Wiz - 'main' Branch Scan Overview

by ADMIN 34 views

Configured Wiz Branch Policies

Wiz provides a comprehensive set of branch policies to ensure that your codebase is secure and compliant with industry standards. The following policies are configured for the 'main' branch:

  • Default Vulnerabilities Policy: This policy scans for known vulnerabilities in your codebase and provides recommendations for remediation.
  • Secrets Default Policy: This policy scans for secrets and sensitive data in your codebase and provides recommendations for remediation.
  • at-default-only-code: This policy scans for IaC misconfigurations in your codebase and provides recommendations for remediation.
  • karin-test-data-code: This policy scans for sensitive data in your codebase and provides recommendations for remediation.
  • karin-test-data-code-1: This policy scans for sensitive data in your codebase and provides recommendations for remediation.

Wiz Scan Summary

The following table provides a summary of the scan results for the 'main' branch:

Scanner Findings
Vulnerabilities 7 Critical 48 High 67 Medium 8 Low
Sensitive Data 3 Critical 2 Medium 3 Info
Secrets 8 High
IaC Misconfigurations 3 High 20 Medium 23 Low 2 Info
Total 10 Critical 59 High 89 Medium 31 <

What is a Wiz Branch Scan?

A Wiz branch scan is a comprehensive security scan that checks for vulnerabilities, sensitive data, secrets, and IaC misconfigurations in your codebase. The scan is performed on a specific branch of your codebase, in this case, the 'main' branch.

What are the different types of findings in a Wiz branch scan?

A Wiz branch scan can produce the following types of findings:

  • Vulnerabilities: Known vulnerabilities in your codebase that can be exploited by attackers.
  • Sensitive Data: Sensitive data such as passwords, API keys, and credit card numbers that are stored in your codebase.
  • Secrets: Secrets such as API keys, access tokens, and encryption keys that are used in your codebase.
  • IaC Misconfigurations: Misconfigurations in your infrastructure as code (IaC) that can lead to security vulnerabilities.

What are the different severity levels of findings in a Wiz branch scan?

Findings in a Wiz branch scan can have the following severity levels:

  • Critical: Findings that can lead to a complete compromise of your codebase or infrastructure.
  • High: Findings that can lead to a significant compromise of your codebase or infrastructure.
  • Medium: Findings that can lead to a moderate compromise of your codebase or infrastructure.
  • Low: Findings that can lead to a minor compromise of your codebase or infrastructure.
  • Info: Findings that are informational only and do not pose a security risk.

How do I remediate findings in a Wiz branch scan?

To remediate findings in a Wiz branch scan, you can follow these steps:

  1. Review the findings in the Wiz dashboard to understand the severity and impact of each finding.
  2. Prioritize the findings based on their severity and impact.
  3. Remediate the findings by updating your codebase or infrastructure to fix the vulnerabilities or misconfigurations.
  4. Verify that the findings have been remediated by re-running the Wiz branch scan.

Can I customize the Wiz branch scan to meet my specific needs?

Yes, you can customize the Wiz branch scan to meet your specific needs. You can configure the scan to include or exclude specific types of findings, and you can also customize the severity levels of the findings.

How often should I run a Wiz branch scan?

You should run a Wiz branch scan as frequently as possible to ensure that your codebase and infrastructure are secure and compliant with industry standards. The frequency of the scan will depend on your specific needs and the rate of change in your codebase and infrastructure.

What are the benefits of using Wiz for branch scanning?

The benefits of using Wiz for branch scanning include:

  • Improved security: Wiz helps you identify and remediate security vulnerabilities and misconfigurations in your codebase and infrastructure.
  • Compliance: Wiz helps you ensure that your codebase and infrastructure are compliant with industry standards and regulations.
  • Reduced risk: Wiz helps you reduce the risk of security breaches and data losses by identifying and remediating vulnerabilities and misconfigurations.
  • Increased efficiency: Wiz helps you automate the process of branch scanning and remediation, reducing the time effort required to maintain a secure and compliant codebase and infrastructure.