Wiz
About
Wiz provides direct visibility, risk prioritization, and remediation guidance for development teams to address risks in their own infrastructure and applications
Available Integrations
| Product(s) | Supported Asset Type(s) | Integration Type |
|---|---|---|
| Wiz | Devices | Source |
Why You Should Integrate
Integrating with Wiz allows inspection of coverage in relation to the Sevco asset inventory.
How Does the Integration Work
This integration pulls all cloud resources that have type=VIRTUAL_MACHINE in Wiz.
This data is only used internally; we do not share it with any parties outside of Sevco. Refer to our privacy policy for details.
Please review the configuration instructions in the section below before setting up permissions for apps.
Configuration
-
Choose a Schema: A schema is a configuration template that defines a specific way to connect, authenticate, and interact with a source. The following are the available schemas:
- Wiz API Key (Cognito): Uses API Key that utilizes Wiz's Amazon Congnito to connect and pull devices from Wiz.
-
Configure plugin: Configure the plugin with the required fields.
Wiz API Key (Cognito)
| Field | Description | Example |
|---|---|---|
URL* | The Wiz GraphQL API has a single endpoint: https://api.<region>.app.wiz.io/graphql, where <region> is the AWS region your tenant resides in (e.g., us1, us2, eu1, or eu2). The specific URL is found in your user profile. | https://api.us1.app.wiz.io/graphql |
| Skip TLS Certification Validation | Skip certificates validation when using a certificate that is self-signed or unable to be validated through a proper certificate authority. | |
Client ID* | Your application's Client ID | 1234567890abcdefghijklmnopqrstuvwxyz0987654321zyxvut |
Client Secret* | Your application's Client Secret | *********************** |
- Add an Integration: Select the integration(s) you'd like to add.
- Collect devices
- Configure General Information: OPTIONAL: You can use the following fields to provide additional information about your configuration.
| Field | Description | Example |
|---|---|---|
Name (optional) | Uniquely identifiable attribute of the configuration to delineate other similar configurations with the existing organization. | DMZ network |
Contact Person (optional) | A placeholder to input a name or email address of a contact associated with the integration. | Jane Doe |
Link to Console (optional) | A placeholder to input a link to the console of the product Sevco is integrating with for quick reference and access when configuring or editing the integration. | www.product.com/devices |
Email me about frequent errors | Select this toggle to receive an email whenever an Integration has a ≥30% error rate in a 24-hour period. | n/a |
- Activate Config: Select "Activate" to enable this configuration and begin pulling data.
External Documentation
Creating credentials
You'll be asked to provide source credentials in the form of a Client ID/Secret that Sevco will use to connect to Wiz. The client ID/Secret are associated with a service account that will be used and can be created by following the steps in Using the Wiz API - Authentication.
Note: To create a Service Account, you must be logged in as a Wiz user with Write (W) permission on service accounts. Project-scoped roles can create Service Accounts only on their own Projects.
Required Permissions
The following permissions are required for the Service Account:
- Resource - read:resources
API Documentation
Contact Us
If you're having problems configuring an Integration, or if you've found something wrong in this document, please email us at [email protected] or suggest edits directly by selecting the Suggest Edits link located in the upper right hand corner of the documentation.
Tags: cloud
Updated 11 days ago