Start with Identity
CIEM

Wiz

Founded 2020New York, NY, USAPrivate (agreement to be acquired by Google/Alphabet, announced 2025)Score 4.5/5Evaluated 2026-06-19Website ↗

Capability scores

Methodology →
Authentication
3.0
SSO & Federation
3.0
Authorization
4.5
Lifecycle & Provisioning
2.5
MFA & Passwordless
2.5
Governance & Audit
4.5
Developer Experience
4.5
Deployment Flexibility
3.5
Pricing Transparency
2.0
Support & Ecosystem
4.5

Scored 0–5 against a published rubric. Independent analysis, no vendor sponsorship.

Overview

Wiz is a cloud security platform (CNAPP) that folded cloud infrastructure entitlement management (CIEM) into its broader graph-based approach. Founded in 2020 and based in New York, with an announced 2025 agreement to be acquired by Google, it treats CIEM as one capability among many alongside CSPM, workload scanning, and exposure analysis. It is one of the fastest-growing cloud security vendors and a clear market leader.

What it is good at

Context is the strength. The Wiz Security Graph maps identities, effective permissions, and resources together, so you see not just an over-privileged role but whether that role can reach sensitive data through a real attack path. Cross-cloud coverage across AWS, Azure, and GCP is strong, developer experience is good, and support and ecosystem depth are excellent. For teams already running Wiz, getting entitlement risk in the same console as workload and exposure context is a genuine advantage that standalone CIEM tools cannot match.

Where it falls short

CIEM is not Wiz's center of gravity. Remediation tends to be advisory rather than enforced, and there is no native just-in-time provisioning or access-request workflow. Lifecycle provisioning is limited, and authentication and MFA are out of scope. If you want active entitlement lifecycle management and enforcement rather than visibility and prioritization, Wiz alone will not cover it, and pricing is opaque and bundled.

Pricing

Quote-based and opaque. Pricing is typically tied to cloud workloads or resources and the modules licensed, with enterprise sales engagement and annual commitments. CIEM is generally bundled into CNAPP packaging rather than sold standalone. Model it with the TCO calculator.

Best for, and who should look elsewhere

Choose Wiz when you want entitlement risk understood inside a cloud security platform you already run. For standalone CIEM depth, compare Sonrai Security (see Wiz vs Sonrai); for enforcement and JIT, see Britive and the CIEM category.

Bottom line

The pick when you want entitlement risk inside a cloud security platform you already run, not when you need standalone CIEM with enforcement and access workflows.

Wiz comparisons

By SWI Community Team · Last evaluated 2026-06-19

Independent, community-driven analysis. No vendor sponsorship. Compiled from public research and community input and verified on a best-effort basis, so details may be incomplete or out of date. Scores are opinions, not advice. Trademarks belong to their owners; mention does not imply affiliation or endorsement. See the full disclaimer, or send corrections to community@startwithidentity.com.