Google’s Acquisition of Wiz: Solving the Other Half of Cloud Security

Benson George, the Senior Principal Product Marketing Manager at Aviatrix, shares an analysis of Google’s acquisition of Wiz and what takeaways we can get from it. This article originally appeared in Insight Jam, an enterprise IT community that enables human conversation on AI.

Security teams today face an impossible paradox: posture tools show everything that could go wrong, but enforcement tools can’t act in time to prevent it. That gap has made runtime network security the most urgent blind spot in multi-cloud operations. For CISOs, cloud security architects, and DevSecOps teams, posture without protection is a liability.

This blind spot only worsens in multi-cloud environments, which have irrevocably altered the security landscape. Today, threat actors are proliferating at phenomenal rates, perpetrated or assisted by artificial intelligence (AI). Simultaneously, cloud applications and workloads exacerbate security risks like ransomware, supply chain attacks, and data exfiltration. Leading brands are acting to defend against these emergent risks and security challenges.

Most notably, Google announced the acquisition of Wiz, a leading cloud security platform, for $32 billion. In its press release, Google stated that this acquisition represents an investment to accelerate two trends in the AI era: improved cloud security and the ability to operationalize multicloud. Google’s acquisition of Wiz also underscores its commitment to leveraging cloud-native capabilities that integrate across diverse cloud environments.

What is Wiz? 

Wiz is a leader in Cloud Security Posture Management and Cloud Native Application Protection Platforms. The Wiz Cloud Security Platform, its flagship offering, includes Wiz Code for secure cloud development, Wiz Cloud to manage a company’s security posture, and Wiz Defend to respond to cloud threats. The Wiz Cloud Security Platform is the foundation for security posture awareness for organizations of all sizes, from start-ups to large enterprises to governments and public sector organizations, enabling their security, Dev, and DevOps teams to protect everything they build in the cloud.

This agentless solution scans all major clouds and code environments via cloud Application Programming Interfaces to provide users with a static analysis of cloud asset inventory. Static analysis helps security teams make sense of sprawling multicloud environments by identifying misconfigurations, access risks, and toxic combinations. Wiz gives users the security posture blueprint they need to answer these questions: “What assets do I have?”, “Are they configured securely?”, “Where are my potential static risks?” Nevertheless, a blueprint is only a blueprint. Security teams still lack the tools to act on risks—instantly and at scale.

Threat Detection Without Remediation: Why Wiz Only Goes So Far

Today, most companies’ cloud security leaves dangerous gaps in protection. A helpful way to conceptualize these gaps is to imagine the cloud as a house and the enterprise as the homeowner. In this analogy, many homeowners have security cameras that can identify vulnerabilities in their home, like unlocked windows, but they can’t stop intruders. Or, homeowners have an alarm system that can detect break-ins but can’t tell them which windows are vulnerable.

Static analysis through Wiz gives users visibility to detect vulnerabilities and other possible risks across cloud environments. In the context of the home security analogy, Wiz allows the homeowner (or business) to scan their entire property (or cloud environments) and identify every possible vulnerability. While enormously beneficial, identifying issues is only the first part of any cloud network security strategy, with the second being the action or response to that identified problem. Companies need tools to remediate those threats within a closed-loop system.

Unfortunately, not only do many organizations lack comprehensive visibility of their cloud environments, but they also lack tools capable of fixing issues and restoring operations. Taking decisive action and regaining control becomes even more difficult in complex, perimeter-less, multicloud environments. With evolving, AI-powered threats on the rise, businesses (especially those operating in multicloud environments) need solutions that address the complete security picture, completing the road that Wiz begins.

The Need for Dynamic Runtime Network Security

Businesses need solutions that combine static visibility with real-time remediation. While a solution like Wiz covers the first part, companies still need network security for runtime traffic dynamic policy enforcement. They also need insights into what is actually happening on the network, including the ability to control and segment network traffic in real time.

One solution that would pair nicely with Wiz is a cloud firewall with dynamic runtime network security and control capabilities, such as microsegmentation, intelligent egress filtering, etc. A secure, intelligent, and software-defined network fabric overlaying public cloud infrastructure would further strengthen visibility, control, and security enforcement, especially for multicloud networking.

By augmenting threat detection capabilities with solutions like a cloud firewall and network fabric overlay, security teams will move from static analysis and reactive measures to proactive and dynamic enforcement of security policies within cloud and multicloud environments. This comprehensive, intelligent, and actionable approach to cloud security will likewise remove security as a bottleneck, accelerating digital transformation and maximizing returns from cloud investments, particularly in complex multicloud environments.

Dramatically improved threat protection will not only safeguard revenue and reputation but also create a competitive advantage by enabling secure innovation at cloud speed. Security teams using posture-only tools spend 60% to 80% of their time triaging alerts. Runtime enforcement shifts that balance—reducing Mean Time To Repair, cutting breach risk, and freeing up teams to focus on architecture, not firefighting.

Addressing the Security Venn Diagram 

The transition to the cloud has forever changed security, with Google’s acquisition of Wiz further reinforcing the growing overlap between cybersecurity, cloud computing, and other emerging technologies like AI. The intersection between these disciplines necessitates a mindset shift for businesses in that security isn’t managing isolated boxes but a Venn diagram.

To that end, companies must follow a similar path to Google by using a solution like Wiz to identify vulnerabilities in their cloud resources while leveraging other tools that can actively address those issues in real-time across multicloud environments. Ultimately, static analysis shows what’s at risk—the right network security solution makes sure that risk doesn’t become tomorrow’s breach.