On March 19, 2026, Google Cloud finalized the $32 billion acquisition of Wiz, the fastest-growing software company in history. This milestone marks the end of the "Agent Era" in cloud security and the beginning of a unified, AI-driven defense paradigm. By integrating Wiz's revolutionary Security Graph with Google's planetary-scale infrastructure, the combined entity is set to redefine how enterprises protect their multi-cloud workloads.
Wiz's primary technical advantage has always been its agentless scanning technology. Traditional security tools require installing an agent (a piece of software) on every virtual machine (VM) or container. This is a management nightmare and introduces performance overhead. Wiz solved this by utilizing cloud-native snapshots via API.
The system connects to the cloud environment (AWS, Azure, GCP, or OCI) and takes out-of-band snapshots of the storage volumes. It then scans these snapshots for vulnerabilities, malware, and misconfigurations without ever touching the running workload. This ensures 100% coverage from day one, with zero impact on application performance.
With the acquisition closed, Google is integrating this agentless engine directly into the Google Cloud Fabric. This means that every new project created on Google Cloud will be automatically "Wiz-protected" at the hypervisor level, providing immediate visibility into the security posture without a single line of configuration from the developer.
The centerpiece of the integration is the transformation of Google Cloud Security Command Center into SCC+. This new platform is built on top of the Wiz Security Graph. The Graph doesn't just list vulnerabilities; it maps the relationships between assets, identities, and network paths.
For example, a high-severity vulnerability in a database is just a "finding" in a list. But the Wiz Graph can show that this database is connected to an internet-facing web server and has an overly permissive IAM role. This creates a Critical Attack Path. SCC+ will prioritize these paths over thousands of isolated vulnerabilities, allowing security teams to focus on the 1% of risks that actually matter.
Technical benchmarks from early integration pilots show that SCC+ reduces the number of "actionable" alerts by 85% while increasing the detection of complex multi-step breaches by 40%.
Performance and capability improvements following the integration of Wiz into Google Cloud.
The most forward-looking part of this acquisition is the fusion of Wiz's data with Google's Security AI Workbench. Google's Gemini models are being trained on the Wiz Security Graph to provide "Predictive Threat Modeling."
Instead of waiting for a breach, a security architect can ask Gemini: "What are the most likely attack paths if we deploy this new Kubernetes cluster in the US-East region?" Gemini will analyze the proposed configuration against the existing Security Graph and generate a risk report with specific terraform-based remediation steps. This Security-as-Code approach is expected to reduce the time spent on manual audits by 70%.
Map Multi-Cloud Identities: Ensure that your AWS and Azure IAM roles are properly federated with Google Cloud to allow SCC+ to build a complete cross-cloud Security Graph.
Deprecate Legacy Agents: Begin a phased retirement of resource-intensive security agents in favor of the SCC+ agentless scanning engine to improve VM performance by 5-10%.
Adopt Remediation-as-Code: Integrate the SCC+ API into your CI/CD pipelines to automatically block deployments that create new critical attack paths.
Google's $32 billion bet on Wiz is a bet on the end of fragmented security tools. By bringing CNAPP, CSPM, and CWPP under one roof and powering it with planetary-scale AI, Google has created the first true "Cloud Operating System for Security." For enterprises, the message is clear: the barrier between cloud infrastructure and cloud security has permanently dissolved.
Existing Google Cloud customers can expect an automatic opt-in to SCC+ Free Tier starting in April, with the full enterprise suite rolling out throughout Q2 2026.
For more on the infrastructure supporting these high-scale security workloads, check out our report on Google's $20 Billion AI Infrastructure Bond.
Join 50,000+ engineers getting daily deep dives into AI, Security, and Architecture.