CyCognito joins Wiz Integrations (WIN) Platform

May 1, 2025
The integration with Wiz supports a modern cloud security operating model, where security and cloud teams work together across the entire development lifecycle.

CyCognito today announced its partnership with cloud security provider Wiz and joins Wiz Integrations (WIN). The integration, launching at the RSA Conference, enables joint customers to combine the visibility and coverage of Wiz's CNAPP with the power of continuous Dynamic Application Security Testing (DAST) and external asset discovery across global organizations—ultimately enabling enhanced cloud security coverage.

CyCognito offers seedless discovery that automatically identifies unmanaged cloud instances. By providing an attacker's perspective from outside your network, CyCognito reveals both sanctioned and unsanctioned environments without requiring cloud service provider APIs. Its external attack surface management approach complements CNAPP strategies by providing visibility into coverage gaps and giving cloud security teams visibility into assets they didn't know existed.

CyCognito uses DAST to examine running apps for vulnerabilities and tests from the network edge—through the infrastructure—and into the application.

"By integrating with Wiz, we're bringing the attacker's perspective directly into cloud security programs," said Randy Streu, SVP Global Channels & Alliances, CyCognito. "This partnership empowers security teams with both internal and external visibility—combining Wiz's deep cloud-native context with our continuous external discovery to help teams surface, prioritize, and respond to the risks that matter most."

Mutual customers receive the following benefits:

  • Risk Enrichment: CyCognito's integration directly maps to Wiz assets, additional issue findings, context, and risk-based prioritization to Wiz to provide customers with the attacker's perspective.

  • Unified Coverage Insights: CyCognito's external asset discovery complements Wiz's internal cloud visibility, helping joint customers identify previously unknown or unmanaged assets.

  • Multi-cloud Attacker's Perspective: CyCognito enhances Wiz's visibility into exposed web apps and risks across AWS, Microsoft Azure, and Google Cloud Platform.

  • Targeted DAST Based on Verified Exposure: Wiz identifies externally exposed API endpoints through static and dynamic network analysis and sends only those endpoints to CyCognito for DAST scanning.

The integration with Wiz supports a modern cloud security operating model, where security and cloud teams work together across the entire development lifecycle. Wiz's unified platform delivers code-to-cloud context to reduce the attack surface—using shared policies to stop risks earlier in the SDLC and ensure posture is enforced in production. With Wiz Defend, teams can also detect and respond to real-time threats in their cloud environments, enabling complete visibility and control across code, cloud, and runtime.

"We're excited to welcome CyCognito to the Wiz Integration Network," said Oron Noah, VP of Product, Extensibility & Partnerships at Wiz. "By combining CyCognito's continuous DAST and external asset discovery with Wiz's comprehensive code-to-cloud context and real-time threat detection, we're enabling our customers to proactively identify exposures, prioritize critical risks, and strengthen their cloud security posture across the entire development lifecycle."

To learn more about the CyCognito-Wiz integration at RSA, please visit booth #3110.

To see how this integration empowers cloud security teams with greater visibility and control, please visit the dedicated blog page.