2026-04
2026-04
This release tracker is LLM-curated from Wiz updates and announcements I follow. Always verify critical details against the linked source announcements. Source files for this radar are published at https://github.com/pisinger/pisinger.github.io/tree/main/_wiz_release_radar
Wiz Release Radar - April 2026
This is an LLM-curated list of Wiz updates and announcements I follow.
| Status: π’ GA | π‘ Public Preview | π Private Preview | β« Deprecation | π΅ Update | π΄ Security |
| Indicator | Feature | Type | Product Area | Description |
|---|---|---|---|---|
| π’ | AI-BOM | GA | Code | Automatically inventories AI frameworks, models, and IDE extensions (Gemini Code Assist, GitHub Copilot, Cursor) on the Security Graph, eliminating Shadow AI blind spots for security teams. |
| π’ | SAST Rules for OWASP LLM/Agentic Top 10 | GA | Code | New SAST detection rules mapped to OWASP Top 10 for LLM Applications and Agentic Applications, catching prompt injection, insecure model outputs, and unsafe agent behavior at code inception. |
| π’ | Wiz Skills in IDE | GA | Code | Coding agents can pull active Wiz issues and apply Green Agent remediation plans natively in the IDE as a simple command, enabling machine-speed remediation of security debt. |
| π’ | Technology Intel Center | GA | Platform | Centralized feed of cloud and AI provider feature releases, migration updates, and EOL notices, automatically correlated with affected Wiz resources and cloud cost impact. |
| π’ | AI Studio Coverage Expansion | GA | AI-APP | Expanded visibility into AWS Agentcore, Gemini Enterprise Agent Platform, Azure Copilot Studio, and Salesforce Agentforce, including agents, models, and connected tools on the Security Graph. |
| π’ | Multi-cloud PaaS Expansion | GA | Cloud | Continued multicloud PaaS coverage expansion including AgentCore, enabling teams to track workloads, identities, and exposures across increasingly abstracted infrastructure. |
| π’ | Wiz Code Plugins for AI IDEs | GA | Code | Pre-commit and pre-push security scanning for AI-native IDEs (Claude Code, Cursor) via Wiz MCP Server and WizCLI, catching secrets, IaC misconfigs, CVEs, and malware before code reaches the repository. |
| π’ | CI/CD Pipeline Security | GA | Code | CI/CD pipelines modeled as first-class assets on the Security Graph with CI-BOM inventory, AI agent prompt injection detection, dangerous trigger flagging, and a dedicated CI Pipelines Inventory page. |
| π’ | IaC Inventory | GA | Code | Unified view connecting every IaC module to its deployments and live resources, surfacing drift and blast radius across code, state files, and cloud environments. |
| π’ | Pulumi IaC Scanning | GA | Code | Wiz CLI now scans Pulumi templates for misconfigurations across AWS, GCP, and Azure before deployment, extending IaC coverage to developer-first languages. |
| π’ | Shadow Data Detection | GA | Data | Identifies stale, duplicated, and over-retained data across cloud storage using provider inventory reports, surfacing cost savings and exposure reduction opportunities in a dedicated dashboard. |
| π‘ | Red Agent with Claude Opus | Public Preview | Red Agent | Red Agent leverages Anthropic Claude Opus 4.6/4.7 for AI-powered offensive security testing of web applications and APIs, scanning 150K+ assets weekly with zero false positives; available in Preview Hub. |
| π‘ | Green Agent Remediation in IDE | Public Preview | Green Agent | Green Agent generates precise remediation plans using full code-to-cloud context; security teams can send plans to coding agents to auto-create pull requests from within the Wiz portal. |
| π΅ | Apigee API Discovery | Integration | Platform | Full Apigee X and Hybrid architecture surfaced on the Security Graph including gateways, environments, proxies, endpoints, and authorization schemes, with unauthenticated endpoint flagging; no additional setup beyond the GCP Connector. |
| π΅ | Databricks Security Graph Integration | Integration | Platform | Databricks workspaces, Unity Catalog assets, identities, and data classifications (PII, PHI, PCI, secrets) mapped onto the Security Graph for cross-platform attack path analysis. |
| π΅ | Secure Guardrails for Lovable | Update | Code | Post-code-generation security scanning for Lovable AI coding tool using inline hooks with organizational guardrails injected before AI writes code; available May 2026. |
Sources
- https://www.wiz.io/blog/red-agent-claude-opus
- https://www.wiz.io/blog/wiz-code-week-recap
- https://www.wiz.io/blog/wiz-at-google-cloud-next
- https://www.wiz.io/blog/securing-software-age-of-agentic-coding
- https://www.wiz.io/blog/wiz-apigee-integration-for-api-discovery
- https://www.wiz.io/blog/wiz-databricks-security-graph
- https://www.wiz.io/blog/from-code-to-pipeline-wiz-code-now-secures-your-build-environment
- https://www.wiz.io/blog/wiz-iac-inventory
- https://www.wiz.io/blog/introducing-shadow-data-detection-in-wiz
This post is licensed under CC BY 4.0 by the author.