2026-05
2026-05
This release tracker is LLM-curated from Wiz updates and announcements I follow. Always verify critical details against the linked source announcements. Source files for this radar are published at https://github.com/pisinger/pisinger.github.io/tree/main/_wiz_release_radar
Wiz Release Radar - May 2026
This is an LLM-curated list of Wiz updates and announcements I follow.
| Status: π’ GA | π‘ Public Preview | π Private Preview | β« Deprecation | π΅ Update | π΄ Security |
| Indicator | Feature | Type | Product Area | Description |
|---|---|---|---|---|
| π’ | Wiz Sensor Forensics | GA | Defend | Automatically captures forensic artifacts (scripts, binaries, process trees, shell histories, container drift layer) at the moment of Runtime Sensor detection. AI engine analyzes artifacts and feeds verdicts into Blue Agent for accelerated SOC/IR investigation. Requires Wiz Runtime Sensor. |
| π’ | Runtime Detection for Google Cloud Run | GA | Defend | Runtime Sensor support for Google Cloud Run containers provides real-time process monitoring, 2000+ built-in TDRs, correlation into consolidated threats, Blue Agent investigation, and automated response policies. Complements existing AWS Fargate and Azure Container Apps coverage. |
| π’ | Wiz for PQC Readiness | GA | Cloud | Continuous cryptographic asset inventory across code, cloud, and runtime β algorithms, certificates, keys, libraries, and web services. PQC Readiness Framework organizes findings into Legacy Resiliency, HNDL Risk, and Identity/Signature Resiliency phases. Security Graph correlation prioritizes toxic combinations (exposure + data sensitivity + attack path reachability). |
| π’ | Wiz Audit History | GA | Platform | Continuous cross-cloud timeline of resource configuration changes, Cloud Configuration Findings, and Vulnerability Findings. Side-by-side visual diffs for outage troubleshooting, Mika AI natural-language investigation, and point-in-time compliance evidence export for SOC2/HIPAA/PCI-DSS. Vulnerability finding history tracking in Public Preview. |
| π’ | Wiz for Microsoft 365 | GA | SaaS | M365 (Exchange Online, SharePoint, OneDrive, Entra ID) added to the Security Graph with CIS benchmark posture assessment, data classification and secrets detection via AI engine, Microsoft Purview sensitivity label integration, and remediation actions. Surfaces attack paths connecting M365 misconfigurations to cloud resources and identities. |
| π‘ | Akamai Edge Integration | Public Preview | Platform | Akamai Edge DNS zones and account-level metadata ingested into the Security Graph and analyzed alongside cloud, identity, and runtime context. Surfaces edge misconfigurations (overly permissive DNS records, exposed services) correlated with underlying cloud resources for prioritized remediation. |
| π‘ | Penetration Test Findings | Public Preview | Red Agent | Centralizes pen-test results from bug bounties (HackerOne out-of-box), external audit reports, internal red-team exercises, and AI-generated reports (Claude Skill) into a unified view. Findings enriched with Security Graph context (owner, network paths, code-to-cloud mapping) with Mika AI deduplication, Green Agent remediation guidance, and posture policy SLA tracking. |
| π | Claude Enterprise Compliance API Integration | Private Preview | Platform | Discovers Claude Enterprise organizations, users, role bindings, projects, and AI datasets via the Claude Compliance API and maps them onto the Security Graph. Provides visibility into Claude usage, permissions, and project configurations alongside existing cloud and identity context. Contact account team to enable. |
| π | Copilot Studio AI App Visibility | Private Preview | AI-APP | Identifies AI applications built with Microsoft Copilot Studio and surfaces risks from misconfiguration, overexposure, and lack of guardrails β including unauthenticated agent access and high-privilege tool connections. Part of Wiz AI-APP platform expansion. |
| π΄ | Fragnesia Linux Kernel LPE Detection | Security | Cloud | Pre-built queries and advisory in the Wiz Threat Intel Center for Fragnesia (CVE-2026-074), a page-cache corruption LPE in the Linux XFRM ESP-in-TCP subsystem enabling unprivileged local root via deterministic page-cache overwrite. Wiz customers can search for affected instances across their environment. |
Sources
- https://www.wiz.io/blog/wiz-sensor-forensics-ga
- https://www.wiz.io/blog/introducing-runtime-threat-detection-for-google-cloud-run
- https://www.wiz.io/blog/wiz-for-pqc-readiness
- https://www.wiz.io/blog/introducing-audit-history
- https://www.wiz.io/blog/wiz-for-microsoft-365
- https://www.wiz.io/blog/introducing-wiz-akamai-integration
- https://www.wiz.io/blog/pen-test-findings
- https://www.wiz.io/blog/claude-wiz-integration
- https://www.wiz.io/blog/fragnesia-linux-kernel-local-privilege-escalation-via-esp-in-tcp
This post is licensed under CC BY 4.0 by the author.