Wiz proof types
Note
Hyperproof connects to many third-party systems that frequently change, including the system interface. Contact your System Administrator or the third-party provider for assistance meeting the requirements to integrate with Hyperproof and collect the proof you need.
When you create a Hypersync between Hyperproof and Wiz, you can automatically collect proof based on the following services:
List of Users
List of Vulnerabilities
If you have a large amount of data you may receive a timeout error. Use the Vendor Severity and Time Range filters to reduce the amount of data returned at one time. You can search by the last month, quarter, or year for newly detected vulnerabilities. Searching by month is the recommended time range setting.
Additional documentation
Note
You only need to connect Hyperproof to the app once, and then you can create as many Hypersyncs as you need. Additionally, you can create multiple Hypersyncs for a single control or label.
Configuring Wiz for a Hypersync user
Create a Wiz Client ID and Client Secret.
In the Wiz console, select Settings > Service Accounts > Add Service Account. Configure the following permissions:
Note
Be sure to create a new Service Account to configure the correct permissions. When editing an existing Service Account, the required permissions aren't available.
Pull Users -
read: usersGet Report Download URL and Status -
read: reportsUpdate Vulnerabilities Report -
update: reportsCreate Vulnerabilities Report -
create: reportsPull Projects -
read:projects
Obtain the Subscription External ID for the List of Vulnerabilities proof criteria by selecting Settings > Subscriptions.
Under the relevant subscription, copy the external ID string
Some valid examples of Subscription External ID include:
Amazon Web Services (AWS):
account numberGoogle Cloud Portal (GCP):
project nameOracle Cloud Infrastructure (OCI):
compartment OCID