Set filtering for the Wiz Issues Integration

  • Release version: Xanadu
  • Updated December 5, 2025
  • 1 minute to read

    • Set the filtering values to import Wiz Issues that identify assets involved in toxic combinations of vulnerabilities and misconfigurations.

    Before you begin

    Role required: sn_vul_wiz.configure_integration

    Procedure

    1. Navigate to All > Wiz Vulnerability Integration > Administration > Configuration.
    2. Select the Issues Configuration tab.
    3. Fill in the fields.

      For some fields, you can specify multiple values. --None-- is the (default). If --None-- remains selected for a field, no data is imported for this field.

      If displayed select the lock icons (An closed padlock icon that indicates the field is locked and not editable.) and (An opened padlock icon that indicates the field is unlocked and editable.) to edit and lock your edits.

      Field Description
      Severity Filter by finding severity.
      • --None--
      • LOW
      • MEDIUM
      • HIGH
      • CRITICAL
      • INFORMATIONAL
      Project ID Import only findings for the given projects (strings).
      Issue type Issues by the rule type they are generated by.
      • CLOUD_CONFIGURATION
      • THREAT_DETECTION
      • TOXIC_COMBINATION
      Subscription ID Specify findings by entering a subscription ID. You can specify multiple values in an array.
      Cloud platform Configuration findings by Cloud platform. You can specify multiple values, for example, AWS, GitHub, Terraform, OpenAI, GKE, OKE, EKS, AKS.
      Framework Category Enter security frameworks, security subcategories, or security categories. You can specify multiple values.
      Native type Issues based on the native type of the cloud resource, for example, bucket.
      First Pagination. Enter a value. You might prefer to start with 1000.
      Status Filter by status:
      • --None--
      • OPEN
      • IN PROGRESS
      • RESOLVED
      Fetch rejected findings

      Select this check box if you want to import Cloud test results in a failed state (rejected) from Wiz.

      Note:
      These findings are mapped to CTRs and labeled with Wiz Issues as the source to help you track them.
      If not selected, failed test results reported by Wiz are not imported.

      If imported, these test results remain in a failed state but are not rolled up to Configuration Compliance findings.
      Close rejected findings Select this check box if you want to import failed Cloud test results reported by Wiz and automatically close them after import.

      If not selected, these test results remain in a failed state but are neither closed nor rolled up to Configuration Compliance findings.
    4. Select Save and test.
      If the credentials have been saved and validated successfully a message is displayed. You can select filtering for another integration import.