Gomboc User Docs
  • Quickstart
  • Gomboc Portal
    • Access & Log in
    • Initial Set up
    • Free Trial Setup Guide
  • Integrations
    • Domains & IPs
    • Cloud Security Posture Management (CSPM)
      • Orca Security
      • Wiz
    • Source Code Management (SCM)
      • Azure Devops
      • GitHub
      • GitLab
      • BitBucket
    • VSCode Plugin
    • Continuous Integration (CI) Build Systems
      • Azure Devops Pipelines
  • API
  • Configuration
    • Browser Settings
    • Authentication - Pwdless & SSO
    • User Management
  • Remediation Process
  • Security Status
  • Scan Results
  • Troubleshooting
  • Data Architecture & Flows
  • Glossary
Powered by GitBook
On this page
Edit on GitHub
  1. Integrations
  2. Cloud Security Posture Management (CSPM)

Wiz

PreviousOrca SecurityNextSource Code Management (SCM)

Last updated 2 months ago

Integration Setup

To configure the Wiz Security integration, follow these steps:

Create Wiz Service Account

  1. In the the Wiz Application, Search "Service Accounts"

  1. Click "Add Service Account"

  1. Enter a name, Choose "Custom Integration (GraphQL API)" from the Type drop down.

  1. Select Projects you want Gomboc to have access to.

  1. Select the following scopes:

    • Read graph resource

    • Issues

    • Issue Comments

    • Integratons

    • Automation Rules

    • Read report

    • Read cloud configuration rules, list cloud configuration rules

    • Detections

    • Issue Status

    • Comments

  2. Click "Add Service Account" and collect Client ID and Client Secret. You will need them in future steps.

Create Integration in Gomboc Portal

  1. In Wiz click your profile icon and "Tenant Info"

  1. Collect API Endpoint URL and Authentication URL for future steps

  1. Within the Gomboc portal, create an access token, either a personal or organization API token will work. Once the token is created, copy it to your clipboard.

  1. Go to Settings > Integrations > Wiz

  1. Insert the Gomboc Token from step 3. Wiz Client ID, Wiz Client Secret from Service Account setup. Wiz API URL, Wiz Auth URL from step 2. Click "Integrate"

  1. Once the integration is complete you will receive an Access token you will need to use to create the webhook on Wiz

Create Integration in Wiz Application

  1. Back on the Wiz Application, search "Integrations"

  1. Click "Add Integration"

  1. Search "Webhook"

  1. Enter a name. Under URL enter "https://cspm.prod.gcp.gomboc.ai/api/v1/observations/wiz"

  2. Select All projects you want to integrate with, It should be the same as the Service Account

  3. Under Authentication select Token, Enter the Token received after creating the integraion in Gomboc portal, click "Add Integration"

Setup Wiz Webhook Rules

  1. Search "Automation Rules"

  1. Click "Add Rule"

  1. Enter name "Issue Webhook"

  2. Select same projects from Service Account setup

  3. Under "When" select Issue

  4. Under "IF" click Add Filter, select "Severity", then select all the options.

  1. Under "THEN" click add Action and select "POST a Webhook" for the created Integration. Click "Continue", then "Add Action"

  1. Click "Add Rule"

  1. Repeat Steps 2 - 8 changing to "Cloud Configuration Finding" and "Detection" under "WHEN" in step 5