Wiz
View vulnerabilities of your cloud resources
Summary - Creating a Wiz Credential
Hit Save. The credentials will be checked and a discovery job will start. Done!
Wiz is a cloud-native vulnerability management platform that helps you secure your cloud workloads without deploying agents or configuring external scans. It uses a single cloud-native API connector to continuously assess your VMs, serverless functions, containers, and more, across multiple cloud providers like AWS, GCP, and Azure.
Creating Service Account in Wiz
A Wiz Service Account is used to authenticate with Wiz.
Type
Create a Custom Integration (GraphQL API).
Scopes
The service account for configure8 requires at least this role:
read:vulnerabilities
Creating a Wiz Credential
To connect your Wiz Service Account to configure8, perform the following steps.
Get started by navigating to the Credentials page by clicking on the "Settings" icon on the menu bar. Then in the Credentials tab hit "+ Add Credential".
From the Add Credential pop-up, select Wiz from the list of available providers.
Next, enter the information required for your credential:
Name: a recognizable alias for the new credential.
Client ID: this is the client ID obtained within Wiz after creating a service account
Client Secret: this is the client secret obtained within Wiz after creating a service account
Region: this is obtained via the user profile in Wiz and should be the region section of the url, like
https://api.us1.app.wiz.iowhereus1is the region. If your URL does not contain the region, you can look for the "tenant datacenter" info.
Select Save to create your Wiz credential in configure8. The configure8 app will automatically validate the credentials to make sure they work. If they do not, the credentials will not be saved and you will be prompted to fix them.
How it works
Vulnerabilities menu
All vulnerabilities will be grouped under the Vulnerabilities tab in your catalog. configure8 automatically maps vulnerabilities pulled from Wiz or AWS Security Hub to cloud resources. You can also push custom vulnerabilities from any source through configure8 public API. Those cloud resources are related to Services, and with this we can provide vulnerabilities view from multiple perspectives.
In the vulnerabilities menu and can explore and manage the vulnerabilities:
Sorting by any column.
Filtering by any field.
Group by resources.
Manually add new vulnerabilities in + Add New Entity.
Delete vulnerabilities individually or in bulk by selecting multiple.
Resources menu
You can use the resources table to "filter" and "Group by" for Vulnerabilities related to the discovered resources.
Inside any resources you can also see a Vulnerabilities tab. If the resource have related vulnerabilities we will show it here.
Scorecards
You can Scorecard your services against Wiz vulnerabilities by using the Custom Data Check for Scorecards.
Selecting "Custom calculated property" you can specify in JSON format the data from vulnerabilities you want to check.
Here's a sample on how to count all CRITICAL severity vulnerabilities.
Then you just need to define what's the threshold you want to compare to. For instance the full config for having 0 Critical vulnerabilities below:
Extending Vulnerabilities Schema
If you want to add more fields or different relations (for instance to services or repositories) to the Base Vulnerability schema you can extend it.
To do that go Settings -> Schema -> Add Schema and select the vulnerability. This schema will inheritt the base data already existing on our system Vulnerability schema.
For instance:
Form JSON Schema
Data Model JSON
This will create a new item in the catalog menu for that type of vulnerability, and the new fields will be received when creating and shown on the table as configured above:
Last updated
