Previews 'Red Agent' to scan AI code, Databricks, multi-cloud and edge workloads

Wiz said on April 22 that its Red Agent is now in public preview, adding an AI-powered attacker to a broader push into AI code, Databricks, and edge security. (wiz.io 1) (wiz.io 2) The Red Agent is designed to probe web applications and application programming interfaces, or APIs, for logic flaws that signature-based scanners usually miss. Wiz said it adapts in real time to application behavior and validates whether a risk is actually exploitable. (wiz.io) Wiz announced the agent framework at RSA Conference 2026 on March 23, alongside Blue Agent for investigations and Green Agent for remediation. The company said all three are grounded in its Security Graph, which links code, cloud, runtime, identity, and data context. (wiz.io) (cloud.google.com) The Databricks expansion, published April 20, brings workspaces, clusters, users, service principals, tables, and volumes into that graph. Wiz said the integration uses Unity Catalog metadata to map who can access data and how that exposure connects to broader cloud roles. (wiz.io) That matters because AI systems are no longer just models. They sit on data platforms, custom code, external APIs, and edge services, and a weakness in any one layer can become an attack path across the stack. (wiz.io 1) (wiz.io 2) Wiz is framing the problem as a speed mismatch. In its March 23 launch post, the company said teams are shipping AI-generated apps and custom APIs faster than security reviews can keep up, while attackers use reasoning to hunt for flaws in custom logic. (wiz.io 1) (wiz.io 2) The company said early design partners found critical vulnerabilities that had survived manual research, penetration tests, and bug bounty programs. One quoted customer, Vend Head of Product Security Emil Vaagland, said the tool caught authorization flaws across services. (wiz.io) Google Cloud’s RSA post also cast Wiz as part of a multicloud security push after Google completed its acquisition of the company in March 2026. Google said Wiz would help build an “AI-ready cybersecurity platform” across cloud service providers, not just Google Cloud. (cloud.google.com) The thread running through all of it is that Wiz is trying to move from showing exposure to proving it. Red Agent tests whether an attacker could chain weaknesses together, while Blue and Green are meant to investigate and fix what it finds. (wiz.io) (wiz.io)