Wiz Unified Security is a cloud-native application protection platform that provides security coverage across code repositories, CI/CD pipelines, and cloud runtime environments. The platform offers code-to-cloud mapping capabilities that trace security risks in cloud environments back to their source code origin. The product scans for vulnerabilities in software dependencies through Software Composition Analysis (SCA) and generates Software Bill of Materials (SBOM). It performs Infrastructure as Code (IaC) scanning with over 1,000 rules for Terraform, CloudFormation, Azure Resource Manager, Kubernetes, and Docker configurations. The platform detects hardcoded secrets in code, IaC templates, and container images. Wiz includes Data Security Posture Management (DSPM) capabilities that identify and classify sensitive data such as PHI and PII within codebases. It performs malware scanning to detect threats before they reach CI runners and cloud environments. The platform assesses CI/CD security posture by checking for misconfigurations in version control systems and CI/CD tools against standards including OpenSSF Best Practices, OWASP TOP10 CI/CD Risks, and CIS benchmarks for GitHub and GitLab. The platform integrates with developer workflows through IDE plugins and pull request integrations, providing fix suggestions directly within source code. It uses runtime context from cloud sensors to prioritize vulnerabilities based on reachability and actual risk exposure.