Full Report
Secure Microsoft 365 and the cloud it powers — one platform, one graph, complete context.
Analysis Summary
# Industry News: Wiz Extends Security Graph to Microsoft 365 for Unified Cloud-SaaS Visibility
## Summary
Wiz has launched "Wiz for Microsoft 365" in public preview, extending its agentless, graph-based security platform to cover M365 environments (OneDrive, SharePoint, Exchange Online). This move aims to unify visibility by integrating SaaS posture, data security (DSPM), and access control findings into the existing Wiz Security Graph, revealing cross-platform attack paths between M365 and other cloud resources.
## Key Details
- Date: November 4, 2025
- Companies Involved: Wiz
- Category: Product Launch (Feature Extension)
## The Story
Wiz is expanding its core platform to encompass Microsoft 365 workloads, treating them as integral components of the broader cloud attack surface. The new capability provides three key areas of coverage: Configuration and Posture Management (CSPM) against benchmarks like CIS, Data Security Posture Management (DSPM) using AI-driven classification for sensitive data discovery (including Purview label integration), and Access/Exposure analysis for external sharing and risky accounts. The central innovation is embedding these M365 risks into the Wiz Security Graph, allowing security teams to visualize unified attack paths that span M365 data/identities and underlying cloud infrastructure (Azure workloads, etc.).
## Business Impact
### For the Companies Involved
- **Wiz:** This launch deepens their "single platform" value proposition, transforming them from a pure Infrastructure-as-Code/Cloud Security Posture Management (CSPM) tool into a comprehensive risk management platform covering SaaS collaboration suites. It significantly increases the total addressable market (TAM) by integrating the security needs of the ubiquitous M365 ecosystem.
### For Competitors
- **Cloud Security Posture Management (CSPM) Vendors:** Competitors focused solely on infrastructure or native SaaS security tools face increased pressure to match this unified context. The ability to link a SharePoint risk directly to an Azure workload via a single graph is a compelling differentiation point.
- **Microsoft-Native Security Tools (e.g., Microsoft Defender for Cloud Apps, Purview):** Wiz is directly challenging the necessity of stitching together multiple point solutions by offering better contextualization and visualization across the entire environment, including non-M365 clouds.
### For Customers
- **Enterprises heavily invested in M365 and Cloud:** Customers gain unprecedented context, enabling them to prioritize vulnerabilities based on the actual attack path connecting a collaboration tool vulnerability (e.g., externally shared sensitive data) to a tangible infrastructure risk (e.g., a connected cloud workload). This simplifies investigation and reduces alert fatigue.
### For the Market
- This reinforces the industry trend toward **Context-Driven Security** and **Consolidated Security Platforms**. The market is clearly signaling a preference for tools that connect previously siloed data points (SaaS configuration, data location, infrastructure posture) rather than managing them separately.
## Technical Implications
The core technical innovation is the **enrichment of the Wiz Security Graph** with M365 entity relationships, data classifications, and access controls. This graph-based context allows for advanced attack path analysis that spans beyond traditional infrastructure boundaries (IaaS/PaaS) into the SaaS layer (M365). The use of AI classification for DSPM suggests leveraging previous investments in data security discovery technology within the new scope.
## Strategic Analysis
- **Market Positioning:** Wiz clearly positions itself as the leading **"Full-Stack Cloud Security Platform,"** evolving beyond CNAPP territory to encompass critical SaaS layers like M365. This is a strategic move to capture budget share traditionally allocated to multiple SaaS security vendors.
- **Competitive Advantage:** The primary advantage is the **contextual linkage**. Competitors often address M365 security or cloud security, but Wiz claims the ability to show the *path* between them, which drives superior prioritization for security teams.
- **Challenges:** Integration depth and ongoing synchronization with the rapidly evolving M365 API landscape will be critical. Successful adoption will depend on the immediacy and accuracy of risk propagation from M365 findings into the existing graph structure.
## Industry Reactions
- **Analyst Opinions:** Analysts are likely to view this as a necessary evolution for platform security vendors. Gartner and Forrester have long emphasized the dangers of interconnected risk across organizational silos, which Wiz is directly addressing.
- **Market Response:** Expect continued customer inquiry regarding specific integration points, particularly around handling multi-tenant environments and ensuring full parity with native M365 reporting capabilities while providing superior correlation.
## Future Outlook
- **Predictions and Expectations:** Wiz is expected to continue integrating other major enterprise SaaS platforms (e.g., Salesforce, ServiceNow) into the Security Graph, solidifying its role as the central nervous system for cloud and SaaS risk management.
- **What to watch for:** The general availability (GA) release date and customer feedback on the robustness of the cross-platform attack path visualization will be key indicators of success.
## For Security Professionals
This update means security teams may finally be able to treat M365 security findings with the same rigor and prioritization as infrastructural vulnerabilities. Instead of addressing MFA rotation on a cloud identity separately from an overly permissive SharePoint setting, professionals can now see the combined risk and target the remediation that breaks the longest/most critical attack chain across the entire environment.