Understanding the Wiz Vulnerability Response Integration

  • Release version: Zurich
  • Updated April 7, 2026
  • 4 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Understanding the Wiz Vulnerability Response Integration

    The Wiz Vulnerability Response Integration enables ServiceNow® AI Platform customers to import comprehensive vulnerability and compliance data from Wiz scanners. This integration helps you gain deeper insights into your cloud infrastructure risks, providing a holistic view of your cloud security posture. It supports direct remediation actions within your ServiceNow instance, enhancing your ability to manage and mitigate cloud security threats effectively.

    Show full answer Show less

    Key Features

    • Multiple Integrations: The integration package includes modules for importing asset, vulnerability, compliance, container, application, and secret findings data from Wiz, covering a broad spectrum of cloud security aspects.
    • Asset and Vulnerability Data Import: Import cloud asset information and evaluate vulnerabilities on hosts and containers. Findings are mapped to Vulnerable Items (VITs and CVITs) and Configuration Test Results (CTRs) for streamlined remediation workflows.
    • Compliance and Issue Tracking: Import configuration compliance test results and Wiz Issues to detect non-compliant settings and complex vulnerability combinations, supporting enforcement of security policies and risk prioritization.
    • Backfill Integrations: Specific backfill integrations retrieve missing data that primary integrations may not capture, ensuring completeness of your vulnerability and compliance data. Note that after upgrading to version 1.1, some backfill integrations are deprecated and no longer required.
    • Configurable Resource Type Imports: You can specify which Wiz resource types (assets) to import through the Wiz Vulnerability Integration Configuration module.

    Benefits and Users

    • Vulnerability Managers and Analysts: Gain detailed vulnerability and compliance insights for hosts, containers, applications, and cloud assets to prioritize and manage remediation tasks.
    • Cloud Security and Access Management Teams: Obtain a clear view of cloud asset security posture, including secrets management, enabling targeted security improvements.
    • Software Asset Managers: Track application and software composition analysis (SCA) findings to maintain software integrity and compliance.
    • Remediation Owners: Use integrated workflows across Vulnerability Response, Container Vulnerability Response, and Configuration Compliance applications to apply corrective actions efficiently.

    Upgrade and Configuration Notes

    • Starting with version 1.1, the Missing Assets [snvulwizmissingasset] table is deprecated. After upgrading, you must backdate and rerun your primary integrations by three days to maintain data consistency.
    • Activation of the Wiz Asset Integration is optional and no longer required to precede other integrations.
    • Backfill integrations related to host vulnerabilities and test results are deprecated post version 1.1 and should not be scheduled after upgrading.

    Next Steps for ServiceNow Customers

    To fully leverage the Wiz Vulnerability Response Integration, customers should:

    • Activate the Wiz Vulnerability Response Integration application in their ServiceNow AI Platform instance.
    • Configure integration settings, including specifying resource types and setting appropriate filtering for host vulnerabilities, container vulnerabilities, test results, and issues.
    • Review and apply field mappings to ensure imported data aligns with your workflows.
    • Utilize remediation workflows in Vulnerability Response, Container Vulnerability Response, and Configuration Compliance applications to address identified risks.

    Import vulnerability and compliance data from Wiz scanners into your ServiceNow® AI Platform instance to help you get deeper insights into your cloud infrastructure risks. These integrations provide you with a comprehensive assessment of your overall cloud security posture and help you drive remediation actions directly from your instance.

    Integrations included with the Vulnerability Response Integration with Wiz

    The Vulnerability Response Integration with Wiz includes the following integrations that import your asset, vulnerability, compliance, container, application, and secrets (passwords, tokens and keys) data:

    • Wiz Asset Integration
    • Wiz Container Vulnerability Response Integration
    • Wiz Host Test Results Integration
    • Wiz Host Vulnerability Integration
    • Wiz Configuration Compliance (test results) Integration and Issues integration
    • Wiz Application List Integration
    • Wiz SCA Findings Integration
    • Wiz Secret Findings Integration

    Please review more information about the Wiz integration at SecOps articles on the Security Operations Community.

