> ## Documentation Index
> Fetch the complete documentation index at: https://docs.pwnbook.app/llms.txt
> Use this file to discover all available pages before exploring further.

# Wiz

> Pull cloud security posture and vulnerability findings from Wiz into Pwnbook.

<img src="https://mintcdn.com/pwnbook/noJyYhCscAD7TYUE/logos/wiz.svg?fit=max&auto=format&n=noJyYhCscAD7TYUE&q=85&s=d29f2a3c47cdb2bcd3788597c035c49b" alt="Wiz" style={{ height: "32px", marginBottom: "16px" }} width="435" height="194" data-path="logos/wiz.svg" />

## Overview

Wiz is a cloud-native application protection platform (CNAPP) that provides agentless scanning across cloud environments. The Pwnbook integration pulls Wiz issues and vulnerabilities so cloud security findings live alongside your other security data.

## Prerequisites

* A Wiz account with API access
* A Wiz service account client ID and secret (with `read:issues` and `read:vulnerabilities` scopes)
* Admin or Owner access in Pwnbook

## Setup

<Steps>
  <Step title="Create a Wiz service account">
    1. In the Wiz portal, go to **Settings → Service Accounts**.
    2. Click **Add Service Account**.
    3. Assign the **read:issues** and **read:vulnerabilities** permissions.
    4. Copy the **Client ID** and **Client Secret**.
  </Step>

  <Step title="Configure in Pwnbook">
    1. Go to **Organization Settings → Marketplace → Wiz**.
    2. Enter your **Client ID**, **Client Secret**, and **API endpoint URL** (shown in your Wiz tenant settings).
    3. Click **Save & Test**.
  </Step>
</Steps>

## What gets synced

| Data                | Description                                                                         |
| ------------------- | ----------------------------------------------------------------------------------- |
| **Issues**          | Misconfiguration and toxic combination findings with severity and affected resource |
| **Vulnerabilities** | CVEs found in cloud workloads and container images                                  |
| **Cloud resources** | Resource context attached to each finding                                           |
| **Severity**        | Critical, High, Medium, Low, Informational                                          |
