Interpres Application - Wiz
- Type: Cloud
- Vendor: Wiz
The Wiz app will process Wiz data and map it to the Interpres data model.
Vendor setup
Generate a Client ID + Client Secret for Wiz API. When Global Admins create Service Accounts in Wiz, they must assign them specific permissions during the creation process. In order for a Wiz Service Account to use the developer APIs, it must possess (at least) these listed permissions:
- Pull Assets - read:resources
- Pull Vulnerability Findings - read:vulnerabilities
- Pull Issues - read:issues
- Pull Controls, Cloud Event Rules and Cloud Configuration Rules - read:controls read:cloud_event_rules read:cloud_configuration
App Configuration
App Parameters:
- Client ID: Wiz Service Account Client ID created
- Secret: Wiz Service Account Client Secret created
- Environment: "Specifies the deployment environment. Use 'app' by default, 'fedramp' for app.wiz.us or 'gov' for gov.wiz.io"
App Validation
Check there is connectivity (green light) in the integration created.
Implemented Actions
-
Get Assets: Get Assets will query GraphQL filtering by types "CONTAINER", "SERVERLESS", "VIRTUAL_DESKTOP", "VIRTUAL_MACHINE" and "VIRTUAL_WORKSTATION".
-
Get Vulnerability: This action processes the Wiz vulnerability findings.
-
Get Recommended Actions: Get Recommended Actions will query controls, cloudEventRules and cloudConfigurationRules.
-
Get Policies: Get Policies will query the IssuesTable query to obtain a set of Issues.