    Starting with v1.1, the Missing Assets [sn_vul_wiz_missing_asset] table for storing assets from the backfill integrations is deprecated. After upgrading to version 1.1, you must backdate your primary Wiz integrations by three days and run them.

    Note:

    After you upgrade to v1.1, the following backfill integrations are no longer required:

    • Host Vulnerability Backfill Integration
    • Test Results Backfill Integration
    • Host Test Results Backfill Integration
    • Issues Backfill Integration
    Note:
    The Wiz Asset and Container Vulnerability Integrations don't have backfill integrations. See Wiz Backfill Integrations for more information.

    You identify the specific Resource Types (assets) that you want to import on the Wiz Vulnerability Integration Configuration module in your ServiceNow AI Platform instance.

    Benefits and users for the integrations

    Benefit Wiz Integration Users
    Import application, Software Composition Analysis (SCA), findings, Secrets findings (passwords, tokens and keys).
    • Wiz Application List Integration
    • Wiz SCA Findings Integration
    • Wiz Secret Findings Integration
    		 Vulnerability managers and analysts, Software asset managers and teams, Cloud security and Access Management admins and teams
    Import data about your cloud assets reported by the Wiz scanner. Create and update discovered item records for cloud assets in your ServiceNow AI Platform instance.
    Note:
    Activating the Wiz Asset Integration is optional. You are no longer required to schedule or run it so it runs before the other integrations.
    		 Wiz Asset Integration Vulnerability managers, analysts, and Cloud security teams
    Import and evaluate early detections vulnerabilities on running hosts.

    The host vulnerability integration imports findings related to virtual machines and serverless assets in your cloud environment. These findings are mapped to Host Vulnerable Items (VITs) within the Vulnerability Response application to support remediation workflows.

    		 Wiz Host Vulnerability Integration. Vulnerability managers, analysts, and Cloud security teams
    Import test results associated with the resource type, VIRTUAL MACHINE. Wiz Host Test Result Integration Vulnerability managers, analysts, and Cloud security teams
    Import and evaluate container image vulnerability data for vulnerable and non-compliant assets in your cloud infrastructure.

    Findings are mapped to container vulnerable items (CVITs) to support triage, risk prioritization, and targeted remediation workflows for container-based workloads.

    		 Wiz Container Vulnerability Integration. Vulnerability managers, analysts, and Cloud security teams
    Import and evaluate configuration test results from Wiz to detect non-compliant cloud configurations.

    Findings are mapped to cloud test results (CTRs) in the Configuration Compliance application to help you enforce security policies and standards across your cloud environment.

    		 Wiz Configuration Compliance Integration (Wiz Test Results). Vulnerability managers, analysts, and Cloud security teams
    Import Wiz Issues that identify assets involved in toxic combinations of vulnerabilities and misconfigurations.

    These findings are mapped to CTRs and labeled with Wiz Issues as the source to help you track and remediate assets that might pose complex, multi-vector risks.

    		 Wiz Issues Integration. Vulnerability managers, analysts, and Cloud security teams
    Note:
    Starting with v1.1, the Missing Assets [sn_vul_wiz_missing_asset] table for storing assets is deprecated. After upgrading to version 1.1, you must backdate and run your primary integrations by three days. See Backfill integrations and upgrading to version 1.1 for more information.
    The Wiz Backfill integrations retrieve and process data for missing assets that were not processed by the primary vulnerability and compliance integrations.    		 Wiz Backfill integrations:
    • Host Vulnerability Backfill Integration
    • Test Results Backfill Integration
    • Host Test Results Backfill Integration
    • Issues Backfill Integration
    		 Vulnerability admins
    Apply remediation steps across host vulnerable items (VITs), container vulnerable items (CVTs), cloud test results (CTRs) and CTRs labeled Wiz Issues. Vulnerability Response, Container Vulnerability Response, and the Configuration Compliance applications. Remediation owners

    What to explore next

    For more information about installing, configuring, and viewing imported data with the Wiz Vulnerability Response Integration, see: