Basically give it read access to your cloud account, and it will scan all of the resources to identify potential miss-configurations. Identifying CVE in software is one thing, but it's identifying incorrectly configured resources that would otherwise be secure can dramatically reduce the risk surface.
A lot of cloud providers already have little hints like "hey - did you mean to create this account in God mode?" or "It is recommended not to create this god mode json key file" - Wiz is taking this to the next level of detail
A lot of cloud providers already have little hints like "hey - did you mean to create this account in God mode?" or "It is recommended not to create this god mode json key file" - Wiz is taking this to the next level of detail