Veracode Joins the Wiz Integration Network (WIN) to Eliminate Application-to-Cloud Security Blind Spots

BURLINGTON, Mass.--(BUSINESS WIRE)--Veracode, a global leader in application risk management, today announced a partnership with leading cloud security provider, Wiz, joining the Wiz Integration (WIN) platform. The alliance enhances WIN by bringing the power of Veracode Risk Manager (VRM) to the partner ecosystem, enabling customers to seamlessly integrate Wiz and Veracode solutions into their existing workflows.

Security teams are overwhelmed—not by a lack of data, but by too much of it, spread across too many disconnected tools. By integrating Wiz’s deep cloud security findings into Veracode Risk Manager we’re giving a clearer, faster, prioritized view of risk.

Share

The sheer volume and variety of vulnerability data can put pressure on even the most mature organizations. Veracode Risk Manager is an Application Security Posture Management (ASPM) solution designed to address this challenge by unifying risk from code to cloud, and automating prioritization and remediation to help security teams resolve critical flaws faster. With VRM connectors—connectors to third-party findings and asset sources—security teams get a consolidated view of risk across the entire software development lifecycle. These connectors ingest Veracode’s static, dynamic, and software composition analysis findings alongside issues uncovered by third-party tools, like Wiz, to help security teams trace root causes, prioritize risk, and remediate accordingly.

“Security teams are overwhelmed—not by a lack of data, but by too much of it, spread across too many disconnected tools,” said Derek Maki, Head of Product at Veracode. “By integrating Wiz’s deep cloud security findings directly into Veracode Risk Manager and correlating with Veracode application security testing detections, we’re giving security teams a clearer, faster, and prioritized view of risk so they can take immediate action.”

WIN enables Wiz and Veracode to share prioritized security findings with context, including inventory, vulnerabilities, issues, and configuration findings. Mutual customers receive the following benefits:

• Smarter, more accurate risk prioritization: Wiz’s findings feed directly into Veracode Risk Manager, enhancing its scoring model and enabling more accurate prioritization of security issues based on real-time, contextual risk data.
• Less noise, less burnout: By aggregating all risk data and applying the right context and prioritization, the integration helps security teams focus on the most critical issues, reducing alert fatigue and improving operational efficiency.
• Certified, reliable integration: A rigorous certification process ensures the connector between Wiz and VRM is reliable, consistent, and jointly supported. Customers can trust that data flows correctly and that both teams are equipped to troubleshoot any issues that arise.

The combined value of these two offerings will streamline security for organizations that are on a cloud journey, regardless of where they may be on that journey.

“By bringing Veracode into the WIN ecosystem, we’re expanding the power of cloud-native context to help organizations connect the dots between application and cloud risk,” says Oron Noah, Vice President of Product Extensibility & Partnerships at Wiz.

WIN enables a cloud security operating model through which security and cloud teams work collaboratively to understand and control risks across their Continuous integration/Continuous Delivery (CI/CD) pipeline. Through the partnership, Wiz and Veracode are setting the industry standard in integrated solution strategy to optimize operational efficiency.

Current Veracode Risk Manager customers can enable the Wiz connector today through the Wiz Integrations Page. For a personalized demo of how this integration can transform an organization’s application security program, visit https://www.veracode.com/get-your-personalised-veracode-solution-demo/.

About Veracode

Veracode is a global leader in Application Risk Management for the AI era. Powered by trillions of lines of code scans and a proprietary AI-assisted remediation engine, the Veracode platform is trusted by organizations worldwide to build and maintain secure software from code creation to cloud deployment. Thousands of the world’s leading development and security teams use Veracode every second of every day to get accurate, actionable visibility of exploitable risk, achieve real-time vulnerability remediation, and reduce their security debt at scale. Veracode is a multi-award-winning company offering capabilities to secure the entire software development life cycle, including Veracode Fix, Static Analysis, Dynamic Analysis, Software Composition Analysis, Container Security, Application Security Posture Management, Malicious Package Detection, and Penetration Testing.

Learn more at www.veracode.com, on the Veracode blog, and on LinkedIn and X.

Copyright © 2025 Veracode, Inc. All rights reserved. Veracode is a registered trademark of Veracode, Inc. in the United States and may be registered in certain other jurisdictions. All other product names, brands, or logos belong to their respective holders. All other trademarks cited herein are property of their respective owners.