Wiz
Overview
Visualize and monitor the cloud security posture across various platforms like AWS, Azure, and GCP. Track vulnerabilities, misconfigurations, and compliance status in real-time. Assess security risks, manage vulnerabilities, and ensure compliance with security policies and standards. Provide insights into cloud security threats and offer actionable recommendations to mitigate risks and enhance overall security across cloud environments.
Configurations
| Configuration | Description |
|---|---|
| Blueprint Account Name | A human-readable name for your account that will be used to identify this account across the application. |
| Graph QL URL | The URL endpoint for Wiz's GraphQL API. This is where the API requests will be directed. |
| Auth Endpoint | The URL endpoint for obtaining the OAuth2 access token needed to authenticate with Wiz's API. |
| Client ID | The client ID provided by Wiz for API authentication. This is provided by Wiz when you set up the application. |
| Client Secret | The client secret associated with the client ID, used for API authentication. |
| Grant Type | The OAuth2 grant type used for authentication (e.g., client_credentials). This is typically provided by Wiz during setup. |
| Audience | The audience for the OAuth2 token. This is usually the URL of the Wiz API. |
| Data Crawl Frequency | The frequency at which Kscope will crawl Wiz for updated data. |
Permissions
Project
read:projectsread:all
User
read:allread:users
Technology
read:allread:inventory
Kubernetes
read:allread:kubernetes_clusters
Issue
read:allread:issues
Service Account
read:all
Container Image
read:allread:resources
Container Repository
read:allread:resources
Container Registry
read:allread:resources
Threat
read:allread:threats
Lateral Movement
read:allread:resources
Repository
read:allread:resources
Resource Tag
read:allread:resources
Version Control Resource
read:allread:resources
Vulnerability Findings
read:allread:resources
Controls
read:allread:controls
Deployments
read:allread:deployments
Cloud Accounts
read:allread:cloud_accounts
Vulnerability
read:allread:vulnerabilities
For further details on Wiz permissions, please refer to: Wiz Permissions Documentation
Schema Model
| Resources | Source Entity | Normalized Entity | Description |
|---|---|---|---|
| Wiz Project | wiz.project | Project | Represents a project in the Wiz platform. |
| Wiz Project WizProject | wiz.project.WizProject | WizProject | Detailed information about a specific project. |
| Wiz Project Node | wiz.project.Node | Node | A node associated with a project in Wiz. |
| Wiz Project IssueAnalytics | wiz.project.IssueAnalytics | IssueAnalytics | Analytics related to issues in the project. |
| Wiz Project RiskProfile | wiz.project.RiskProfile | RiskProfile | The risk profile related to business impact in the project. |
| Wiz User | wiz.user | User | Represents a user in the Wiz platform. |
| Wiz User WizUser | wiz.user.WizUser | WizUser | Detailed information about a specific user. |
| Wiz User Node | wiz.user.Node | Node | A node associated with a user in Wiz. |
| Wiz User AssignedProject | wiz.user.AssignedProject | AssignedProject | A project assigned to a user in Wiz. |
| Wiz User Role | wiz.user.Role | Role | Role assigned to a user in Wiz. |
| Wiz Technology | wiz.technology | Technology | Represents a technology entity in Wiz. |
| Wiz Technology WizTechnology | wiz.technology.WizTechnology | WizTechnology | Detailed information about a specific technology. |
| Wiz Technology Property | wiz.technology.Property | Property | A property associated with a technology in Wiz. |
| Wiz Technology Node | wiz.technology.Node | Node | A node related to technology in Wiz. |
| Wiz Technology Category | wiz.technology.Category | Category | Category of technology in Wiz. |
| Wiz Technology PropertySection | wiz.technology.PropertySection | PropertySection | Section of properties related to a technology in Wiz. |
| Wiz Kubernetes CloudAccount | wiz.kubernetes.CloudAccount | CloudAccount | A cloud account associated with Kubernetes in Wiz. |
| Wiz Kubernetes Cluster | wiz.kubernetes.Cluster | Cluster | Kubernetes cluster in Wiz. |
| Wiz Kubernetes Connector | wiz.kubernetes.Connector | Connector | Connector associated with Kubernetes in Wiz. |
| Wiz Kubernetes Project | wiz.kubernetes.Project | Project | A project in the Kubernetes environment in Wiz. |
| Wiz Kubernetes WizKubernetes | wiz.kubernetes.WizKubernetes | WizKubernetes | General Kubernetes entity in Wiz. |
