There are fewer than 10 pure-play companies in the history of cybersecurity that have reached $1 billion in revenue. Only 3 of them achieved this milestone in the last 15 years.

To say that cybersecurity is a difficult market for a company to be successful in is an understatement. Yet, Wiz is about to achieve one of the biggest tech sales success stories in the history of the industry.

After dodging a $23 billion acquisition, they are now moving aggressively toward an IPO. Is this the right time and place for you to join them?

The key takeaway

For tech sales: Wiz has an exceptional product, strong mindshare with its target audience, and a talented team of founders who are still leading the charge. However, it's also a pressure cooker environment with significant internal tensions, as new leaders attempt to transform the GTM org into a playbook-driven company. While success here is likely, it will come at a high personal cost.

For investors: The share price on the secondary market is up 22% year-to-date. The company has a clear path to $1 billion ARR over the next 12 months, with an IPO expected shortly thereafter. The product is dominating in its category, and another attempt at a high-profile acquisition is likely. While this is not financial advice, if Wiz isn't on your short-list, you should probably reconsider investing in the tech sector altogether.

So what does Wiz actually do?

This section will discuss some industry specific terms and I’ll use quotes from the exceptional deep dive by Francis on the company following multiple interviews. Since Wiz is not public, this is our closest source of detailed information about the company's structure, product roadmap, and vision in the space.

As Wiz wraps up its second phase, it can say it has a complete cloud security platform. One that integrates security across all phases, from software development to runtime, effectively closing the gaps that typically exist between different cloud and security teams. Although a big part of Wiz 2.0 is still early, requires further depth of capabilities and more importantly execution — despite this, it’s easy to understand how it has successfully hit a $500M ARR by implementing the following strategies:

Developer Workflow Security (Wiz Code): Wiz has built a platform that embeds security into the development phase, ensuring the security of code, dependencies, and configurations before they are deployed. This approach mitigates risks before applications reach production. 

Deployment and Cloud Posture (Wiz Cloud): Once applications are deployed, Wiz offers visibility into an organization’s multi-cloud environment, resources and workloads through agentless scanning, allowing security teams to monitor and understand the security posture across all asset

Runtime Security and Threat Detection (Wiz Defend): Through Wiz Defend, the platform extends security into runtime, enabling organizations to detect and respond to live threats and incidents within their cloud environments in real-time. 

Now this probably doesn't make much sense if you're not deeply familiar with cloud security concepts. Let's take a simpler look at why companies became such strong early adopters of Wiz:

Product

Underlying Architecture: Wiz pioneered using a graph database to solve the cloud visibility problem. Leveraging the graph, they significantly enhanced their cloud security techniques (around cloud attack path analysis, toxic combinations and enabling high-fidelity risk prioritization) over competitors at the time.

Front-end Simplistic UX: Wiz created an incredibly intuitive interface for developers to investigate cloud vulnerabilities. Its foundational source was the graph architecture that helped detect relevant underlying cloud issues (i.e. minimizing false positives). This made it easier for development teams to remediate problems quickly.

Relentless obsession with their customers: Wiz deeply understood their customers' pain points and adopted a unique approach to solving their problems. Unlike many companies that claimed to be customer-obsessed, Wiz truly listened and delivered. This insight came from their extensive experience leading core arms of Microsoft Cloud Security’s business and from countless in-depth conversations/discussions with hundreds of CISOs, within their network. The discussions gave them a deep understanding of the challenges cloud customers faced. An unwavering focus on understanding, listening, and solving customer problems sets them apart in the market.

Wiz approached cloud security from a position of deep expertise in the space, while also considering the perspective of practitioners in the field - who are not only security specialists but also developers and cloud engineers. For many of these practitioners, the primary concern isn't "am I getting targeted by a state actor exploiting a zero-day vulnerability," but rather "what did we misconfigure, and have we implemented things incorrectly?"

How The Graph Translated to a Top-Tier User Experience

A graph-based model allowed Wiz to:

Visualize Complex Relationships: Graphs provide a clear representation of how different cloud resources are connected. For example, they show how a database might be connected to an internet-facing virtual machine, or how a user account might have over-permissioned access to critical workloads. This level of visibility helps identify attack paths and misconfiguration.

Prioritize Risks Based on Context: One of Wiz’s key differentiators is its ability to prioritize security risks by analyzing the context of vulnerabilities. This context allows Wiz to analyze and prioritize risks based on various factors, including security, business impact, network, identity, data, and more. For instance, a vulnerability on an isolated virtual machine might not be critical if it’s not exposed to the internet or lacks sensitive data. However, if that machine has a misconfigured firewall or is connected to other critical resources, the risk becomes much higher, and Wiz flags it for more accurate risk prioritization.

Efficient Attack Path Analysis: Wiz's graph can trace potential attack paths quickly and highlight chain vulnerabilities. For example, an attacker might exploit a vulnerability in a less critical system to move laterally within the environment and access more valuable assets. Wiz’s graph model maps out these attack paths, helping security teams focus on the most significant risks. If a vulnerability is detected in an exposed database, the graph can immediately show which services, applications, or users are connected to that database. This provides teams with context about potential attack paths, helping prioritize critical issues over less impactful ones.

Contextual Remediation Workflows: With a graph, all assets, their configurations, and interdependencies are available at a glance, enabling targeted remediations prioritized by interconnected risk rather than isolated severity. Wiz's graph model fundamentally reshaped how cloud security teams and developers contextualize and remediate cloud security issues. It retains context on all resources and configurations, allowing Wiz to offer specific, step-by-step remediation recommendations tailored to each resource. By understanding complex relationships efficiently, querying relevant information becomes easier. Additionally, because graph databases maintain both direct and indirect relationships between resources, they enable targeted and highly specific remediation workflows.

Automated Dependency Tracking and Impact Analysis: Graph databases allow for automated tracking of dependencies between resources, configurations, permissions, and workloads. This enables security teams to quickly understand how changes in one part of the cloud may impact other parts.

While there were already existing incumbents trying to do the same thing, and numerous competitors later adopted a similar approach, Wiz earned significant mindshare and trust both for pioneering this strategy and designing their product with a strong focus on usability. This approach solved real problems for customers, with results that could be visualized within minutes during a demo.

The second big win was the agent-less approach:

Wiz addressed the most basic yet fundamental cloud security need— cloud visibility via agentless vulnerability scanning. While simple in concept, implementing this feature effectively posed significant challenges. Wiz managed to execute it exceptionally well, outperforming competitors at the time. Wiz prioritized visibility as the foundation, delivering a user experience that focused on providing fast, clear insights into cloud environments.

Wiz launched different scanners for a variety of vulnerabilities, but specifically they had a highly effective agentless scanner that helped teams identify vulnerabilities quickly, offering rapid time-to-value and deployment for even the largest enterprises. By leveraging its graph-based architecture, Wiz built a more advanced agentless visibility solution, enabling software development teams to easily visualize threats across their networks (internet-facing versus non-internet-facing risks).

Wiz’s success stems from meeting market demands at precisely the right moment. In the early days, cloud visibility was a slow-emerging problem for security teams, as they attempted to migrate their on-premises tools to the cloud. Between 2020 and 2021, as companies rapidly moved to the cloud and faced attacks like Log4J and the Capital One breach, Wiz’s solution proved pivotal.It offered a non-intrusive way to gain visibility with agentless scanning, which was critical, with security teams beginning to realize the scope of cloud security challenges.

As the market evolved, security teams began recognizing the limitations of a purely agentless approach, such as the lack of code context and runtime defense. Rather than sit on their laurels and double down on its agentless approach, Wiz anticipated this shift and expanded its capabilities, introducing an agent (almost two years ago), GitHub integrations, and a Data Security Posture Management (DSPM) solution. Although some of these features may not be as advanced as those of competitors, Wiz’s focus remains on delivering an exceptional user experience, rolling out features precisely when customers need them.

The last piece of the technical puzzle is their proactive work on integrating threat intelligence into the platform, creating a product that appeals to both developers/cloud engineers looking for technical mistakes and security specialists who need to monitor threat actor activity.

Three key product capabilities set them apart from their competition:

Advanced Prioritization Engine: In the early days of Cloud Security Posture Management (CSPM), security teams were often overwhelmed by meaningless alerts that added little value. Wiz’s prioritization engine was an early attempt to correct this problem. While competitors typically scan individual assets in isolation, Wiz provides full context on how assets interact and the risks posed by those interactions. By using threat intelligence and context, Wiz ranks vulnerabilities, helping enterprises prioritize critical issues. Its low false positive rate—under 5%—ensures teams aren't overwhelmed by unnecessary alerts, giving it a competitive edge over competitors like CrowdStrike and Palo Alto, even though those providers now offer similar features.

Cloud Attack Path Analysis: Wiz's graph-based system naturally supports attack path analysis. It can prioritize risks by evaluating the context of vulnerabilities and trace potential attack paths quickly. It maps how an attacker might exploit a less critical vulnerability to move laterally across an environment and access more valuable assets. This context-driven analysis helps security teams focus on the most significant risks. While this feature has become somewhat commoditized, with many Cloud-Native Application Protection Platforms (CNAPPs) offering similar visualizations, Wiz remains ahead due to its early implementation and the flexibility of its graph search. 

Toxic Combinations: Wiz toxic combo represents a BIG capability within Wiz’ product. When I refer to toxic combinations, I mean the intersections of seemingly benign configurations, permissions, and resource interactions within a cloud environment that, when combined could result in a serious security vulnerability. These combinations can lead to unintended privilege escalations, resource exposures, or breaches that wouldn’t be evident if each component were assessed in isolation. In cloud security, toxic combinations are a hidden and critical risk factor, making it vital to identify and address them proactively. This feature is enhanced by their graph database, which allows Wiz’s platform to  contextualize risks by understanding how resources interact in real-time, thereby reducing misconfiguration alert counts by consolidating them into a single alert. 

