Wiz passes 500M ARR and expands
Wiz passes $500M ARR
Wiz is turning its original cloud scanner into a control point for three different budgets, cloud posture, developer security, and security operations. Wiz Cloud stays the system of record for what is deployed across AWS, Azure, GCP, and OCI. Wiz Code moves earlier into the software pipeline, where developers fix issues before deployment. Wiz Defend moves later into runtime, where analysts investigate live threats with the same cloud context.
-
The product split maps cleanly to incumbent categories. Wiz Code pushes into Snyk’s application security lane, where code scanning had already reached about $100M ARR inside Snyk by October 2024. Wiz Defend goes after CrowdStrike style threat detection. Wiz Cloud broadens the original agentless cloud posture product toward a fuller CNAPP bundle.
-
What ties the bundle together is one shared graph of code, identities, workloads, network exposure, and cloud resources. That means a risky storage bucket, the Terraform that created it, the developer who changed it, and the runtime alert triggered from it can all be traced in one workflow instead of across separate tools.
-
This is also a pricing and sales expansion move. Agentless scanning got Wiz in the door quickly because customers only had to grant read only cloud access. Once inside, multi product packaging lets Wiz sell more seats and higher value modules into the same large enterprise account, similar to how Orca used code and IaC bundling to raise subscription prices.
The next phase is a code to runtime security suite that competes less like a point product and more like a cloud era Palo Alto. If Wiz keeps using the core cloud graph as the common data layer, each new module should make the others easier to buy, harder to rip out, and more central to how large enterprises run cloud security.