Implementation/Admin Learning Path
      Back to home
      1. Knowledge Base
      2. Implementation/Admin Learning Path

      How do I configure Wiz Integration?

      Requirements

      • The API URL for your instance:
        • Ex. "https://api.<region>.app.wiz.io/graphql', "
      • The Token URL:
        • ex. "https://auth.app.wiz.io/oauth/token',
      • The Wiz API Client ID
      • The Wiz API Client Secret

      Permissions

      • A NopSec user with the permissions of:
        • Integrations.read
        • Integrations.write
      • We require the WIZ API to have access to do the following

      • Required permission(s)

         
        		  

        Get Report Download URL and Status

        read:reports

        Rerun Report

        create:reports

        Get Report Names

        read:reports

        Create Vulnerabilities Report

        create:reports

        Pull Vulnerability Findings

        read:vulnerabilities

        Update Vulnerabilities Report

        update:reports

        Create Issues Report

        create:reports

        Update Issues Report

        update:reports

        Pull Issues

        read:issues

        Create Inventory Report

        create:reports

        Update Inventory Report

        update:reports

        Pull Cloud Resources

        read:resources

       

      Steps to configure

      • Create Wiz API and capture the Client ID and Client Secret

        • Login to Wiz with the Project Admin role.

        • Click the Settings icon available at the top-right of the page.

        • On the Settings page, Click Service Accounts from the left menu.

        • Click the Add Service Account button.

          Wiz 2

        • Enter a Service Account Name.

        • Select the Custom Integration(GraphQL API) option from the Type drop-down.

        • Select a Project from the drop-down. You must select the projects with the resources you wish to sync the issues.

        • Select all of the permission above in the API Scopes.

        • Click the Add Service Account button at the bottom.

          Wiz 3

        • The system displays the ClientID and Client Secret.

        • Copy and save the Client ID and Client Secret to use while configuring Wiz in SAFE.
          Alternatively, you can copy and paste the Client ID and Client Secret in their respective fields on the Wiz configuration page in SAFE.
          For more details, refer to Add a Service Account.

      • Open NopSec and click on Integrations
        1. Click on Vulnerability Tab
        2. Find Wiz
        3. Click on Add Integration
        4. Give your integration a connection name
        5. Place the URL
        6. Place the Token URL
        7. Paste the Client ID
        8. Paste the Client Secret
        9. Click Save and Connect
      • Click on Sync History Tab
        • Refresh every few minutes to see the updated status
        • The first sync is only scheduled to retrieve 24 hours worth of data
        • Once task is completed, ie. FINISHED then you may go to Prioritize and see your results