sevco.io

Wiz

About

Wiz provides direct visibility, risk prioritization, and remediation guidance for development teams to address risks in their own infrastructure and applications

Available Integrations

Product(s)Supported Asset Type(s)Integration Type
WizDevicesSource

Why You Should Integrate

Integrating with Wiz allows inspection of coverage in relation to the Sevco asset inventory.

How Does the Integration Work

This integration pulls all cloud resources that have type=VIRTUAL_MACHINE in Wiz.

This data is only used internally; we do not share it with any parties outside of Sevco. Refer to our privacy policy for details.

⚠️

Please review the configuration instructions in the section below before setting up permissions for apps.

Configuration

  1. Choose a Schema: A schema is a configuration template that defines a specific way to connect, authenticate, and interact with a source. The following are the available schemas:

    • Wiz API Key (Cognito): Uses API Key that utilizes Wiz's Amazon Congnito to connect and pull devices from Wiz.
  2. Configure plugin: Configure the plugin with the required fields.

Wiz API Key (Cognito)

FieldDescriptionExample
URL*The Wiz GraphQL API has a single endpoint: https://api.<region>.app.wiz.io/graphql, where <region> is the AWS region your tenant resides in (e.g., us1, us2, eu1, or eu2). The specific URL is found in your user profile.https://api.us1.app.wiz.io/graphql
Skip TLS Certification ValidationSkip certificates validation when using a certificate that is self-signed or unable to be validated through a proper certificate authority.
Client ID*Your application's Client ID1234567890abcdefghijklmnopqrstuvwxyz0987654321zyxvut
Client Secret*Your application's Client Secret***********************

  1. Add an Integration: Select the integration(s) you'd like to add.
    • Collect devices
  2. Configure General Information: OPTIONAL: You can use the following fields to provide additional information about your configuration.
FieldDescriptionExample
Name (optional)Uniquely identifiable attribute of the configuration to delineate other similar configurations with the existing organization.DMZ network
Contact Person (optional)A placeholder to input a name or email address of a contact associated with the integration.Jane Doe
Link to Console (optional)A placeholder to input a link to the console of the product Sevco is integrating with for quick reference and access when configuring or editing the integration.www.product.com/devices
Email me about frequent errorsSelect this toggle to receive an email whenever an Integration has a ≥30% error rate in a 24-hour period.n/a
  1. Activate Config: Select "Activate" to enable this configuration and begin pulling data.

External Documentation

Creating credentials

You'll be asked to provide source credentials in the form of a Client ID/Secret that Sevco will use to connect to Wiz. The client ID/Secret are associated with a service account that will be used and can be created by following the steps in Using the Wiz API - Authentication.

Note: To create a Service Account, you must be logged in as a Wiz user with Write (W) permission on service accounts. Project-scoped roles can create Service Accounts only on their own Projects.

Required Permissions

The following permissions are required for the Service Account:

  • Resource - read:resources

API Documentation

Wiz API Introduction

Contact Us

If you're having problems configuring an Integration, or if you've found something wrong in this document, please email us at [email protected] or suggest edits directly by selecting the Suggest Edits link located in the upper right hand corner of the documentation.

Tags: cloud