Wiz.IO¶
Wiz.IO provides cloud application security and compliance monitoring.
Cyderes supports the ingestion of Wiz.IO Issues using their GraphQL REST API.
Chronicle Data Types¶
- WIZ_IO
Requirements¶
A service account must be created with the API scope read:issues
Configuration¶
Wiz.IO's GraphQL API provides the ability to collect Issues which meet certain filter criteria. Multiple filter values can be simultaneously configured, but the values must be supported by Wiz.IO:
| option | description |
|---|---|
| severity | Issues with matching Severity: INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL |
| status | Issues with a matching Status: OPEN, IN_PROGRESS, REJECTED, RESOLVED |
| search | Issues which have a description matching the provided search string |
| hasNote | Issues which have been updated with at least one Note; boolean |
| hasServiceTicket | Issues which have at least one linked Service Ticket; boolean |
| project | a list of linked Project IDs |
| sourceControl | a list of linked Control IDs |
| frameworkCategory | a list of linked Security Framework IDs |
| stackLayer | a list of linked Technology Stack Layer IDs |
Gather Information¶
- Wiz.IO API Server URL. Navigate to your User Settings >> Tenant and copy the API Endpoint URL.
- Client ID
- Client Secret
- optional filters to apply to the Issues query