A Wiz Outpost scans your workloads (virtual machines and container clusters) using your own cloud infrastructure and permissions, instead of the Wiz backend.
Outpost is designed to meet the needs of companies in highly regulated industries like health and finance. Outpost is also used by companies with internal policies restricting how third parties (like Wiz) access company data. Finally, Outpost can be used to scan all container images stored in your container registries, even those that do not (yet) have running containers in your environment. Learn about Wiz Outpost.
In general, Wiz Outposts must be deployed in two separate phases:
- Phase 1—Define a custom set of permissions in your cloud environment that allow a third party (i.e. Wiz) to create and manage Kubernetes infrastructure, then allow Wiz to use those permissions.
- Phase 2—Create a cloud connector between Wiz and your cloud environment so that workload metadata (e.g. OS disk volume IDs) can be extracted and passed to the Outpost.
Questions? See the Connecting Wiz Outpost FAQ.