Integrate Wiz with AiStrike for data synchronization, vulnerability monitoring, and security issue management.
Prerequisites
-
Access to a Wiz tenant with permissions to create service accounts (e.g. Global Admin role).
-
A read-only AiStrike service account named
aistrike_svcfor reviewing and testing the integration. Share the authentication details for this account at setup time to aid testing.
Required Wiz API scopes:
-
admin:audit— Audit -
read:issues— Issues -
read:vulnerabilities— Vulnerability -
read:cloud_configuration— Cloud Configuration Findings -
read:resources— Resources
Required connection details
|
Parameter |
Description |
|---|---|
|
Token URL |
|
|
API Endpoint |
|
|
Client ID |
Generated during service account creation |
|
Client Secret |
Generated during service account creation |
|
Project IDs |
Optional (for project-scoped permissions) |
Obtain the API Endpoint URL
In the Wiz console, click the user icon > User Settings, then select Tenant from the left menu and copy the API Endpoint URL. The Wiz GraphQL API uses a single endpoint of the form https://api.<TENANT_DATA_CENTER>.app.wiz.io/graphql, where <TENANT_DATA_CENTER> is your regional data center (e.g. us1, us2, eu1, eu2).
Obtain the Client ID and Client Secret
-
Log in to Wiz with an Admin role.
-
Go to Settings > Access Management > Service Accounts.
-
If a read-only service account doesn't exist, click Add Service Account and create one named
aistrike_svc, type Custom Integration (GraphQL API), selecting the scopes listed above. -
Store the generated Client ID and Client Secret securely.
Integration methods
Push-based (webhooks) — recommended
Wiz can push security alerts and event notifications to AiStrike via webhook.
Prerequisites: a user with permission to generate webhook URLs, and write access to Settings > Response and Automation in Wiz. Global roles create integrations across all projects; project-scoped roles are limited to assigned projects.
-
Obtain the webhook URL from AiStrike (and optionally generate auth credentials — username/password or token).
-
In Wiz, go to Settings > Integrations > Add Integration, and under SIEM & Automation Tools select Webhook.
-
Enter a name, define the project scope (Global or project-specific), and paste the webhook URL.
-
Optionally add custom headers, then choose an authentication method (Basic, Token, or Client Certificate — None is not recommended).
-
Click Add Integration.
API pull
Use the connection details in the table above to configure API-based pulling.
API limits
|
Data type |
Limit |
|---|---|
|
Audit Logs |
10,000 results |
|
Cloud Configuration Findings |
10,000 results |
|
Issues |
No limit |
|
Vulnerabilities |
No limit |