Issue Findings
Collects and processes Wiz Issues logs from the Wiz API, enabling continuous monitoring and reporting of security issues across cloud environments.
Sync Type: Incremental
Requirements
Before connecting to Wiz, you need:
- Wiz API credentials (Client ID and Client Secret)
- Appropriate permissions to access Issues API endpoints
- Access to view and list issues in your Wiz account
- Find your tenant data center on the Tenant Info page in Wiz, or request it from your Wiz customer contact. e.g., "us1", "us2", "us3".
Details
This input connects to the Wiz API to fetch issues data. On first connection, it performs a complete sync of all issues. After the initial sync, it automatically switches to incremental updates, only fetching new or modified issues to optimize performance and resource usage.
Configuration
The following configuration defines the input parameters:
NOTE: if you change the configuration of a component in a pipeline it will not reset its state. For example, if you set the project filter the incremental sync will start to pull only for the desired project but you will not get a new FULL sync of all historical data for that project.
Settings
| Setting | Type | Required | Description |
|---|---|---|---|
| Tenant Data Center | string | Yes | The Wiz tenant data center (e.g., "us17", "eu1") |
| Severity | Array | No | Filter issues by severity levels |
| Status | Array | No | Filter issues by their current status |
| Type | Array | No | Filter issues by type |
| Framework Category | Array | No | Filter issues by framework category |
| Stack Layer | Array | No | Filter issues by stack layer |
| Project | Array | No | Filter issues by specific projects |
| Has Service Ticket | boolean | No | Filter issues that have associated service tickets |
| Has Remediation | boolean | No | Filter issues that have remediation steps |
| Has Auto Remediation | boolean | No | Filter issues that have automatic remediation capability |
| Backfill Start Time | string | No | The date to start fetching data from. If not specified, no past records will be fetched. |
Secrets
| Secret | Type | Required | Description |
|---|---|---|---|
| Client ID | string | Yes | Client ID for the Wiz API authentication |
| Client Secret | string | Yes | Client Secret for the Wiz API authentication |
Data Collection
The input collects the following data from Wiz Issues:
- Issue details and metadata
- Associated resources and entities
- Security findings and vulnerabilities
- Remediation information
- Status and severity levels
- Framework categories and stack layers
- Project associations
- Service ticket information (if available)
Filtering Options
You can filter the collected issues using various criteria:
- Severity Levels: Filter by issue severity
- Status: Include only issues in specific states
- Type: Filter by issue type
- Framework Categories: Filter by security framework categories
- Stack Layers: Filter by affected stack layers
- Projects: Limit to specific projects
- Service Tickets: Filter based on ticket association
- Remediation: Filter based on remediation availability
Notes
- The test connection functionality will alert you if your filter is too strict and no data is gathered using it.
Sample Record
{
"id": "ac691c7a-9133-f630-0ef8-0818eb601c6d",
"createdAt": "2025-08-11T23:46:39.692822Z",
"dueAt": null,
"entitySnapshot": {
"cloudPlatform": null,
"cloudProviderURL": "",
"createdAt": null,
"externalId": "aws/secret/18f46695-d43f-0b54-65ef-edded1bbd4c8",
"id": "74fd44e2-cfc8-acd7-ed3f-923b457ff308",
"name": "Database Credentials",
"nativeType": "",
"providerId": "k8s/configmap/1e2e7365-2767-e713-0c5c-84391e35e295",
"region": "us-west-2",
"resourceGroupExternalId": "",
"status": null,
"subscriptionExternalId": "",
"subscriptionName": "",
"subscriptionTags": null,
"tags": {},
"type": "CREDENTIALS"
},
"notes": [],
"projects": [
{
"id": "50db9b31-4be1-46f7-4f72-57ee35667f5c",
"name": "Alice Smith",
"slug": "Alice Williams",
"businessUnit": "Engineering",
"riskProfile": {
"businessImpact": "LOW"
}
}
],
"resolvedAt": null,
"serviceTickets": [],
"severity": "LOW",
"sourceRule": {
"__typename": "Control",
"controlDescription": "Insecure configuration",
"id": "7f83acfa-de16-8468-f05e-d564c4bbd9f5",
"name": "Unencrypted sensitive data",
"resolutionRecommendation": "Enable encryption",
"securitySubCategories": [
{
"title": "Data Protection",
"category": {
"name": "Security",
"framework": {
"name": "NIST",
"createdAt": "2025-08-11T23:46:39.693156Z",
"updatedAt": "2025-08-11T23:46:39.693158Z"
}
}
}
]
},
"status": "IN_PROGRESS",
"statusChangedAt": "2025-08-11T23:46:39.693173Z",
"type": "TOXIC_COMBINATION",
"updatedAt": "2025-08-11T23:46:39.693188Z"
}