Posted
We’re excited to announce a new release that integrates Wiz Cloud Security Vulnerability Findings to ThreatConnect! This new capability will help customers prioritize vulnerabilities based on assets under the purview of Wiz Cloud Security. The combination of Wiz Cloud Security visibility and the vulnerability data across the numerous sources effectively improves the overall security posture of our customers.
Stop Drowning in Vulnerability Noise
Your security team likely faces thousands of vulnerabilities daily. This integration solves a critical problem: knowing which vulnerabilities actually matter to YOUR cloud environment right now.
This integration directly addresses the need to highlight vulnerabilities based on aggregated Wiz issue findings. By aggregating these issues findings and overlapping them with our vulnerability data, the customer Threat Intelligence (TI) team will be able to prioritize their efforts more efficiently.
Instead of treating all vulnerabilities equally you’ll instantly see which ones affect your actual cloud assets, so your team stops wasting time on theoretical risks and focuses on real exposures in your environment.
We’ve focused on providing key data points that matter most, including:
Correlated Vulnerability Data
We’ve established a one-to-one relationship between a Wiz Vulnerability-Finding and a ThreatConnect Case. You will have a single TC Case for each vulnerability, which will include details such as the CVE (Common Vulnerabilities and Exposures) to leverage the broad set of Vulnerability data across the sources ThreatConnect has access to.
What this means for you:
- A single source of truth – No jumping between Wiz and ThreatConnect trying to connect the dots
- Enriched threat intelligence with all the context you need
Aggregated Severity Metrics: Each TC Case will now include aggregated metrics based on Wiz’s issue severity counts (critical, high, medium, low, and informational). These metrics will include the sum of total issues, the maximum count for each severity, and the average count per severity.
What this means for you:
- Actionable intelligence at a glance
- Faster, smarter prioritization through quick understanding of the scope of a vulnerability
- Understanding the blast radius – how many assets are affected and how severely
Direct Links to Wiz: The TC Case will contain “Source URL” attributes, with each one linking back to the specific finding within the Wiz UI.
What this means for you:
- A clear and direct path to investigate the details of each vulnerability finding
The Bottom Line
- Reduced Risk: Patch what matters first, based on real-world exposure in your cloud environment
- Time Savings: Your security analysts spend less time correlating data and more time fixing problems
- Better Resource Allocation: Leverage data about vulnerability trends and severity patterns to make informed staffing and tooling decisions
- Compliance & Reporting: Demonstrate that you’re prioritizing vulnerabilities based on actual risk, not just CVSS scores
This isn’t just another integration—it’s about transforming vulnerability management from a reactive checklist into a strategic, risk-based security operation.
It coincides well with the release of ThreatConnect 7.11, which introduces Threat Actor Profiles and Actionable Search v3 to help our customers streamline the vulnerability management process, making it easier to identify, prioritize, and remediate security risks – representing significant step forward in enhancing our customers’ security operations.
You can find the documentation in our public knowledge base.
