Wiz
The Wiz Integration enhances SailPoint Entro’s Non-Human Identity (NHI) visibility by incorporating Data Security Posture Management (DSPM) and vulnerability insights from Wiz. This integration provides unified visibility into sensitive data risks and the NHIs interacting with that data, enabling proactive mitigation of potential threats.
Navigation Path
Management → Accounts & Integrations → Add New Account (top right) → Wiz
Purpose
By integrating Wiz with SailPoint Entro, joint customers gain:
-
Data classification and access visibility
-
NHI permission impact analysis
-
Contextual risk severity mapping across cloud assets
-
Unified detection and reporting on sensitive data interactions
Supported NHI Types
-
AWS Role
-
AWS IAM Access Key
-
GCP Service Account (coming soon)
-
Azure App Registration Client Secret
-
GitHub IAM User (coming soon)
Architecture
┌───────────────────────────────┐
│ Entro Security Cloud │
│ (NHI & Secret Detection) │
└──────────────┬────────────────┘
│ HTTPS (TLS 1.2+)
▼
┌───────────────────────────────┐
│ Wiz Platform │
│ (DSPM, Findings, Reports) │
└───────────────────────────────┘
Security Model
-
Communication secured via HTTPS/TLS 1.2+
-
Service Account credentials are AES-256 encrypted at rest within SailPoint Entro
-
Integration operates with read-only permissions (no data modification)
-
All Wiz tokens and secrets are managed by SailPoint Entro’s encrypted Worker Group
Integration Flow
-
Create the Wiz Service Account
Create a Wiz Service Account with the required permissions.
-
Retrieve Credentials
Retrieve the Client ID and Client Secret.
-
Enter Credentials in SailPoint Entro
Enter credentials in SailPoint Entro’s onboarding form.
-
Validation & Import
SailPoint Entro validates the connection and begins importing metadata for NHI data exposure visibility.