Skip to main content

Overview

The Wiz exposure integration pulls network exposure and cloud configuration data from Wiz into ZeroPath. This allows you to see which of your applications are internet-exposed and automatically adjust security policies based on exposure status.

What You Get

Exposure Data in ZeroPath

Once configured, ZeroPath displays Wiz exposure information directly in your dashboard:
  • Explorer Tab: View internet exposure and network configuration data from Wiz alongside your ZeroPath findings
  • Application Tab: See which applications have internet exposure based on Wiz’s network exposure analysis
This allows you to correlate ZeroPath’s security findings with real-world exposure data from Wiz, giving you a complete picture of risk within the ZeroPath dashboard.

Dynamic Tagging Based on Exposure

The integration includes powerful dynamic tagging capabilities that automatically assign repo context and natural language rules based on internet exposure.

Setting Up Dynamic Tags

  1. Navigate to https://zeropath.com/app/settings/tags
  2. Click Create New Tag
  3. Set the Internet Exposure dynamic trigger
  4. Assign the tag to your desired:
    • Repo contexts
    • Natural language rules
You don’t need to specify a repository when creating the tag. The repository will be detected automatically based on exposure data.

How It Works

When you enable dynamic tagging with the Internet Exposure trigger:
  1. ZeroPath analyzes exposure data from Wiz
  2. Tags are automatically applied to repositories and resources based on their internet exposure status
  3. Associated repo contexts and natural language rules are applied automatically
  4. Your security policies adapt dynamically as exposure changes
This automation ensures that your most exposed assets receive the appropriate security scrutiny without manual intervention.

Required Permissions

For exposure information, your Wiz API credentials need: 
read:resources
read:projects
read:network_exposure
read:cloud_configuration
These permissions allow ZeroPath to:
  • Read exposure and configuration data from Wiz
  • Detect and map repositories
  • Sync exposure status for dynamic tagging

Troubleshooting

Exposure Data Not Syncing

  • Check API permissions: Ensure your Wiz API credentials have the read:network_exposure and read:cloud_configuration permissions
  • Review integration status: Check the integration status in ZeroPath settings to ensure the connection is active
  • Verify Wiz data: Confirm that the exposure data exists in your Wiz account

Dynamic Tags Not Applying

  • Confirm exposure data sync: Verify that exposure information is being synced from Wiz
  • Check tag configuration: Ensure the Internet Exposure trigger is properly configured in your tag settings
  • Review repo detection: Tags should auto-detect repositories; if not working, check that the integration has read:resources and read:projects permissions

Support

If you have questions or run into any issues, please reach out to: