Understanding the Wiz Vulnerability Response Integration

  • Release version: Australia
  • Updated March 13, 2026
  • 4 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Understanding the Wiz Vulnerability Response Integration

    The Wiz Vulnerability Response Integration enables ServiceNow® AI Platform customers to import vulnerability and compliance data from Wiz scanners. This integration provides a comprehensive assessment of cloud infrastructure risks, helping teams gain deeper insights into their security posture and facilitating direct remediation actions within the ServiceNow instance.

    Show full answer Show less

    The integration supports multiple data types including assets, vulnerabilities, compliance results, container data, applications, and secrets such as passwords and keys.

    Key Features

    • Multiple Integrations Included: The package includes integrations for Wiz Asset, Container Vulnerabilities, Host Vulnerabilities, Host Test Results, Configuration Compliance, Application Lists, SCA Findings, and Secret Findings.
    • Resource Type Selection: Customers can specify which resource types (assets) to import via the Wiz Vulnerability Integration Configuration module in their ServiceNow AI Platform instance.
    • Backfill Integrations and Upgrade Notes: Starting with version 1.1, the Missing Assets table is deprecated. Customers must backdate and run primary integrations by three days post-upgrade. Several backfill integrations are no longer required in v1.1, simplifying maintenance.
    • Filtering Capabilities: Filtering options are available for each integration type to tailor data imports according to organizational needs.

    Benefits and Users

    • Wiz Application, SCA, and Secret Findings Integrations: Serve vulnerability managers, software asset managers, cloud security, and access management teams by importing application and secrets data.
    • Wiz Asset Integration: Optional activation allows importing and updating cloud asset records, aiding vulnerability managers and cloud security teams in asset management.
    • Host and Container Vulnerability Integrations: Import early detection vulnerabilities and container image vulnerabilities, mapped to Vulnerable Items (VITs) and Container Vulnerable Items (CVITs) respectively for focused remediation workflows.
    • Configuration Compliance and Issues Integrations: Import non-compliant cloud configuration data and complex multi-vector risk issues, mapped to Cloud Test Results (CTRs) to enforce security policies and track remediation.
    • Backfill Integrations: Retrieve and process data for missing assets previously unprocessed by primary integrations, aiding vulnerability administrators in maintaining complete data sets.
    • Remediation Support: Enables remediation owners to apply fixes across various vulnerability and compliance records directly within ServiceNow applications including Vulnerability Response, Container Vulnerability Response, and Configuration Compliance.

    Next Steps

    ServiceNow customers should explore detailed guides to:

    • Activate and configure the Wiz Vulnerability Response Integration and related asset integrations.
    • Set appropriate filters for host vulnerabilities, container vulnerabilities, test results, and issues integrations to tailor data imports.
    • Understand and apply backfill integration processes for comprehensive data coverage post-upgrade.
    • Review field mappings to ensure imported data aligns correctly with ServiceNow records.

    Import vulnerability and compliance data from Wiz scanners into your ServiceNow® AI Platform instance to help you get deeper insights into your cloud infrastructure risks. These integrations provide you with a comprehensive assessment of your overall cloud security posture and help you drive remediation actions directly from your instance.

    Integrations included with the Vulnerability Response Integration with Wiz

    The Vulnerability Response Integration with Wiz includes the following integrations that import your asset, vulnerability, compliance, container, application, and secrets (passwords, tokens and keys) data:

    • Wiz Asset Integration
    • Wiz Container Vulnerability Response Integration
    • Wiz Host Test Results Integration
    • Wiz Host Vulnerability Integration
    • Wiz Configuration Compliance (test results) Integration and Issues integration
    • Wiz Application List Integration
    • Wiz SCA Findings Integration
    • Wiz Secret Findings Integration

    Please review more information about the Wiz integration at SecOps articles on the Security Operations Community.

