Skip to content

Wiz

The Wiz Integration enhances SailPoint Entro’s Non-Human Identity (NHI) visibility by incorporating Data Security Posture Management (DSPM) and vulnerability insights from Wiz. This integration provides unified visibility into sensitive data risks and the NHIs interacting with that data, enabling proactive mitigation of potential threats.


Management → Accounts & Integrations → Add New Account (top right) → Wiz


Purpose

By integrating Wiz with SailPoint Entro, joint customers gain:

  • Data classification and access visibility

  • NHI permission impact analysis

  • Contextual risk severity mapping across cloud assets

  • Unified detection and reporting on sensitive data interactions


Supported NHI Types

  • AWS Role

  • AWS IAM Access Key

  • GCP Service Account (coming soon)

  • Azure App Registration Client Secret

  • GitHub IAM User (coming soon)


Architecture

┌───────────────────────────────┐
│       Entro Security Cloud    │
│  (NHI & Secret Detection)     │
└──────────────┬────────────────┘
               │  HTTPS (TLS 1.2+)
┌───────────────────────────────┐
│          Wiz Platform         │
│ (DSPM, Findings, Reports)     │
└───────────────────────────────┘

Security Model

  • Communication secured via HTTPS/TLS 1.2+

  • Service Account credentials are AES-256 encrypted at rest within SailPoint Entro

  • Integration operates with read-only permissions (no data modification)

  • All Wiz tokens and secrets are managed by SailPoint Entro’s encrypted Worker Group


Integration Flow

  1. Create the Wiz Service Account

    Create a Wiz Service Account with the required permissions.

  2. Retrieve Credentials

    Retrieve the Client ID and Client Secret.

  3. Enter Credentials in SailPoint Entro

    Enter credentials in SailPoint Entro’s onboarding form.

  4. Validation & Import

    SailPoint Entro validates the connection and begins importing metadata for NHI data exposure visibility.