search
Sprinto DashboardAPI Reference

Wiz CSPM Integration (CSPM Ingestion)

Connect Wiz CSPM with Sprinto to ingest cloud security findings, reports, and vulnerabilities using OAuth client credentials and automate continuous security monitoring.

The Wiz CSPM integration enables Sprinto to ingest cloud security posture data directly from Wiz using OAuth 2.0 client credentials.

Once connected, Sprinto can:

  • Pull vulnerabilities and security findings from Wiz.

  • Create and retrieve reports using the Wiz GraphQL API.

  • Sync issues into Sprinto for compliance tracking.

  • Trigger programmable monitors for high-severity findings.

This integration uses the Wiz GraphQL API and requires a service account with appropriate scopes.

hashtag
Available Automation Capabilities

After configuration, Sprinto can:

  • Fetch security issues and findings.

  • Retrieve vulnerability data.

  • Create and access reports via Wiz GraphQL API.

  • Continuously ingest CSPM data for monitoring.

hashtag
Before You Begin

Ensure the following prerequisites are met:

  • You are logged in to the Sprinto Admin Portal.

  • You have administrator access to your Wiz tenant.

  • You can create Service Accounts in Wiz.

  • You have access to Sprinto’s Integrations or Credentials Manager section.

hashtag
Step 1: Generate Wiz OAuth Client Credentials

To connect Wiz with Sprinto, you must first create a Service Account in Wiz.

hashtag
Create a Service Account in Wiz

  1. Log in to your Wiz portal.

  2. Navigate to:

    • Settings > Access Management > Service Accounts (Alternatively: User Settings > Integrations, depending on your Wiz setup.)

  3. Click Add Service Account.

  4. Provide a name (for example: Sprinto CSPM Integration).

  5. Assign the required scopes.

hashtag
Required Scopes

At a minimum, include:

  • read:issues

  • read:vulnerabilities

  • read:reports

  • create:reports

These permissions allow Sprinto to:

  • Fetch issues and vulnerability data.

  • Generate and retrieve reports via the GraphQL API.

  1. Click Add Service Account.

Immediately copy and securely store:

  • Client ID

  • Client Secret (shown only once)

hashtag
Note the Wiz API Endpoint

Also note your Wiz API endpoint URL.

For example: https://api.us.app.wiz.io/graphql

Your endpoint may differ based on region. You can confirm this under Tenant Info or User Settings in Wiz.

hashtag
Step 2: Add Credentials in Sprinto

After generating the credentials in Wiz:

  1. Log in to Sprinto.

  2. Navigate to the Wiz CSPM integration section (or Credentials Manager).

  3. Select OAuth2 Client Credentials as the credential type.

  4. Enter:

    • Client ID

    • Client Secret

  5. If prompted, enter the API Endpoint URL (This is often pre-filled with the default regional endpoint.)

  6. Save the credential.

The credential status should display as Active.

hashtag
Step 3: Use the Wiz CSPM Ingestion Template

Once credentials are active:

  1. Navigate to Automation / Ingestion Plans / Templates in Sprinto.

  2. Select or create the Wiz CSPM ingestion plan.

  3. Attach the OAuth credential created earlier.

The ingestion template will:

  • Create reports via the Wiz GraphQL API.

  • Pull security findings into Sprinto.

  • Sync vulnerabilities and issues.

  1. Run or test the ingestion plan to verify successful data ingestion.

hashtag
Post-Connection Flow

After data ingestion begins:

  • Security findings from Wiz will start appearing in Sprinto.

  • You can configure Programmable Monitors to:

    • Alert on high-severity issues.

    • Track compliance violations.

    • Monitor specific risk categories.

This enables continuous cloud security monitoring directly within Sprinto.

hashtag
Required Permissions

To successfully connect Wiz CSPM with Sprinto:

hashtag
Minimum Role Requirement

  • A user capable of creating Service Accounts in Wiz.

hashtag
Required Scopes

  • read:issues

  • read:vulnerabilities

  • read:reports

  • create:reports

Ensure the Service Account is configured with these scopes before generating credentials.

hashtag
Troubleshooting

hashtag
Credential shows as inactive in Sprinto

  • Verify that the Client ID and Client Secret were copied correctly.

  • Confirm that the secret was not regenerated after initial creation.

  • Ensure the correct regional API endpoint is used.

hashtag
No findings appear after ingestion

  • Confirm the ingestion plan is attached to an active credential.

  • Verify the Service Account has all required scopes.

  • Run a manual test of the ingestion plan.

hashtag
API authentication errors

  • Confirm that the endpoint matches your Wiz region.

  • Regenerate the Client Secret if needed and reattach it in Sprinto.

PreviousCyberark IntegrationNextZscaler Integration

Last updated