When Google completed its $32 billion acquisition of Wiz earlier this month — the largest acquisition of a private, venture-backed U.S. company ever — the obvious question was: what does Wiz look like inside Google Cloud?
At RSAC 2026, we got the first answer: AI-APP, the AI Application Protection Platform. It’s Wiz’s vision of what cloud-native application protection (CNAPP) becomes when AI agents are the applications being protected.
From CNAPP to AI-APP
Wiz built its reputation on CNAPP — providing unified visibility across cloud workloads, identities, and vulnerabilities. AI-APP is positioned as the “natural evolution” of that platform for the agentic era.
The shift reflects a fundamental change in what needs protecting:
Before (CNAPP): Secure containers, VMs, serverless functions, and the identities that access them. The applications are deterministic — they do what their code says.
After (AI-APP): Secure AI models, agents, data pipelines, and the tools agents invoke. The applications are non-deterministic — they adapt, chain actions, and make decisions that weren’t explicitly programmed.
AI-APP ties together three layers:
Visibility & Risk Analysis
Graph-powered discovery of AI assets across cloud environments — models, agents, training data, MCP servers, tool registries. Security teams can see their full AI attack surface, not just traditional cloud resources.
Runtime Protection
Real-time monitoring and defense for AI systems as they operate. This includes detecting prompt injections, data exfiltration attempts, tool poisoning, and unauthorized agent actions.
Red, Blue, and Green Agents
The most interesting architectural choice: Wiz deploys its own AI agents for security:
- Red agents — adversarial testing, probing AI systems for vulnerabilities
- Blue agents — defensive monitoring, detecting and responding to attacks
- Green agents — posture management, ensuring AI deployments meet security baselines
Using AI agents to defend against AI agent threats is the recursive security play that several RSAC vendors are making — but Wiz has the advantage of Google Cloud’s infrastructure behind it.
The Google Cloud Integration
Post-acquisition, Wiz’s AI-APP integrates with Google Cloud’s broader security ecosystem:
- Google Security Operations — agentic automation for SOC workflows (Triage & Investigation agent in preview)
- Model Armor — extended to cover agentic risks including prompt injection and tool poisoning, with MCP server support GA in April
- Security Command Center — Vertex AI Agent Engine integration for detecting threats to agentic systems
- Dark web intelligence agents — Gemini-powered, 98% accuracy for credential and threat monitoring
The combined offering means enterprises on Google Cloud get AI security from code to cloud to SOC — all under one vendor umbrella.
Multi-Cloud Reality
Despite the Google acquisition, Wiz continues to support AWS, Azure, Oracle Cloud, and other providers. This is critical — enterprises don’t run AI workloads on a single cloud, and an AI security platform that only works on GCP would be a non-starter for most customers.
The multi-cloud story is what made Wiz a $32 billion acquisition target. Losing it would undermine the entire value proposition.
RSAC 2026 Context
Wiz AI-APP enters a crowded field at RSAC. Here’s how the cloud-native AI security players compare:
| Vendor | Platform | AI-Native? |
|---|---|---|
| Wiz (Google) | AI-APP (CNAPP evolution) | Yes — red/blue/green agents |
| Orca Security | Threat Investigation + AppSec Triage agents | Yes — autonomous investigation |
| CrowdStrike | Falcon Cloud Security + Application Explorer | Hybrid — AI-enhanced traditional |
| SentinelOne | AI-SPM + DSPM + CWPP | Hybrid — Purple AI overlay |
| Cisco | AI Defense Explorer + Agent Runtime SDK | Yes — multi-cloud runtime |
Wiz’s advantage is the graph-powered approach — understanding relationships between AI assets, identities, data, and tools in a way that reveals risks individual scanners miss.
What OpenClaw Users Should Know
If you’re running OpenClaw agents on cloud infrastructure — which most production deployments are — your AI workloads are part of the attack surface that platforms like AI-APP are designed to protect.
The specific risks AI-APP targets are directly relevant:
- Shadow AI discovery — finding OpenClaw instances, MCP servers, and agent tools deployed across cloud accounts
- Tool poisoning detection — monitoring for compromised skills or MCP servers (recall the ClawHavoc campaign: 800+ malicious skills on ClawHub)
- Data exfiltration monitoring — detecting when agents access or export data beyond their intended scope
- Agent identity governance — tracking which agents have access to which cloud resources
As OpenClaw deployments scale from personal assistants to enterprise-grade agent fleets, cloud-native AI security becomes a requirement, not an option.
The Takeaway
Google paid $32 billion for Wiz. AI-APP is the first major product launch showing what that investment buys: cloud-native security purpose-built for AI applications and autonomous agents, integrated with Google Cloud’s security stack, but available across all major cloud providers.
The CNAPP-to-AI-APP evolution is the market signal: cloud security vendors are retooling their entire platforms for the agentic era. Wiz is first to market with a comprehensive story. Whether they can maintain that lead inside Google — without losing the multi-cloud independence that made them valuable — is the strategic tension to watch.