Sold by: Wiz
Deployed on AWS
The Wiz Model Context Protocol (MCP) Server acts as an MCP-compatible service that translates plain-language queries into Wiz-specific operations, like querying resources, or assessing risks.
4.7
Overview
The Wiz Model Context Protocol (MCP) Server elevates the impact of Wiz's security offerings by providing a unified security data source, enhanced cloud visibility, and contextual intelligence. The MCP Server connects multiple security data sources through a central host and server setup, creating a single, contextual view of the security posture to simplify investigations and accelerate incident response and remediation. It offers instant access to cloud inventory, configurations, and security issues via a single host with a simple prompt. By enriching security investigations with precise business context, the MCP Server allows security teams to prioritize responses based on relevance, drastically improving the accuracy and effectiveness of threat mitigation. The Wiz MCP Server enhances Wiz Code by translating plain-language queries into powerful workflows, streamlining everything from issue discovery to pull request creation. Integrated with Wiz Defend, the MCP Server helps security teams identify and contain active threats faster with AI generated insights and action paths.
Highlights
- Unified security data source for cloud security posture.
- Completed visibility into cloud inventory, configurations, and security issues
- Contextual intelligence that enriches security investigations with context, enabling security teams to prioritize responses to critical threats.
Details
Sold by
Categories
Delivery method
Type
Supported services
Delivery option
v0.1.1s
Latest version
Operating system
Linux
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Trust Center
Access real-time vendor security and compliance information through their Trust Center powered by Drata. Review certifications and security standards before purchase.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
This product is available free of charge. Free subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Vendor refund policy
n/a
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
v0.1.1s
Supported services: Learn more
- Amazon Bedrock AgentCore
Container image
Containers are lightweight, portable execution environments that wrap server application software in a filesystem that includes everything it needs to run. Container applications run on supported container runtimes and orchestration services, such as Amazon Elastic Container Service (Amazon ECS) or Amazon Elastic Kubernetes Service (Amazon EKS). Both eliminate the need for you to install and operate your own container orchestration software by managing and scheduling containers on a scalable cluster of virtual machines.
Version release notes
We are excited to share that the Wiz Model Context Protocol (MCP) Server is now available in the new AWS Marketplace AI Agents and Tools category.
The Wiz Model Context Protocol (MCP) Server is an innovative implementation that enables any MCP-compatible, LLM-powered application to interact with Wiz using plain language. It unifies diverse security data sources into a single, contextual view of your cloud security posture. This empowers teams to gain instant access to cloud inventory, configurations, and security issues, facilitating real-time cloud investigations, blast radius assessments, and AI-driven remediation actions through natural language prompts.
Additional details
Usage instructions
To allow the Wiz Model Context Protocol (MCP) Server to access your Wiz tenant, you need to configure specific environment variables.
Steps to Configure Wiz MCP Integration:
Navigate to Integrations in Wiz:
1. In the Wiz console, go to the Connect to Wiz > Integrations page. 2. Under the "Security Data Management" section, choose Wiz MCP. 3. On the "New Wiz MCP Integration" page: Enter a Display Name. Keep the default API scopes (Recommended). Click Add Integration. 4. After creation, copy the generated Client ID and Client Secret. These are crucial for authentication.Set Environment Variables:
Add the Client ID and Client Secret using the --environment-variables flag in your deployment command.
--environment-variables '{ "WIZ_CLIENT_ID":"your_client_id", "WIZ_CLIENT_SECRET":"your_client_secret" }'
2. Using GUI for Host Agent Deployment:If you are deploying via AWS Console GUI, 1) Click "Use on Amazon Bedrock AgentCore" 2) Click "Host Agent" add these variables under the "Advanced configurations" section.
For more detailed instructions and customer-specific access, please refer to the official documentation at https://docs.wiz.io/docs/set-up-wiz-mcp-server (Wiz customer access only).
