Wiz
  • 24 Apr 2022
  • 1 Minute to read
  • Dark
    Light
  • PDF

Wiz

  • Dark
    Light
  • PDF

Wiz analyzes all layers of the cloud stack to identify high-risk attack vectors to be prioritized and fixed.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices

Parameters

  1. Wiz URL (required) - The URL of the API of the Wiz server that Axonius can communicate with via the Required Ports. Retreive the Wiz url from the user profile https://app.wiz.io/user/profile. 'https://' is required.
  2. Wiz Authentication URL (required) - Enter auth.wiz.io. Used to enable the connection to Wiz together with the API token.
  3. Client Key and Client Secret (required) - See below for details about how to obtain the Client Key and Client Secret.
  4. HTTPS Proxy (optional, default: empty) - Connect the adapter to a proxy instead of directly connecting it to the domain.
  5. To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Wiz_4-4-22


Advanced Settings

Note:

Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters

  1. Do not fetch devices where Power State is TurnedOff (optional, default: false) - When selected, devices with a power state 'off' are not fetched by Axonius.
  2. Fetch vulnerability findings (optional, default: false) - Select to fetch vulnerability information from Wiz.


Note:

To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.


APIs

Axonius uses the wiz.io API.

Obtaining the Client Secret and Client ID

To obtain the "wiz_url":

  • Navigate to your user profile and copy the API Endpoint URL.

To obtain the Wiz client_id and client_secret:

  1. Navigate to Settings > Service Accounts .
  2. Click Add Service Account.
  3. Name the new service account, for example: Axonius Integration
  4. If you desire, narrow the scope of this service account to specific projects.
  5. Select the permission read:resources and click Add Service Account.
  6. Copy the CLIENT SECRET. Note that you won't be able to copy it after this stage.
  7. Copy the CLIENT ID, which is displayed under the Service Accounts page.


Required Ports

Axonius must be able to communicate with the value supplied in Wiz URL via the following ports:

  • TCP port 443

Required Permissions

The value supplied in Client ID must have Perform GraphQL Queries permissions.

Supported From Version

Supported from Axonius version 4.4


What's Next
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.