Vulnerability Findings Reports
Collects and processes Wiz Vulnerabilities logs from the Wiz API, ensuring continuous monitoring and reporting of vulnerabilities.
Sync Type: Full Synchronisation
Requirements
- Before connecting Monad to Wiz, you need to obtain API credentials (Client ID and Client Secret). These credentials allow access to the Wiz API to fetch cloud resource inventory.
- Ensure that your Wiz credentials have the appropriate permissions to access the necessary API endpoints. To access Cloud resource inventory specifically, make sure your credentials have
create:reports,update:reportsandread:resources - To generate incremental vulnerabilities data (which does not generate reports), you can also use the incremental version of this input.
Details
Monad connects to the Wiz API to collect cloud resource inventory data. The connector operates on a user specified cron, where the connector creates a new Cloud Resource Inventory report. It waits for the report generation to complete, and processes the resulting CSV data and sends it forward. The connector also supports filtering by cloud platform and entity type.
Configuration
The following configuration defines the input parameters. Each field's specifications, such as type, requirements, and descriptions, are detailed below.
Settings
| Setting | Type | Required | Description |
|---|---|---|---|
| Endpoint URL | string | Yes | Endpoint URL to connect to Wiz. |
| Asset Type | string | Yes | Your Wiz Asset Types for Vulnerability Findings. |
| Vendor Severity | Array | No | Your Wiz Vendor Severity for Vulnerability Findings. |
| Asset Status | Array | No | Vulnerability Findings for assets with these statuses |
| Status | Array | No | The status of a Vulnerability Finding. |
| Detection Method | Array | No | Vulnerability Findings found via these detection methods. |
| Backfill Start Time | string | No | The date to start fetching data from. If not specified, no past records will be fetched. |
| Cron | string | Yes | Cron string for scheduling tasks. Ex: '0 0 * * *' for daily execution at midnight. |
Secrets
| Secret | Type | Required | Description |
|---|---|---|---|
| Client ID | string | Yes | Client ID for the CrowdStrike API. This is required to authenticate requests. |
| Client Secret | string | Yes | Client Secret for the CrowdStrike API. This is required to authenticate requests. |