AWS command line examples:
- Create an agent/MCP server This command creates a new agent runtime for the Wiz MCP server. Ensure you replace placeholders like 'your AmazonBedrockAgentCoreRuntimeDefaultServiceRole arn', '{your wiz client id}', and '{your wiz client secret}' with your actual values.
aws bedrock-agentcore-control create-agent-runtime --region us-east-1
--agent-runtime-name "wiz-mcp-server-stateless"
--description "Wiz MCP server"
--agent-runtime-artifact '{
"containerConfiguration": {
"containerUri": "709825985650.dkr.ecr.us-east-1.amazonaws.com/wiz/wiz-mcp:v0.1.1-stateless"
}
}'
--role-arn "your AmazonBedrockAgentCoreRuntimeDefaultServiceRole arn"
--network-configuration '{ "networkMode": "PUBLIC" }'
--protocol-configuration '{ "serverProtocol": "MCP" }'
--environment-variables '{
"WIZ_CLIENT_ID": "{your wiz client id}",
"WIZ_CLIENT_SECRET": "{your wiz client secret}",
"Wiz_MCP_TRANSPORT": "http",
"Wiz_MCP_PORT": "8000",
"Wiz_MCP_HOST": "0.0.0.0"
}'
- List Agent Runtime Use this command to retrieve details about the created agent runtime. Replace '{your agentRuntimeId in the output of create command}' with the actual ID from the previous step.
aws bedrock-agentcore-control get-agent-runtime
--agent-runtime-id {your agentRuntimeId in the output of create command}
--region us-east-1
- List Agent Runtime Endpoints This command lists the endpoints associated with your agent runtime. Replace '{your agentRuntimeId in the output of create command}' with the actual ID.
aws bedrock-agentcore-control list-agent-runtime-endpoints
--agent-runtime-id {your agentRuntimeId in the output of create command}
--region us-east-1
- Invoke Agent Runtime This command invokes the agent runtime to perform an action, e.g., listing tools. Replace '{your agentRuntimeArn in the output of create command}' with the actual ARN.
PAYLOAD_JSON='{"jsonrpc": "2.0", "id": 1, "method": "tools/list", "params": { "_meta": { "progressToken": 1}}}' PAYLOAD_BASE64=$(echo -n "$PAYLOAD_JSON" | base64) AGENT_ARN={your agentRuntimeArn in the output of create command}
aws bedrock-agentcore invoke-agent-runtime
--agent-runtime-arn "${AGENT_ARN}"
--payload="${PAYLOAD_BASE64}"
--content-type "application/json"
--accept "application/json, text/event-stream"
--qualifier "DEFAULT"
"output.json"
Resources
Vendor resources
Support
Vendor support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Wiz provides an entirely new approach to cloud security that for the first time identifies the actual risks hidden in your cloud infrastructure.
By Wiz
All in one solution to reduce risk from code to runtime. Wiz Go includes 300 Cloud Advanced workloads, 150 Defend Ingestion Units (GBs), 100 Runtime Sensors, and 50 Code Active Developers per month.
The Wiz Outpost Workload Scanner STIG AMI is intended for Wiz for Gov customers who want to deploy a Wiz Outpost to an AWS environment. Subscribing to this product is a prerequisite for successfully deploying an Outpost.
![Wiz [Private Offer Only]](https://d7umqicpi7263.cloudfront.net/img/product/85427284-c5a1-4317-998d-0afd8d7f0f6d.png)
Wiz for Government is FedRAMP Moderate authorized cloud security solution that provides full visibility and continuous risk reduction in the cloud, securing everything government agencies build and run in the cloud.
Customer reviews
Jim H.
Wiz Delivers Outstanding CSPM and Continuous Improvements
Reviewed on Jan 13, 2026
Review provided by G2
What do you like best about the product?
As a second-time customer of Wiz, I knew the CSPM was great and research told me it was still the best. This feature was even better than I remembered, as Wiz had not rested on their laurels and had continually improved over time! It has helped me get to zero critical issues in less than 6 months with the issue prioritisation and clear remedial steps which I can share with the teams responsible. No excuse for not having a well refined Jira, or not knowing what we really asking for - the details are in the language of the remediator, spoon-fed by Wiz!
