search

wand-sparklesWiz

Stream Alma runtime detections into Wiz as Issues, mapped to the exact cloud asset.

Correlate Alma runtime telemetry with Wiz Cloud Resource IDs in real time.

When Alma detects an application attack or behavioral anomaly, it streams a high‑fidelity alert into Wiz as an Issue.

Alma automatically matches the alert to the exact cloud asset in Wiz.

This makes static findings easier to prioritize. You get exploitability and business impact from real runtime signals.

hashtag
How it works

  1. Alma observes runtime behavior and detects threats.

  2. Alma maps the affected workload to Wiz Cloud Resource IDs.

  3. Alma creates a Wiz Issue tied to the exact asset.

  4. SOC and AppSec triage runtime alerts inside Wiz workflows.

hashtag
Prerequisites

  1. Alma Security account

    • Active account.

    • Permissions to manage integrations.

  2. Wiz account

    • API access enabled.

    • A Client ID + Client Secret generated in Wiz.

    • Wiz API URL for your tenant.

    • Use least privilege. Grant only required read scopes.

  3. Network connectivity

    • Alma’s integration service must reach Wiz APIs over HTTPS.

    • Whitelist required IP ranges if outbound egress is restricted.

  4. Permissions

    • You need the right role in both systems.

    • In Wiz, use a service principal or integration role.

hashtag
Obtain Wiz credentials

1

hashtag
Create a Wiz API token

  1. Log in to Wiz as an administrator.

  2. Go to Settings → Integrations → API Tokens.

  3. Create a new token or service account for Alma.

  4. Copy:

    • Client ID

    • Client Secret

    • API URL (Wiz API URL)

circle-exclamation

Grant least-privilege access. Start with read access to assets, vulnerabilities, and configuration findings.

hashtag
Configure the Alma ↔ Wiz integration

1

hashtag
Open the Wiz integration in Alma

  1. In Alma, open Integrations.

  2. Find the Wiz tile.

  3. Confirm the tile shows current sync status.

2

hashtag
Start the connection

  1. Click Connect on the Wiz tile.

  2. Review the permissions dialog.

  3. Click Allow access.

3

hashtag
Enter Wiz credentials

  1. In Sync Alma with Wiz, paste:

    • Wiz API URL

    • Client ID

    • Client Secret

  2. Click Connect to Wiz.

Alma validates the credentials and establishes a secure link.

4

hashtag
Verify success

You should see Successfully connected.

The Wiz card should now show a Disconnect button. That confirms Alma can pull data and stream Issues.

hashtag
Credential details

  • Wiz API URL

    • Wiz API endpoint for your tenant/region.

    • Shown in Wiz under Settings → Integrations → API Tokens.

  • Client ID

    • Public identifier for the Wiz API integration.

    • Generated in Wiz under API Tokens.

  • Client Secret

    • Confidential key used to authenticate Alma with Wiz.

    • Generated alongside the Client ID in Wiz.

    • Store securely and rotate regularly.

hashtag
Security

  • Encryption

    • All communication occurs over HTTPS.

    • Credentials are stored encrypted in Alma’s secrets management subsystem.

  • Revocation

    • In Alma, click Disconnect on the Wiz integration tile.

    • In Wiz, revoke or delete the related API token.

hashtag
Troubleshooting

  • Authentication errors

    • Re-check Client ID and Client Secret for typos.

    • Remove hidden characters and trailing spaces.

    • Regenerate the Wiz API token if needed.

  • Data not syncing

    • Verify outbound HTTPS connectivity to Wiz API endpoints.

    • Check proxy, firewall, and allowlists.

  • Permission issues

    • Ensure the Wiz token has required read permissions.

    • Missing scopes can cause partial ingestion.

  • Credential rotation

    • Rotate the Client Secret on a schedule.

    • Update Alma immediately after rotation.

PreviousJira

Last updated