Wiz MCP server
Investigate cloud issues, CSPM findings, and vulnerabilities across AWS, Azure, and GCP with the Wiz CNAPP.
About
Connect Tracecat to Wiz to investigate cloud risk from agents working alongside SOC and cloud security teams. You can list and triage Wiz issues across AWS, Azure, GCP, and Kubernetes, pulling evidence and remediation guidance the same way an analyst would in the Wiz Security Graph. From there, agents can resolve the related cloud resource, trace it back to the responsible IAM identity, and hand the enriched context to ticketing or remediation tools with full audit attribution.
Setup
- 1
Sign in with OAuth
You'll authorize Tracecat to access Wiz on your behalf. No API keys to manage.
- 2
Select the
Wiztile in the Tracecat MCP catalogOpen the
MCP catalogin your workspace, select theWiztile, and complete the OAuth flow. - 3
Enable
Wizin your agentIn your
ai.agentaction orAgents→toolstab, selectWizfrom theMCP integrationsdropdown.
Tools
list_issues | List Wiz issues across projects with severity, status, and resource filters. |
get_issue | Retrieve full details for a single Wiz issue, including evidence and remediation. |
update_issue | Update issue status, assignee, severity, or notes. |
list_vulnerabilities | List vulnerability findings across hosts, containers, and serverless workloads. |
list_cloud_resources | List cloud resources discovered by Wiz across AWS, Azure, GCP, and Kubernetes. |
get_cloud_resource | Retrieve full configuration and risk context for a cloud resource. |
list_configuration_findings | List CSPM configuration findings against Wiz rules and frameworks. |
graphql_query | Run an arbitrary Wiz GraphQL query for advanced investigations. |