Now, we use it all the time to proactively monitor our systems, look for config or vulnerabilities, and whenever I see a new Critical or High issue we immediately jump on it to triage. This means we have got managing Critical config issues down to similar remediation timelines as a Critical security incident and indeed in most cases we treat them almost identically (urgent conf calls, drop tools and huddle to fix etc.).
When it came to implementing Wiz, it was simply as quick as hooking up to our Cloud instances, providing the access, and sitting back to watch the fireworks. During the implementation the support was outstanding, and Wiz spent so much time with us and our different teams showing them how to use it, how simple it was to integrate with other tools, how we could extend visibility to the max, how to interpret the results, get good report data to the right people etc.. This operationalisation help ensure Wiz was used by multiple teams - although I think there's always room for even more engagement internally.
After implementing the engagement didn't stop though, and we still have a regular call with our TAM who is always happy to demo to some new users, or to help tweak some settings or help with some report or other. I don't think we've ever found the limit of engagement and Wiz seems happy to provide whatever level of interaction we need to get where we want to go.
Now, we use it all the time to proactively monitor our systems, look for config or vulnerabilities, and whenever I see a new Critical or High issue we immediately jump on it to triage. This means we have got managing Critical config issues down to similar remediation timelines as a Critical security incident and indeed in most cases we treat them almost identically (urgent conf calls, drop tools and huddle to fix etc.).
When it came to implementing Wiz, it was simply as quick as hooking up to our Cloud instances, providing the access, and sitting back to watch the fireworks. During the implementation the support was outstanding, and Wiz spent so much time with us and our different teams showing them how to use it, how simple it was to integrate with other tools, how we could extend visibility to the max, how to interpret the results, get good report data to the right people etc.. This operationalisation help ensure Wiz was used by multiple teams - although I think there's always room for even more engagement internally.
After implementing the engagement didn't stop though, and we still have a regular call with our TAM who is always happy to demo to some new users, or to help tweak some settings or help with some report or other. I don't think we've ever found the limit of engagement and Wiz seems happy to provide whatever level of interaction we need to get where we want to go.
What do you dislike about the product?
Nothing to dislike, although of course I wish it could be cheaper :-)
What problems is the product solving and how is that benefiting you?
For us, it was that we have so many different cloud environments and flavours. By the nature of our service, we deliver stand-alone clouds, private clouds, different cloud vendors etc. for different products and regions and customers. This is complex and incredibly difficult to get an holistic view across them as CISO, let alone to prioritise and manage where the risks are across this disconnected landscape. Wiz pulls it all together into one window from which we can easily distribute the effort out to the teams responsible for those very different environments and provide a consistent level of detail and track in a consistent manner. This allows me to do a lot less chasing and a lot more governing. It simply makes the security team hugely more leveraged and able to span so much more than without. I can't even imagine how we'd do that without Wiz, and we'd be in a much less secure state, less able to identify and respond to immediate risks (config and vuln issues). Wiz solves this very thoroughly.
Information Technology and Services
A Force Multiplier for Lean Security Teams
Reviewed on Dec 29, 2025
Review provided by G2
What do you like best about the product?
The agentless installation at Suki was incredibly smooth. We were able to get 100% visibility across our cloud environment immediately without the friction of deploying agents. The dashboards are truly world-class; they don't just show data, they tell a story.
The biggest upside is the prioritization. Instead of a flat list of thousands of alerts, Wiz uses its Security Graph to identify 'toxic combinations'—helping us focus on the 1% of issues that actually pose a reachable risk. Lastly, the support team is exceptional. They are highly responsive and act more like partners than a standard help desk.
The biggest upside is the prioritization. Instead of a flat list of thousands of alerts, Wiz uses its Security Graph to identify 'toxic combinations'—helping us focus on the 1% of issues that actually pose a reachable risk. Lastly, the support team is exceptional. They are highly responsive and act more like partners than a standard help desk.
