Wiz
Summary
Wiz is a security platform that allows teams to find and fix issues in their code. You can use Wiz to drive insights into values such as:
- Issues
Setup
In order to connect Cortex to your Wiz instance, you’ll need a Wiz Client ID and Client Secret with read access to projects, issues, and vulnerabilities. You'll also need your region and authentication provider, which you can find under the tenant page in User settings. This information can be added under Settings → Wiz.
If you do not see the Settings page you're looking for, you likely don't have the proper permissions and need to contact your admin.
Registration
Discovery
By default, Cortex will use the entity name (e.g. My service) or tag (e.g. my-service
) as the "best guess" for Wiz project. For example, if your entity name is "My Service" or your tag is my-service
, then the corresponding project name in Wiz should also be My Service or my-service
.
If your Wix project names don’t cleanly match the Cortex entity name or tag, you can override this in the Cortex entity descriptor.
Entity descriptor
Define the following block in your Cortex entity descriptor:
x-cortex-wiz:
projects:
- projectId: 01234567-e65f-4b7b-a8b1-5b642894ec37