Google Cloud and Wiz Want AI Security to Start Before the First Commit

Google Cloud Next on April 22, 2026 delivered a useful signal for security teams trying to make sense of the AI tooling rush. Google and Wiz both framed the problem less as model safety in isolation and more as a code-to-cloud security challenge. Their updates focused on machine-speed triage, new agent identities, policy enforcement for agent traffic, and inventorying the AI components that are quietly entering enterprise environments through IDEs, agent studios, and cloud platforms.

Google's announcement is notable because it treats agents as first-class security subjects instead of clever assistants. The company introduced new security agents for hunting, detection engineering, and third-party context, but the more durable design signal is around governance. Agent Identity gives autonomous agents their own scoped identities, Agent Gateway is meant to inspect and enforce policy on agent-to-agent and agent-to-tool connections, and Model Armor is being integrated deeper into runtime paths to reduce prompt injection, tool poisoning, and data leakage risks. That is a concrete shift toward governing AI activity the same way defenders already govern users, service accounts, and sensitive application traffic.

Wiz pushed the same story from the application security side. Its April 22 and April 16 posts argue that AI-generated software is creating a visibility problem before code even reaches production. The company is extending AI-APP and Wiz Code to inventory frameworks, models, and IDE extensions through an AI-BOM, scan AI-generated code inline, and connect code findings to runtime exploitability and remediation flows. The practical implication is important: if developers and non-developers can both ship agentic software with natural-language tools, security teams need controls that start at code inception rather than after deployment.

That combination matters because AI risk increasingly comes from interactions across layers, not from any single model response. A prompt injection becomes more serious when an agent has broad tool access. A fast-moving prototype becomes a production issue when AI-generated code carries insecure defaults into public endpoints. Shadow AI becomes more than a policy violation when unapproved plugins, assistants, or frameworks can read internal data or create deployable artifacts outside normal review. The shared message from Google and Wiz is that defenders need continuous context across identities, prompts, code, infrastructure, and runtime behavior.

For HackWednesday readers, the immediate takeaway is operational. Inventory which AI coding tools, agent platforms, and model gateways are actually in use. Give agents distinct identities and tightly scoped permissions. Put inspection and policy controls in front of agent traffic, not just at login. Add security checks to AI-assisted coding flows before merge, and prioritize findings based on whether they are exploitable in runtime. The teams that handle AI adoption best over the next year are likely to be the ones that close the gap between developer speed and security context before shadow AI becomes their default software supply chain.