Overview
Wiz is a cloud infrastructure security tool that provides organizations with an in-depth contextual risk assessment. Wiz’s agentless solution builds inventory, and scans for varied risk factors such as vulnerabilities, excessive permissions, malware, exposed secrets, practical exposure, and more, and prioritizes the alerts for the security teams based on the likelihood to be exploited and potential business impact.
The Devo Wiz collector allows customers to retrieve Wiz cloud security issues into Devo to query, correlate, analyze, and visualize to enable Enterprise IT and Cybersecurity teams to take the most impactful decisions at the petabyte scale. The collector processes the Wiz API responses and sends them to the Devo platform, which then categorizes all data received on tables along rows and columns in your Devo domain.
Data sources
Data source | Description | API Endpoint | Collector service name | Devo table | Available from release |
---|---|---|---|---|---|
Issues | An issue in wiz is a vulnerability that is detected in the cloud infrastructure |
|
|
|
|
Vulnerability | Vulnerabilities are weaknesses in computer systems that can be exploited by malicious attackers. Whether they are caused by bugs or design flaws, vulnerabilities can allow attackers to execute code in an environment or elevate privileges. |
|
|
|
|
Audit Logs | The Audit Log records key events in Wiz, such as login, logout, and user update. The Audit Log is primarily used to investigate potentially suspicious activity or diagnose and troubleshoot errors. |
|
|
|
|
Cloud Configuration Findings | This returns the problems with configurations and the remediation solutions for the same. |
|
|
|
|
Devo collector features
Feature | Details |
---|---|
Allow parallel downloading ( |
|
Running environments |
|
Populated Devo events |
|
Flattening preprocessing |
|
Flattening preprocessing
In order to improve the data exploitation and enrichment, this collector applies some flattening actions to the collected data before delivering it to Devo:
Data source | Collector service | Optional | Flattening details |
---|---|---|---|
Issues |
|
|
|
Vulnerabilities |
|
|
|
Audit Logs |
|
|
|
Cloud Configuration Findings |
|
|
|
How to enable the collection in the vendor
Minimal requirements to follow this guide
In order to retrieve the data, the following details will be required from your Wiz instance.
Instance domain | Wiz domain of your cloud instance where the collector will make the requests. |
---|---|
Client ID | Wiz user ID. |
Client secret | Wiz user passwords. |
Minimum configuration required for basic pulling
Although this collector supports advanced configuration, the fields required to download data with basic configuration are defined below.
This minimum configuration refers exclusively to the specific parameters of this integration. There are more required parameters related to the generic behavior of the collector. Check setting sections for details.
Setting | Details |
---|---|
| By default, the base URLis |
| User Client ID to authenticate to the service. |
| User Secret Key to authenticate to the service. |
Accepted authentication methods
The following are the accepted authentication methods for this collector.
Authentication method | Client ID | Client secret |
---|---|---|
Basic authentication | REQUIRED | REQUIRED |
Run the collector
Once the data source is configured, you can either send us the required information if you want us to host and manage the collector for you (Cloud collector), or deploy and host the collector in your own machine using a Docker image (On-premise collector).
Collector service details
Collector operations
This section is intended to explain how to proceed with specific operations of this collector.
Change log
Release | Released on | Release type | Details | Recommendations |
---|---|---|---|---|
| FEATUREIMPROVEMENTS | New Features
Improvements
|
| |
| FEATUREIMPROVEMENTS | New Features
Improvements
|
| |
| BUG FIXIMPROVEMENTS | Improvements:
Bug Fix:
|
| |
| IMPROVEMENTS | Improvements:
|
| |
| BUG FIX | Bug fixes:
|
| |
| FEATURE | New features:
|
| |
| FEATURE | New features:
|
|