Integrate Mend Results into Wiz

Overview

Mend.io is integrated with Wiz, enabling security teams to correlate static code vulnerabilities with real-time cloud context. By combining Mend’s deep static analysis with Wiz’s runtime visibility, teams can identify which issues are actually exploitable in production environments, streamlining prioritization and focusing remediation on the most critical risks.

Getting it done

Prerequisites

• A Mend account with read access to your organization's Mend projects and findings.

• An active Wiz account with the required API access to accept third-party vulnerability data.

Notes:

1. This is a one-way integration. Data flows from Mend SAST → Wiz only. Ignoring in Wiz will not trigger suppression in Mend.

2. Results may take up to one hour to appear in Wiz after the initial sync.

Connect Mend with the Wiz credentials

1. Navigate to https://app.wiz.io/settings/connect and create an integration (it will provide the credentials for the next step).

2. Obtain Client ID and Client Secret from Wiz.

3. Log in to your organization via the Mend Platform.
   Note: Make sure you are an organization administrator.

4. Navigate to the setting “cog” icon → Integrations:

   

5. Click on the Wiz card. Then, paste the Client ID and Client Secret you obtained in step #2.

   

6. Click Connect.

Note: To disable the integration, you should delete your Client ID and Client Secret from the Wiz integration.