Full Report
Wiz now layers runtime signals into the Security Graph, exposing hidden attack paths to give security teams a complete picture of risk.
Analysis Summary
# Tool/Technique: Wiz Runtime Sensor & Security Graph Integration
## Overview
This technique involves the integration of real-time runtime signals (telemetry) with agentless cloud risk modeling. Its purpose is to uncover "hidden attack paths" that are only visible when code is executing, specifically by identifying live network connections between vulnerable internet-facing workloads and sensitive internal resources (e.g., databases, PII storage, or external MCP servers).
## Technical Details
- **Type**: Cloud Security Monitoring / Attack Path Analysis Tool
- **Platform**: Cloud Environments (AWS, Azure, GCP), Kubernetes (Pods/Containers), and Windows environments.
- **Capabilities**: agentless inventory, live DNS query capturing, network connection tracking, AI-powered remediation analysis, and toxic risk combination mapping.
- **First Seen**: June 25, 2026 (per article date)
## MITRE ATT&CK Mapping
- **[TA0007 - Discovery]**
- [T1046 - Network Service Discovery] (Observing live network connections to internal services)
- [T1613 - Container and Resource Discovery]
- **[TA0010 - Exfiltration]**
- [T1567 - Exfiltration Over Web Service] (Identifying connections to external MCP servers or storage)
- **[TA0008 - Lateral Movement]**
- [T1557 - Adversary-in-the-Middle] (Monitoring for unexpected network redirection)
## Functionality
### Core Capabilities
- **Live Signal Collection**: Captures runtime telemetry including DNS queries and active network connections (Container-to-Container, Container-to-Database).
- **Toxic Combination Mapping**: Correlates vulnerabilities (e.g., CVEs) and misconfigurations with actual live traffic to validate if an attack path is exploitable.
- **Security Graph Integration**: Layers runtime data onto a visual graph to show the relationship between internet exposure, compute identity, and sensitive data buckets (e.g., S3).
### Advanced Features
- **AI/MCP Blind Spot Monitoring**: Specifically identifies unauthorized connections from AI workloads and chatbots to remote Model Context Protocol (MCP) servers.
- **Agentless-Runtime Synergy**: Combines the breadth of agentless scanning with the depth of a lightweight "Runtime Sensor" for Windows and Linux.
- **Automated Prioritization**: Automatically upgrades a finding to "Critical" if a vulnerable workload is actively communicating with a sensitive data source.
## Indicators of Compromise
*Note: This tool is a defensive platform designed to find IOCs and attack paths.*
- **Behavioral Indicators**:
- Unintended DNS queries from internal containers to external domains.
- Vulnerable containers initiating connections to highly privileged secret vaults.
- AI agents communicating with unknown/external `mcp[.]server` addresses (defanged).
- Outbound traffic from production databases to unauthorized internet-facing workloads.
## Associated Threat Actors
- While not attributed to one group, this tool is designed to defend against adversaries who exploit **Cloud-Native Attack Paths** and **AI System Vulnerabilities** to exfiltrate data.
## Detection Methods
- **Behavioral detection**: Monitoring for "confirmed network connections" from workloads known to have high-severity CVEs.
- **Anomaly Detection**: Identifying DNS queries or network flows that deviate from established infrastructure-as-code (IaC) or security group policies.
- **Graph-based Analysis**: Identifying chains where an internet-exposed workload has an active path to a resource containing PII.
## Mitigation Strategies
- **Runtime Hardening**: Deploying sensors to gain visibility into executing code and network flows.
- **Micro-segmentation**: Using runtime data to validate and tighten security group rules and network policies.
- **Prioritized Patching**: Using the Security Graph to identify which vulnerable containers are "active" and "connected" to prioritize remediation.
- **AI Guardrails**: Restricting the ability of AI agents to query external MCP servers unless explicitly whitelisted.
## Related Tools/Techniques
- **Agentless Cloud Workload Protection (CWPP)**
- **Cloud Infrastructure Entitlement Management (CIEM)**
- **DSPM (Data Security Posture Management)**
- **eBPF-based monitoring** (common underlying technology for lightweight runtime sensors)