz has become and invaluable tool for our cloud security posture. The platform provides full visibility into all layers of our workload and cloud environments, which has been a game-changer for our security team.
It is amazing to see how different assets and resources are connected to each other. This contextual relationship helps us understand the risks and potential blast radius of vulnerability and misconfigurations in ways we have not been able to view before.
I also have to highlight that the Support team is exceptional. Our Account Manager and Technical Support team has been incredibly responsive, knowledgeable and genuinely invested in help us get the most value out of Wiz.
It is amazing to see how different assets and resources are connected to each other. This contextual relationship helps us understand the risks and potential blast radius of vulnerability and misconfigurations in ways we have not been able to view before.
I also have to highlight that the Support team is exceptional. Our Account Manager and Technical Support team has been incredibly responsive, knowledgeable and genuinely invested in help us get the most value out of Wiz.
What do you dislike about the product?
My main critique is that Wiz is overwhelming at first. Wiz does so much that it can be challenging to know where to start. Its breadth of features and insights, while ultimately its strengths, creates a steep initial learning curve for new users to the platform.
What problems is the product solving and how is that benefiting you?
Wiz has fundamentally transformed how we approach cloud security management. The platform gives us visibility across our entire cloud environment, eliminating the blind spots that previously existed when trying to piece together information from multiple tools and consoles.
Having a single pane of glass to view all cloud resources, issues, and findings has dramatically improved our efficiency. Instead of context-switching between different dashboards and security tools, our team can now see everything in one place, which speeds up investigation and remediation times significantly.
The automation capabilities have been particularly valuable – Wiz automatically notifies the appropriate teams of vulnerabilities based on our configured rules and workflows. This means critical issues reach the right people immediately without manual triage, reducing our mean time to response.
Perhaps most importantly for our organization, Wiz ensures we adhere to the strictest security standards. The platform's compliance frameworks and continuous monitoring help us maintain our security posture and demonstrate compliance to auditors and stakeholders. This has reduced the stress and manual effort that previously went into compliance reporting, while giving us confidence that we're meeting our security obligations.
Having a single pane of glass to view all cloud resources, issues, and findings has dramatically improved our efficiency. Instead of context-switching between different dashboards and security tools, our team can now see everything in one place, which speeds up investigation and remediation times significantly.
The automation capabilities have been particularly valuable – Wiz automatically notifies the appropriate teams of vulnerabilities based on our configured rules and workflows. This means critical issues reach the right people immediately without manual triage, reducing our mean time to response.
Perhaps most importantly for our organization, Wiz ensures we adhere to the strictest security standards. The platform's compliance frameworks and continuous monitoring help us maintain our security posture and demonstrate compliance to auditors and stakeholders. This has reduced the stress and manual effort that previously went into compliance reporting, while giving us confidence that we're meeting our security obligations.
Financial Services
Wiz: Fast Deployment, Instant Cloud Security Insights for Azure and AWS
Reviewed on Nov 18, 2025
Review provided by G2
What do you like best about the product?
Wiz is remarkably easy to implement, requiring minimal configuration to start delivering results. Within hours of deployment, it provides deep visibility across cloud environments, including Azure and AWS, without the need for agents or complex integrations. Its intuitive interface and automated risk prioritization make it simple for teams to identify and remediate critical issues quickly. The immediate value lies in its ability to unify security posture management across multiple clouds, helping organizations reduce risk and accelerate compliance from day one.
What do you dislike about the product?
Difficulty with ServiceNow service graph connector
What problems is the product solving and how is that benefiting you?
Wiz is solving the challenge of gaining complete visibility and control across multi-cloud environments. Traditionally, identifying misconfigurations, vulnerabilities, and toxic combinations in Azure and AWS required multiple tools and manual effort. Wiz eliminates that complexity by providing agentless scanning and a unified view of risks across workloads, identities, and configurations.
The benefit is immediate: we can quickly prioritize and remediate the most critical issues, reduce attack surface, and improve compliance without slowing down development. This has streamlined our cloud security posture management and given us confidence that risks are addressed proactively rather than reactively.
The benefit is immediate: we can quickly prioritize and remediate the most critical issues, reduce attack surface, and improve compliance without slowing down development. This has streamlined our cloud security posture management and given us confidence that risks are addressed proactively rather than reactively.
Ofir P.
Effortless Inventory and Vulnerability Management with Wiz
Reviewed on Nov 15, 2025
Review provided by G2
What do you like best about the product?
Wiz is incredibly easy to use. I find it much simpler to search through all my inventory and vulnerabilities with Wiz, rather than having to sift through countless pages elsewhere.
It includes all the enterprise feature everyone needs.
The customer support is amazing, they reach out to me a lot to make sure we improve our posture and make sure to keep up with best practices.
Implementation and Integration wise it's really easy, you click on few buttons and that's it everything is up and ready inside any cloud, if you have any issue the CS Team will be there to assist.
I'm using Wiz every week for few hours in order to make sure that everything is set up correctly, and there is nothing exposed to vulerabilities.
It includes all the enterprise feature everyone needs.
The customer support is amazing, they reach out to me a lot to make sure we improve our posture and make sure to keep up with best practices.
Implementation and Integration wise it's really easy, you click on few buttons and that's it everything is up and ready inside any cloud, if you have any issue the CS Team will be there to assist.
I'm using Wiz every week for few hours in order to make sure that everything is set up correctly, and there is nothing exposed to vulerabilities.
What do you dislike about the product?
I honestly can't find anything to dislike about Wiz; it offers everything I need.
What problems is the product solving and how is that benefiting you?
By scanning all of my cloud environments, I am able to maintain a proper security posture across each of them. This process helps ensure that my security standards are consistently upheld throughout all clouds.