- 24 Apr 2022
- 1 Minute to read
-
Print
-
DarkLight
-
PDF
Wiz
- Updated on 24 Apr 2022
- 1 Minute to read
-
Print
-
DarkLight
-
PDF
Wiz analyzes all layers of the cloud stack to identify high-risk attack vectors to be prioritized and fixed.
Types of Assets Fetched
This adapter fetches the following types of assets:
- Devices
Parameters
- Wiz URL (required) - The URL of the API of the Wiz server that Axonius can communicate with via the Required Ports. Retreive the Wiz url from the user profile https://app.wiz.io/user/profile. 'https://' is required.
- Wiz Authentication URL (required) - Enter auth.wiz.io. Used to enable the connection to Wiz together with the API token.
- Client Key and Client Secret (required) - See below for details about how to obtain the Client Key and Client Secret.
- HTTPS Proxy (optional, default: empty) - Connect the adapter to a proxy instead of directly connecting it to the domain.
- To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.
Advanced Settings
Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to Advanced Configuration for Adapters
- Do not fetch devices where Power State is TurnedOff (optional, default: false) - When selected, devices with a power state 'off' are not fetched by Axonius.
- Fetch vulnerability findings (optional, default: false) - Select to fetch vulnerability information from Wiz.
To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.
APIs
Axonius uses the wiz.io API.
Obtaining the Client Secret and Client ID
To obtain the "wiz_url":
- Navigate to your user profile and copy the API Endpoint URL.
To obtain the Wiz client_id and client_secret:
- Navigate to Settings > Service Accounts .
- Click Add Service Account.
- Name the new service account, for example: Axonius Integration
- If you desire, narrow the scope of this service account to specific projects.
- Select the permission read:resources and click Add Service Account.
- Copy the CLIENT SECRET. Note that you won't be able to copy it after this stage.
- Copy the CLIENT ID, which is displayed under the Service Accounts page.
Required Ports
Axonius must be able to communicate with the value supplied in Wiz URL via the following ports:
- TCP port 443
Required Permissions
The value supplied in Client ID must have Perform GraphQL Queries permissions.
Supported From Version
Supported from Axonius version 4.4