What do you dislike about the product?
While the visibility is unmatched, the sheer volume of data can lead to initial alert fatigue. The platform is so comprehensive that it requires significant tuning to ensure developers aren't overwhelmed by non-critical findings.
There is also a slight workflow gap for developers. While Wiz is great at identifying the problem, the transition from 'finding an issue' to 'fixing it' still requires manual effort. Navigating the Security Graph can be a bit of a learning curve for non-security users who just want to know exactly what code to change.
There is also a slight workflow gap for developers. While Wiz is great at identifying the problem, the transition from 'finding an issue' to 'fixing it' still requires manual effort. Navigating the Security Graph can be a bit of a learning curve for non-security users who just want to know exactly what code to change.
What problems is the product solving and how is that benefiting you?
We have a very lean security team. Before Wiz, we were drowning in noisy, low-context alerts. Wiz has solved this by automating the prioritization of issues.
For Security: It acts as a force multiplier. Our current security engineers can manage a complex cloud footprint that would typically require a much larger team.
For Developers and SRE: We’ve given them their time back. We no longer bother them with irrelevant vulnerabilities; we only surface the "reachable" risks that actually matter. This has improved our developer and SRE velocity and built a culture of trust between security and engineering.
For Security: It acts as a force multiplier. Our current security engineers can manage a complex cloud footprint that would typically require a much larger team.
For Developers and SRE: We’ve given them their time back. We no longer bother them with irrelevant vulnerabilities; we only surface the "reachable" risks that actually matter. This has improved our developer and SRE velocity and built a culture of trust between security and engineering.
Legal Services
Exceptional Cloud Visibility and Effortless Integration
Reviewed on Dec 22, 2025
Review provided by G2
What do you like best about the product?
Wiz provides exceptional visibility across cloud environments, making it easy to identify misconfigurations, vulnerabilities, and compliance gaps in real time. The platform’s agentless architecture is a huge advantage it deploys quickly without impacting performance. The dashboard is intuitive, and the contextual risk prioritisation helps security teams focus on what truly matters. Integration with existing workflows is seamless, which saves time and reduces complexity.
What do you dislike about the product?
While Wiz is powerful, the pricing can be a barrier for smaller organisations. Some advanced features require additional configuration, which can be time-consuming for teams without dedicated cloud security expertise. The alert volume can feel overwhelming at first, and tuning policies to reduce noise takes effort. Reporting capabilities, although good, could benefit from more customisation options for executive-level summaries.
What problems is the product solving and how is that benefiting you?
Faster incident triage , earlier identity‑risk detection, lightweight audit readiness via scheduled reports, and better threat‑led prioritisation all of which reduce operational overhead while strengthening our cloud security posture.
Information Technology and Services
Cloud security Swiss army knife
Reviewed on Dec 19, 2025
Review provided by G2
What do you like best about the product?
In-depth cloud asset configuration visibility, code-to-cloud capabilities, vulnerability management, ITSM tool integration, trends and reporting dashboards.
What do you dislike about the product?
Menus are sometimes cluttered, findings can get overwhelming and you would need good prioritization procedures, naming conventions are a bit difficult to explain to security auditors looking for overall vulnerabilities in a system (between findings and issues)
What problems is the product solving and how is that benefiting you?
Cloud vulnerability management
Financial Services
Comprehensive, Actionable Security Insights Made Simple
Reviewed on Dec 16, 2025
Review provided by G2
What do you like best about the product?
Wiz offers comprehensive, agentless visibility and excels at turning complex data into clear, actionable, and prioritized security insights.
What do you dislike about the product?
I appreciate everything about Wiz and the range of capabilities it offers.
What problems is the product solving and how is that benefiting you?
The issues that Wiz addresses—such as removing security blind spots, automating the correlation of threats, and delivering actionable insights—help make the entire technology ecosystem more secure. When the cloud environment is safer, it results in higher-quality and more secure information being accessible to users everywhere. This, in turn, directly supports my ability to offer reliable and accurate answers.