Wiz is a CSPM (Cloud Security Posture Management) platform that continuously detect and remediate misconfigurations from build time to runtime across your hybrid clouds.

Connect Wiz to Drata to monitor security risks in your cloud infrastructure and display the current posture as evidence for your compliance.

To connect Wiz to Drata, you must have a your Wiz Client ID, Client secret and Server URL. If you do not have these, create a Wiz service account.

To learn how to create a Wiz service account, go to Wiz’s Service Accounts. For the Wiz service account, select

On the ‘Connections’ page, select ‘Available connections’ and select the CSPM category or search for Wiz at the top search bar and select the ‘Connect’ button.

In the connection drawer, enter your Wiz Client ID, Client secret and Server URL.

If your connection fails to connect, you can try to reconnect with a new Service Account with only the read:issues permission.

After connecting Wiz to Drata, three (3) different Wiz issue risk categories is imported: Not encrypted in-transit, External exposure, and Excessive privileges.

Each of these risk categories has pre-set filters so that the correct risk category can match the Wiz issue and have the following optional filters that the admins can add. Admins can also modify the Wiz connection, like adding another risk category.

Learn more about the risk categories, how to enable them, and the corresponding monitoring test to satisfy for the DCFs (Drata Control Framework).

Admins must create Wiz connections with different types of risk categories for each workspace. For example, if an admin has already created a Wiz connection with ‘External exposure’ for Workspace1, you cannot create another Wiz connection on a different workspace with the same type of risk category. (View the error message in the following screenshot).

If you have multiple risk categories like "user with excessive admin privileges" and "external exposure", you can have another wiz connection in a different workspace with only "external exposure".

Test ID: 210

Test name: Encryption in transit

Test description: Drata collects data from your cloud security posture management (CSPM) software to determine if there are active issues related to data not being encrypted while in transit.

Test logic (pass or fail): If one or more issues exist, the test fails. Otherwise it passes.

DCFs : DCF-55

Test ID: 208

Test name: Excessive privileges assigned

Test description: Drata collects data from your cloud security posture management (CSPM) software to determine if there are active issues related to accounts with excessive administrative privileges.

Test logic (pass or fail): If one or more issues exist, the test fails. Otherwise it passes.

DCFs: DCF-59, DCF-326

Test ID: 209

Test name: External exposure for cloud resources

Test description: Drata collects data from your cloud security posture management (CSPM) software to determine if there are active issues related to external exposure of cloud resources.

Test logic (pass or fail): If one or more issues exist, the test fails. Otherwise it passes.

DCFs: DCF-85, DCF-218, DCF-75

The 3 tests, 210, 208, and 209, has a default ‘unused’ state until a Wiz connection is created with the related risk category.

Note: Wiz issues are imported into Drata once every 24 hours as part of the auto-pilot sync.

After Wiz connection is set up, the Auto-pilot syncs. Drata can import up to 200 Wiz issues for each configured risk category. The corresponding tests are triggered and can pass if no issues were detected, otherwise will fail. If the test fails, the test drawer displays the list of Wiz issues (as shown in the following image).

Admins are able to exclude and re-include Wiz issues in the test drawer on the Monitoring page.

You can delete the Wiz connection by going to the Connection page and selecting the trash icon on the drawer for the Wiz connection. All of the corresponding test for the Wiz connection will have an ‘Unused’ state for that workspace.