Wiz Integration with Censys ASM
The Censys integration with Wiz ingests your cloud resources, ensuring that the cloud assets in your inventory in Attack Surface Management (ASM) are always up to date.
Cloud resources sourced from Wiz will be added to your attack surface inventory for easy investigation and prioritization. Currently, hosts and web entities can be brought in from Wiz. Support for storage buckets will be added shortly.
Overview video
The following video provides an overview of the Wiz integration.
Prerequisities
Before setting up the integration, you will need to create a Wiz service account and obtain your Wiz API Endpoint URL.
Follow the steps below to create the service account:
- Log in to Wiz with a role that has elevated privileges, such as Global Admin or Project Admin.
- In the Wiz UI, navigate to Settings > Access Management > Service Accounts.
- Click +Add Service Account.
- For type, select Custom Integration (GraphQL API).
- Under API scopes, ensure that the read:network_exposure and read:resources permissions are enabled.
- Save the service account.
Once the service account is saved, you will see the Client ID and Client Secret. Save these. They will be required for the integration set up in Censys.
Next, you will need your API Endpoint URL. Follow the steps below to find this information.
- At the top right of the Wiz console, click your user icon and then select Tenant Info.
- On the left side of the page, select Data Center and Regions.
- Copy your Tenant Data Center.
- Input your Tenant Data Center into this URL:
- https://api.<TENANT_DATA_CENTER>.app.wiz.io/graphql
Set up
Now that you have the Client ID, Client Secret, and the API Endpoint URL, you can begin integration setup within Censys. Follow the steps below:
- Log in to the ASM console. In the top navigation, click Integrations.
- On the Integrations page, find and select the Wiz integration card.
- Click Set Up.
- In the panel that appears, input your Client ID, Client Secret, and API Endpoint URL. Click Submit.
Assets from your Wiz External Attack Surface will now be ingested into Censys ASM every 24 hours.
Locate assets from Wiz in your inventory
After you connect Wiz to ASM, any assets sourced from Wiz will be labeled as such. You can view all assets sourced from Wiz by navigating to your inventory and selecting the Source > WIZ Connector filter or by entering source = `WIZ Connector`
in the query bar.