Skip to main content

Wiz

This Integration is part of the Wiz Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

Agentless, context-aware and full-stack security and compliance for AWS, Azure and GCP. This integration was integrated and tested with Wiz

Configure Wiz on Cortex XSOAR#

  1. Navigate to Settings > Integrations > Servers & Services.

  2. Search for Wiz. Click Add instance to create and configure a new integration instance.

    ParameterDescriptionRequired
    nameIntegration Name. Default: Wiz_instance_1True
    saidService Account IDTrue
    sasecretService Account SecretTrue
    api_endpointAPI Endpoint. Default: https://api.us1.app.wiz.io/graphql
    To find your API endpoint URL:
    1. Log in to Wiz, then open your user profile
    2. Copy the API Endpoint URL to use here.    		True
    first_fetchFirst fetch timestamp (<number> <time unit>, e.g., 12 hours, 7 days)False
    streaming_typeIssue Streaming type.
    Either Wiz (to push live Issues) or XSOAR (to constantly pull Issues)    		False
    max_fetchMax Issues to fetchFalse
    proxyUse system proxy settingsFalse

  3. Click Test to validate the API Endpoint, Service Account and connection.

Commands#

You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook or War Room. After you successfully execute a command, a DBot message appears in the War Room with the command details.

wiz-get-issues#

Get the issues on cloud resources

Base Command

wiz-get-issues

Input

Argument NameDescriptionRequired
issue_typeThe type of Issue to get.Optional
resource_idGet Issues of a specific resource_id.
Expected input: providerId		Optional
severityGet Issues of a specific severuty.
Expected input: CRITICAL, HIGH, MEDIUM, LOW or INFORMATIONAL.
The chosen severity and above will be fetched		Optional

Either issue_type or resource_id are required.

Context Output

PathTypeDescription
Wiz.Manager.IssuesStringAll Issues

Command Example#

!wiz-get-issues issue_type="VIRTUAL_MACHINE"
!wiz-get-issues resource_id="arn:aws:ec2:us-east-2:123456789098:instance/i-0g03j4h5gd123d456"
!wiz-get-issues resource_id="arn:aws:ec2:us-east-2:123456789098:instance/i-0g03j4h5gd123d456" severity=HIGH

wiz-get-resource#

Get Details of a resource.

Base Command

wiz-get-resource

Input

Argument NameDescriptionRequired
resource_idResource provider idRequired

Context Output

PathTypeDescription
Wiz.Manager.ResourceStringResource details

Command Example#

!wiz-get-resource resource_id="arn:aws:ec2:us-east-2:123456789098:instance/i-0g03j4h5gd123d456"
Edit this page
Report an Issue