Skip to main content

Wiz OAuth Credentials

Description

General

  • Documentation: https://www.wiz.io/platform/wiz-cloud
  • Summary: Wiz is a cloud security platform. Programmatic access to the Wiz API uses OAuth 2.0 client credentials: a service account Client ID and Client Secret are exchanged for an access token at the Wiz token endpoint. This detector aims to detect those OAuth credentials.

Revoke the secret

  1. In the Wiz portal, go to Settings > Access Management > Service Accounts.
  2. Deactivate or delete the compromised service account.
  3. Update the integration that used the credentials.

Details for Wiz OAuth Credentials

  • Family: token

  • Category: other

  • Company: Wiz

  • High recall: False

  • Validity check available: True

  • Analyzer available: False

  • Revoker available: False

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Occurrences found for one million commits: 0.07

  • Prefixed: False

Last updated on

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status