Different policies check different risks in different ways:
- Controls—Correlate multiple risk factors to identify toxic combinations. Learn how to view and manage Controls.
- Cloud Configuration Rules—Check specific settings on specific resources for deviations from correction configurations (aka CSPM checks). Learn how to view and manage Cloud Configuration Rules and learn how to write custom Cloud Configuration Rules in Rego.
- Vulnerability Catalog—Browse the extensive library of vulnerabilities that Wiz can detect. Learn how vulnerability detection works.
- Host Configuration Rules—Perform configuration checks to evaluate your VMs according to CIS Host Benchmark rules. Learn all about secure Host Configuration in Wiz and create your own custom Host Configuration Rules.
- Threat Detection Rules—Detect threats in your environment both on the cloud level and on the workload level, also in runtime. Learn how to view and manage Threat Detection Rules in Wiz.
- Data Classification Rules—Identify sensitive data (PII, PCI, PHI, and secrets) across your cloud infrastructure and data assets. Learn about Wiz's Data Classification Rules and Data Security Posture Management (DSPM) capabilities.
- CI/CD & Admission Policies—Define the criteria that determine whether a resource passes or fails a wiz-cli scan and the criteria for the Wiz Admission Controller permitting or blocking a change to a Kubernetes cluster. Learn how to view and manage CI/CD & Admission Policies.
- Ignore Rules—Address known or anticipated security risks by determining the conditions in which certain findings (Vulnerability, Cloud Configuration, and Host Configuration Findings) will be automatically ignored. Learn how Ignore Rules work in Wiz and create your own rules.