CYFOX's OmniSec now supports integrations through its newly launched marketplace, making it easier than ever to integrate external insights into your compliance workflow.
The following guide provides step-by-step instructions for connecting Wiz to CYFOX's OmniSec platform. This will enable the automated forwarding of security findings and cloud configuration data. Once integrated, Wiz data will be assessed within OmniSec as part of its generative AI-powered compliance framework.
Prerequisites
Before starting the integration process, ensure the following requirements are met:
OmniSec Admin Access
Only users with Admin privileges in OmniSec can configure new integrations. Access to the Integrations page requires admin-level permissions.
Wiz Account (API) Credentials
The organization must have an active Wiz account. The following details are required for the integration:
Client ID
Client Secret
API Endpoint URL
Note: If these credentials are not readily available, please get in touch with the Wiz support team for assistance.
Set Up the Wiz Integration
Once the required credentials are available, follow these steps to complete the integration:
Log in to OmniSec using an Admin account.
Navigate to the Integrations page from the main menu.
Select Wiz from the list of available integrations.
Step 1: Fill in Basic Integration Details
Before entering Wiz credentials, the platform will prompt for a few initial details to help identify the integration later:
Display Name is pre-filled with Wiz Cloud Security and can be left unchanged.
Description is optional and can be used to add context if needed.
Once these fields are reviewed, click Next to continue to authentication.
Step 2: Enter Authentication Credentials
Enter the required Wiz API details to enable the integration:
Client ID
Client Secret
Auth URL (Pre-filled with the standard Wiz authentication endpoint)
API URL (Region-specific; use the endpoint that matches the Wiz environment)
Reminder: Wiz must provide these API details. Before proceeding, an API client with read-only permissions should be created.
Once the integration is complete, all credentials are encrypted and securely stored. They are never exposed in responses.
Once all fields are complete and verified, click Next to continue validating the integration with Wiz.
Step 3: Configure Integration Settings
Fine-tune how Wiz data is handled within OmniSec by adjusting the following settings:
Sync Frequency: Define how often OmniSec should fetch new data from Wiz.
Data Types to Collect:
Alerts: Security alerts and notifications generated by Wiz.
Configurations: Security configuration metadata, often referred to as "Configuration Findings" in Wiz's API
Security Data: General telemetry and insights, encompassing various data points collected by Wiz.
To continue, at least one data type must be selected. These selections determine what insights OmniSec will receive from Wiz, directly impacting the depth and accuracy of the compliance assessment.
For best results, it’s recommended to select all available data types.
Once configured, click Next to review and complete the setup.
Step 4: Review and Finish
Before completing the setup, review the integration configuration to ensure everything is correct:
Authentication Settings
Sync Configuration
Display Name
Sync Frequency
Data Collection
Confirm which data types will be collected from Wiz.
If everything looks good, click Finish to activate the integration.
Integration Status (Connection Validation)
After submitting, OmniSec will attempt to authenticate with the Wiz API and validate your settings.
If successful, a confirmation message will appear, and the integration will become active.
If there’s an issue (such as invalid credentials), a message will prompt for review and correction.
Once connected, data will begin syncing according to your selected preferences.
Below is an example of a successfully configured integration:
Monitoring and Managing the Integration
Once the integration is successfully validated, it will appear in the integrations list with a Completed status.
The Connect button has now been replaced by Manage, allowing full access to the integration settings anytime.
Clicking Manage opens the configuration pane. From there, it’s possible to:
View Overview: Check the integration type, status, last sync time, and creation date. You can also trigger a Fetch Now action to pull data immediately, regardless of the scheduled sync interval, or choose to delete the integration.
Edit Configuration: Update credentials, sync frequency, or other integration settings.
Explore Data: View an aggregated count of the logs collected from Wiz, organized by data type.
You're All Set
The Wiz integration is now active, and data is synced with OmniSec.
From here, the collected data will support real-time monitoring, compliance assessments, and security insights, powered by CYFOX’s generative AI engine.
For questions or support, please get in touch with the CYFOX team.