All together, these outline their vision for CNAPP:

If we try to explain CNAPP (Cloud-Native Application Protection Platform) in a more straightforward manner:

1. Cloud Security Posture Management (CSPM) - Monitors cloud infrastructure configuration

2. Cloud Workload Protection Platform (CWPP) - Secures containers, serverless functions

3. Infrastructure as Code (IaC) scanning - Catches security issues pre-deployment

4. Application security - Protects cloud-native apps throughout their lifecycle

In theory, the right product should deliver significantly improved visibility, automated security, and reduced alert fatigue across multi-cloud environments. Based on Wiz's deep penetration across numerous complex accounts with significant cloud adoption, it's fair to say they've figured it out.

Where can I apply?

Calm down a bit, let’s try and take a realistic view at their GTM hiring strategy.

The first thing we need to address here is that the company currently has no CRO. Dali Rajic appear to be covering the role which has led to a lot of new hires from Zscaler within the sales organization. The majority of the leadership team is part of the “OGs” - i.e. the 4 founders plus the key initial hires that shaped the company in it’s first 2 years.

The success of the founders in the first few years was heavily driven by their deep involvement within the sales process. Let’s take a look into some key insights from the Sequoia deep dive into the company:

But to the team’s surprise, unexpected benefits started to emerge from that moment as well. They rented a cramped office space in central Tel Aviv—their own miniature tech-cum-COVID bubble—and started making calls. With a deep cybersecurity rolodex from years in the field, they started to line up meetings with security specialists and chief information security officers (CISOs) at companies of all sizes. “Because of the COVID shift to virtual platforms, meetings with potential clients or investors that would have once taken weeks to arrange could now be conducted within hours or days,” says Rappaport. “The circumstances paradoxically enabled us to move faster than ever.” 

When we talk about those early days, it's important to understand that the four founders didn't have a clear vision for their product or company. They weren't even seeking funding but were convinced by Doug Leone (a legendary VC known for prioritizing founders' character and grit) to take the money and build something different.

Many of the key ideas behind Wiz emerged during those weeks of constant feedback from CISOs and industry leaders.

The founders started hiring, getting even more of the old gang back together from Adallom and Microsoft to become their earliest “Wizards.” Like a reverse “Field of Dreams,” they were again less concerned with building a specific thing than with surrounding themselves with the right team with whom to build. Fortunately, their earliest hires felt similarly. “It was pretty hard for me to leave Microsoft, especially because their idea wasn’t 100 percent focused,” remembers Wiz’s VP of R&D, Osher Hazan, “but there was something magical that dragged me in. It was the founding team and the rest of the early developers. It was a belief that if the people are good, the rest will follow.” 

If there was ever an appropriate time to use the term "sweat equity," this was it.

Holy shit, how many favors am I gonna owe people by the time I’m done with Wiz?” Leone remembers thinking just a few months into 2021. Rappaport was relentless. “He would just constantly ask me for introductions to customers, constantly ask me to help him close deals in major accounts where I happen to know someone.” Not a week would go by without the one-time VC skeptic reaching out to Leone for some kind of sales-related support. “It was a pain in the ass,” Leone laughs, “but I do urge CEOs to do that.”

That doggedness didn’t stop with Rappaport. In their first year, largely still operating out of the small office space in Tel Aviv, the team would often work around the clock. They leveraged their time zone to their advantage, building Wiz’s product during Israeli working hours and making sales calls with potential customers in the U.S. at night. “In the beginning, we all felt like founders,” Shaked remembers. “We all felt responsible for the company. That was meaningful,” he says. When they worked late, it was with clear purpose, remembers Hazan. “We would have a big call with a customer that required multiple job functions, or we had a delivery to another client the next day. We were always focused on efficiency. If someone was asked to join a call, it was because they were really needed,” he says. 

The biggest challenge for Wiz as it scales is the mindset and talent shift from its Israeli roots to the US. This transition is a common challenge for international companies trying to become dominant in the US, typically followed by "dual headquarters" and the gradual hiring of key leadership locally.

Currently, this process is causing significant tension within the company:

The reviews universally praise the product and growth potential. However, the recent hiring surge of Zscaler alumni is clearly causing anxiety among existing sales representatives.

The decision to adopt a "playbook" company approach will define Wiz's future. While there are pros and cons to this strategy, it appears the founders are struggling to build upon Wiz's original culture and structure, and have thus brought in an outsider to build something they consider more reliable.

If the expectation is that a “playbook” org will suddenly bring in structure, at least right now that doesn’t appear to be the reality on the ground.

The day-to-day experience of joining Wiz today means sales reps will face exceptional pressure from day one and must carefully navigate the company's evolving internal politics.

On the other hand, they'll have a front-row seat to one of the most exceptional tech sales opportunities in the market right now (Wiz reached $350M ARR with fewer than 100 reps).

If you're willing to sacrifice the next five years of your life to get ahead - pursue Wiz at all costs. Don't be fooled by the cute marketing or friendly-looking founders - this likely won't be a "fun" experience.

But then again, things don't need to be "fun" to be immensely rewarding.