    Starting with v1.1, the Missing Assets [sn_vul_wiz_missing_asset] table for storing assets from the backfill integrations is deprecated. After upgrading to version 1.1, you must backdate your primary Wiz integrations by three days and run them.

    Note:

    After you upgrade to v1.1, the following backfill integrations are no longer required:

    • Host Vulnerability Backfill Integration
    • Test Results Backfill Integration
    • Host Test Results Backfill Integration
    • Issues Backfill Integration
    Note:
    The Wiz Asset and Container Vulnerability Integrations don't have backfill integrations. See Wiz Backfill Integrations for more information.

    You identify the specific Resource Types (assets) that you want to import on the Wiz Vulnerability Integration Configuration module in your ServiceNow AI Platform instance.

    Benefits and users for the integrations

    Benefit Wiz Integration Users
    Import application, Software Composition Analysis (SCA), findings, Secrets findings (passwords, tokens and keys).
    • Wiz Application List Integration
    • Wiz SCA Findings Integration
    • Wiz Secret Findings Integration
    		 Vulnerability managers and analysts, Software asset managers and teams, Cloud security and Access Management admins and teams
    Import data about your cloud assets reported by the Wiz scanner. Create and update discovered item records for cloud assets in your ServiceNow AI Platform instance.
    Note:
    Activating the Wiz Asset Integration is optional. You are no longer required to schedule or run it so it runs before the other integrations.
    		 Wiz Asset Integration Vulnerability managers, analysts, and Cloud security teams
    Import and evaluate early detections vulnerabilities on running hosts.

    The host vulnerability integration imports findings related to virtual machines and serverless assets in your cloud environment. These findings are mapped to Host Vulnerable Items (VITs) within the Vulnerability Response application to support remediation workflows.

    		 Wiz Host Vulnerability Integration. Vulnerability managers, analysts, and Cloud security teams
    Import test results associated with the resource type, VIRTUAL MACHINE. Wiz Host Test Result Integration Vulnerability managers, analysts, and Cloud security teams
    Import and evaluate container image vulnerability data for vulnerable and non-compliant assets in your cloud infrastructure.

    Findings are mapped to container vulnerable items (CVITs) to support triage, risk prioritization, and targeted remediation workflows for container-based workloads.

    		 Wiz Container Vulnerability Integration. Vulnerability managers, analysts, and Cloud security teams
    Import and evaluate configuration test results from Wiz to detect non-compliant cloud configurations.

    Findings are mapped to cloud test results (CTRs) in the Configuration Compliance application to help you enforce security policies and standards across your cloud environment.

    		 Wiz Configuration Compliance Integration (Wiz Test Results). Vulnerability managers, analysts, and Cloud security teams
    Import Wiz Issues that identify assets involved in toxic combinations of vulnerabilities and misconfigurations.

    These findings are mapped to CTRs and labeled with Wiz Issues as the source to help you track and remediate assets that might pose complex, multi-vector risks.

    		 Wiz Issues Integration. Vulnerability managers, analysts, and Cloud security teams
    Note:
    Starting with v1.1, the Missing Assets [sn_vul_wiz_missing_asset] table for storing assets is deprecated. After upgrading to version 1.1, you must backdate and run your primary integrations by three days. See Backfill integrations and upgrading to version 1.1 for more information.
    The Wiz Backfill integrations retrieve and process data for missing assets that were not processed by the primary vulnerability and compliance integrations.    		 Wiz Backfill integrations:
    • Host Vulnerability Backfill Integration
    • Test Results Backfill Integration
    • Host Test Results Backfill Integration
    • Issues Backfill Integration
    		 Vulnerability admins
    Apply remediation steps across host vulnerable items (VITs), container vulnerable items (CVTs), cloud test results (CTRs) and CTRs labeled Wiz Issues. Vulnerability Response, Container Vulnerability Response, and the Configuration Compliance applications. Remediation owners

    What to explore next

    For more information about installing, configuring, and viewing imported data with the Wiz Vulnerability Response Integration, see: