Google Cloud and Wiz: A Multi-Cloud Security Model

While cloud infrastructures offer enterprises benefits such as on-demand resources and global scalability, effectively layering security across these environments has proven to be a challenge.

For cloud security startup Wiz, which was acquired by Google’s parent company Alphabet for US$32bn in March 2025, the goal is to provide visibility into all risks without adding complexity.

Founded in 2020, Wiz provides an agentless, graph-based cloud-native application protection platform (CNAPP).

Companies using Wiz can scan their cloud environments, including virtual machines, containers or serverless services and visualise attack paths that connect minor misconfigurations into larger risks.

“With the Wiz Security Graph, we provide full visibility and context into every cloud resource and the relationships between them to uncover the toxic combinations of risk that create attack paths in your cloud,” says Oron Noah, Director of Product Management at Wiz.

Building a multi-cloud security foundation

After launching its product, Wiz gained attention from large organisations that were operating across multiple cloud platforms.

To meet this demand, Wiz had to mirror their multi-cloud, hybrid and distributed infrastructures. Wiz turned to Google Cloud as a core infrastructure partner and a way to scale its growth.

“We support our customers wherever they are,” says Yinon Costica, VP of Product and Co-Founder of Wiz.

They add: “One of our largest customers operated a multi-cloud infrastructure, and we knew that we had to adopt the same approach. With Google Cloud, we built the foundation for a security solution that could cater to the variety of cloud environments. We also benefit from our Google Cloud Marketplace partnership to reach new Google Cloud customers.”

The decision was informed by customer need and the flexibility of Google Cloud’s developer tools. Wiz established its security platform within Google Cloud, using Kubernetes to ensure portability across environments.

“The way that Google Cloud implements Infrastructure-as-a-Code principles meant that we worked very quickly,” says Scott Sumner, Cloud Services Provider Alliance Manager at Wiz.

He adds: “We were up and running within a month.”

Delivering security at speed without agents

For Wiz, security should not come at the cost of agility. Wiz connects natively to customers’ cloud environments using an API-only architecture, rather than using traditional security agents that can be a burden on infrastructure.

“By using API-only connectors, rather than deploying agents, we can seamlessly scan our customers’ infrastructure with zero friction to the instances and no management overhead,” Oron explains.

This efficiency could be valuable for regulated industries like finance and healthcare. Wiz can scale from lightweight connections across open infrastructure to embedded deployments in sensitive environments, without slowing operations.

Automation has also been important. Google Kubernetes Engine and related managed services allow a small team at Wiz to deliver enterprise-scale solutions. “We go to market very quickly with Google Cloud,” Oron says.

They add: “We can put our energy into developing new tools that respond to our customers’ specific needs. The automations we get with Google Cloud are very important for us. Say a customer acquired a new company and expanded their Google Cloud environment as a result. We would automatically have scanned their cloud and be able to uncover risks within minutes, instead of days or weeks.”

Reacting to global threats

The ability for Wiz to react quickly was tested in December 2021 when a vulnerability in the Log4j Java logging library impacted the security community, leaving enterprises searching for solutions.

Wiz integrated detection into its platform, helping customers and new prospects manage their risks. “We were able to identify and visualise the Log4j vulnerability very quickly for new customers,” Scott explains. Google Cloud also offered tools to simplify and strengthen security.

“The Identity and Access Management Recommender tool is a unique bonus of Google Cloud,” Scott adds.

He continues: “We can share an incredibly rich level of detail with our customers and surface information that can very quickly identify vulnerabilities.”

Wiz's growth is rooted in its technology and its partnerships. Its integration with Google Cloud services ensures the platform evolves with new cloud innovations. “We’ve got a great relationship with several product teams at Google Cloud,” Oron says.

He adds: “It means we can onboard new tools into our platform and make them visible to our customers. They can also learn from us about how we use their tools. We’d like to keep working side by side with Google Cloud, enhancing both sides of the partnership.”