Skip to content

Integrating Wiz to BoostSecurity

Integrating Wiz with BoostSecurity enhances security findings by incorporating cloud context from Wiz, enabling comprehensive contextualization from code to cloud. Once the integration is enabled, BoostSecurity leverages the following data from Wiz projects:

  • Kubernetes Topology and Services: Provides insights into the cluster and service structure.
  • Container Image Assets and Attributes: Enhances visibility into containerized workloads.
  • Containers Exposed to the Public Internet: Identifies publicly accessible containers for risk assessment.
  • Container-to-Source Repositories: Links containers back to their source repositories when container scanning is enabled in Wiz.

BoostSecurity enriches security findings with runtime attributes and escalates findings to critical+ risk when applicable.

Availability

The Wiz integration is available for all BoostSecurity users with the necessary permissions in both platforms.

Benefits of the Integration

  • Enhanced Security Context: Links cloud security insights from Wiz with BoostSecurity’s development-time security data.
  • Improved Risk Prioritization: Elevates high-risk vulnerabilities by combining runtime and cloud context.
  • Cloud-to-Code Visibility: Enables a seamless connection between container assets and source repositories for efficient triage.

Prerequisites

Before enabling the Wiz integration, ensure the following:

  1. BoostSecurity Account: You must have access to your BoostSecurity workspace.
  2. Wiz Account: Administrator privileges in Wiz are required.

Enabling the Integration

The Wiz integration can be added to your BoostSecurity account in two steps:

Step 1: Add the BoostSecurity Integration in Your Wiz Account

Refer to the Wiz platform documentation for detailed steps on adding BoostSecurity to your Wiz projects.

Step 2: Add the Wiz Integration in Your BoostSecurity Account

  1. Navigate to the Integrations page in BoostSecurity and select Wiz.

    Wiz

  2. Click the Install button at the top-right of the page.

  3. Provide the following details:
  4. Integration Name: A unique identifier for the integration.
  5. Base URL: The URL for your Wiz account.

  6. Client ID and Client Secret: Credentials obtained from the BoostSecurity installation in Wiz.

    Boost Integration for Wiz

  7. Click Install to complete the setup.

Managing the Integration

  • Editing Configuration: Modify integration settings in the BoostSecurity Integrations page.
  • Troubleshooting: Ensure correct permissions in Wiz and verify that BoostSecurity has the necessary access.

Conclusion

The Wiz and BoostSecurity integration provides a powerful security enhancement by combining cloud security insights with development-time security controls. This enables security teams to prioritize and remediate risks effectively, ensuring comprehensive protection across the software development lifecycle.