Wiz expanding from CSPM to CNAPP

This shift turns Wiz from a fast growing point solution into a candidate for a much larger security platform budget. Wiz started by connecting read only to AWS, Azure, and Google Cloud to show security teams the riskiest misconfigurations and exposed assets without installing agents. Moving into CNAPP means selling more modules into the same console, across code, runtime, identities, data, and detection, which raises contract size and puts Wiz into more direct competition with Palo Alto Networks and Snyk.

• The product expansion is concrete, not just category branding. Wiz added threat detection and response through Gem Security, runtime security through Raftt, and by September 2024 had launched Wiz Code to secure software earlier in the lifecycle, before code reaches production cloud environments.
  1 sacra 6 bloomberg 7 wiz
• The competitive prize is much bigger than CSPM alone because enterprises want fewer security tools. Palo Alto built Prisma Cloud into a code to cloud CNAPP and used acquisitions like Dig Security to fill data security gaps. Incumbents can bundle these features into broader platform renewals and discount heavily.
  1 sacra 5 paloaltonetworks 8 paloaltonetworks 9 paloaltonetworks
• The closest comparable move is Snyk coming from developer security toward a broader platform, while Wiz is coming from cloud posture toward application security. By late 2024, Snyk was at about $300M ARR and Wiz at about $500M ARR, showing how valuable the broader code plus cloud budget can become.
  3 sacra 4 sacra 7 wiz

The next phase of cloud security looks more like platform consolidation than new point tools. The winners will be the vendors that can show one graph of risk from code commit to running workload, then help teams fix the issue in the same workflow. Wiz is positioning to be that control plane, which is why TAM expansion is central to its path toward multi billion dollar revenue.