| Wiz ServiceAccount Integration | wiz.serviceaccount.Integration | Integration | Integration related to a service account in Wiz. |
| Wiz ServiceAccount Project | wiz.serviceaccount.Project | Project | A project associated with a service account in Wiz. |
| Wiz ServiceAccount ServiceAccount | wiz.serviceaccount.ServiceAccount | ServiceAccount | A service account entity in Wiz. |
| Wiz ServiceAccount TypeConfiguration | wiz.serviceaccount.TypeConfiguration | TypeConfiguration | Configuration type for a service account in Wiz. |
| Wiz ServiceAccount WizServiceAccount | wiz.serviceaccount.WizServiceAccount | WizServiceAccount | Service account information in Wiz. |
| Wiz ContainerImage Analytics | wiz.containerimage.Analytics | Analytics | Analytics for container images in Wiz. |
| Wiz ContainerImage ContainerImage | wiz.containerimage.ContainerImage | ContainerImage | A container image entity in Wiz. |
| Wiz ContainerImage ContainerImageLayer | wiz.containerimage.ContainerImageLayer | ContainerImageLayer | Layer of a container image in Wiz. |
| Wiz ContainerImage Counts | wiz.containerimage.Counts | Counts | Count data related to container images in Wiz. |
| Wiz ContainerImage From | wiz.containerimage.From | From | Source from which a container image is derived in Wiz. |
| Wiz ContainerImage Layer | wiz.containerimage.Layer | Layer | A specific layer within a container image in Wiz. |
| Wiz ContainerImage Repository | wiz.containerimage.Repository | Repository | A container image repository in Wiz. |
| Wiz ContainerImage Vulnerabilities | wiz.containerimage.Vulnerabilities | Vulnerabilities | Vulnerabilities associated with container images in Wiz. |
| Wiz ContainerImage WizContainerImage | wiz.containerimage.WizContainerImage | WizContainerImage | General container image entity in Wiz. |
| Wiz ContainerRegistry ContainerRegistry | wiz.containerregistry.ContainerRegistry | ContainerRegistry | A container registry entity in Wiz. |
| Wiz ContainerRegistry CloudAccount | wiz.containerregistry.CloudAccount | CloudAccount | Cloud account for container registry in Wiz. |
| Wiz ContainerRegistry Deployment | wiz.containerregistry.Deployment | Deployment | Deployment related to container registry in Wiz. |
| Wiz ContainerRegistry Project | wiz.containerregistry.Project | Project | A project associated with container registry in Wiz. |
| Wiz ContainerRegistry WizContainerRegistry | wiz.containerregistry.WizContainerRegistry | WizContainerRegistry | A container registry entity in Wiz. |
| Wiz ContainerRepository ContainerRepository | wiz.containerrepository.ContainerRepository | ContainerRepository | A container repository entity in Wiz. |
| Wiz ContainerRepository Registry | wiz.containerrepository.Registry | Registry | Registry of a container repository in Wiz. |
| Wiz ContainerRepository WizContainerRepository | wiz.containerrepository.WizContainerRepository | WizContainerRepository | A container repository in Wiz. |
| Wiz LateralMovement | wiz.lateralmovement | LateralMovement | Lateral movement entity in Wiz. |
| Wiz LateralMovement Path | wiz.lateralmovement.Path | Path | Path of lateral movement in Wiz. |
| Wiz LateralMovement PathEntities | wiz.lateralmovement.PathEntities | PathEntities | Entities within a lateral movement path in Wiz. |
| Wiz LateralMovement Entity | wiz.lateralmovement.Entity | Entity | An entity involved in lateral movement in Wiz. |
| Wiz NetworkExposure | wiz.networkexposure | NetworkExposure | Exposed network entity in Wiz. |
| Wiz NetworkExposure NetworkExposure | wiz.networkexposure.NetworkExposure | NetworkExposure | Network exposure entity in Wiz. |
| Wiz NetworkExposure AccessibleFrom | wiz.networkexposure.AccessibleFrom | AccessibleFrom | Entities accessible from a network exposure in Wiz. |
| Wiz NetworkExposure ApplicationEndpoints | wiz.networkexposure.ApplicationEndpoints | ApplicationEndpoints | Application endpoints exposed in Wiz. |
| Wiz Control | wiz.control | Control | Control-related entity in Wiz. |
| Wiz Control WizControls | wiz.control.WizControls | WizControls | Detailed control entity in Wiz. |
| Wiz Control Control | wiz.control.Control | Control | A specific control in Wiz. |
| Wiz Issue | wiz.issue.Issue | Issue | An issue entity in Wiz. |
| Wiz Threat | wiz.threat.Threat | Threat | A threat entity in Wiz. |
| Wiz Vulnerability | wiz.vulnerability.Vulnerability | Vulnerability | A vulnerability entity in Wiz. |
| Wiz ResourceTag | wiz.resourcetag.ResourceTagNode | ResourceTagNode | Resource tag associated with a node in Wiz. |