Skip to main content

Overview

Wiz is a cloud security platform that provides comprehensive vulnerability scanning across your software supply chain, including source code dependencies and container images. This integration connects Backline with Wiz to automatically import vulnerability findings, enabling centralized remediation workflows.

What You Can Do

With the Wiz integration, Backline can:
  • Automatically import SCA vulnerabilities detected in source code repository dependencies
  • Automatically import container image vulnerabilities detected in your container images
  • Track vulnerabilities detected across your repositories and container images
  • Create remediation workflows for imported vulnerabilities
  • Maintain vulnerability detection timestamps from Wiz
  • Centralize security vulnerabilities from multiple scanners in one place

Prerequisites

Before connecting Wiz, ensure you have:
  • A Wiz account with Project Admin role
  • Access to the Integration Hub in Backline
  • A connected source control management (SCM) integration in Backline (e.g., GitHub, GitLab) for SCA findings

Getting Your API Endpoint URL

1

Log in to Wiz

Access your Wiz portal and log in with your credentials.
2

Open User Settings

Click the User Profile icon in the top-right corner, then select User Settings.
3

Navigate to Tenant Info

Click Tenant from the left menu options.
4

Copy the API Endpoint URL

Copy the API Endpoint URL displayed on the screen. It will look like https://api.<region>.app.wiz.io/.

Creating a Service Account

Wiz requires a dedicated service account to authenticate API requests. You must have the Project Admin role to create one.
1

Navigate to Service Accounts

Click the Settings icon in the top-right corner, then select Service Accounts from the left menu.
2

Add a Service Account

Click Add Service Account.
3

Configure the Service Account

Fill in the form:
  • Name: Enter a descriptive name (e.g., Backline Integration)
  • Type: Select Custom Integration (GraphQL API)
  • API Scopes: Enable Read vulnerabilities
4

Save and Copy Credentials

Click Add Service Account. On the confirmation screen, copy the Client ID and Client Secret and store them securely.
Store your Client ID and Client Secret securely. The Client Secret will only be shown once during creation.

Connecting Wiz

1

Navigate to Integrations

In Backline, go to the Integration Hub from the main menu.
2

Select Wiz

Find and click on the Wiz integration card.
3

Enter Connection Details

In the connection form, enter:
  • API Endpoint URL: The endpoint URL copied from your Wiz Tenant Info (e.g., https://api.<region>.app.wiz.io/)
  • Client ID: The Client ID from your Wiz service account
  • Client Secret: The Client Secret from your Wiz service account
4

Configure Scan Options

Choose which vulnerability types Backline should import:
  • Scan SCA Vulnerabilities: Import vulnerabilities detected in source code repository dependencies (enabled by default)
  • Scan Container Image Vulnerabilities: Import vulnerabilities detected in container images (enabled by default)
5

Test Connection

Click Connect to verify your credentials. Backline will authenticate with Wiz and confirm the API endpoint is reachable.

Scan Options

Backline supports two types of findings from Wiz, which can be enabled or disabled independently:
OptionDefaultDescription
Scan SCA VulnerabilitiesEnabledImports vulnerabilities detected in source code repository dependencies
Scan Container Image VulnerabilitiesEnabledImports vulnerabilities detected in container images
Disabling an option reduces the volume of imported findings to only the relevant asset type.

How It Works

Once connected, Backline will:
  1. Fetch Vulnerabilities: Periodically query the Wiz API for open vulnerability findings
  2. Map to Repositories: Associate SCA & Container Image vulnerabilities with the correct repositories in your Backline workspace
  3. Track Detection Time: Preserve the original detection timestamp from Wiz

Scan Schedule

After connecting Wiz, Backline automatically schedules periodic scans to fetch new vulnerabilities. The scan runs every 6 hours to ensure your vulnerabilities stay up to date.
The initial scan begins shortly after the integration is connected. You can view imported findings in the Vulnerabilities section.

Managing the Integration

Viewing Connection Status

To check your Wiz connection:
  1. Open the Integration Hub
  2. Find the Wiz card
  3. A Configure button indicates the integration is connected

Reconnecting

If your credentials expire or need to be updated:
  1. Click Configure on the Wiz card
  2. Enter the new Client ID and Client Secret
  3. Click Connect to verify the new credentials

Troubleshooting

Connection Failed — Authentication Error

If Backline cannot authenticate with Wiz:
  • Verify your Client ID and Client Secret are correct
  • Confirm the service account has not been deleted or disabled in Wiz
  • Ensure the credentials were copied correctly (the Client Secret is only shown once)

Connection Failed — API Endpoint Error

If authentication succeeds but the API endpoint cannot be reached:
  • Check that the API Endpoint URL matches the value shown in your Wiz Tenant Info
  • Ensure the service account has the Read vulnerabilities API scope enabled
  • Verify the region in the URL is correct for your Wiz tenant

Missing Vulnerabilities

If expected vulnerabilities are not appearing:
  • Only findings with a CVE identifier are imported
  • For SCA findings, verify the relevant repositories are accessible to Backline via your connected SCM integration
  • Confirm the Scan SCA Vulnerabilities or Scan Container Image Vulnerabilities option is enabled for the finding type you expect
  • Check that the vulnerability status is Open in Wiz (closed or accepted findings are not imported)

SCA Findings Not Matched to Repositories

If SCA vulnerabilities are not appearing for certain repositories:
  • Backline filters SCA findings to repositories accessible via your connected SCM integration
  • Ensure the repository is connected and visible in Backline through your GitHub or GitLab integration