Skip to content

Wiz (AI-SPM)

Wiz discovers what AI exists in your cloud (the AI-BOM) and the posture issues around it. This integration brings that into Tulip so an agent can reason over it and emit grounded findings — Wiz finds the attack surface; the Tulip agent turns each issue into a typed, taxonomy-tagged Evidence.

pip install "tulip-integrations[wiz-aispm]"
Env WIZ_API_ENDPOINT · WIZ_CLIENT_ID · WIZ_CLIENT_SECRET
Import from tulip_integrations.vuln.wiz import wiz_inventory_tool, wiz_issues_tool
Functions wiz_inventory() · wiz_issues(severity)
Agent tools wiz_inventory_tool · wiz_issues_tool
Findings wiz_to_findings()list[GroundedFinding] (each an Evidence, or an Abstention)
Adapter wiz_adapter()ToolAdapter (a SecurityAdapter)
Playbook ai_spm_review() — from tulip_integrations.playbooks
from tulip_integrations.vuln.wiz import wiz_to_findings

for f in wiz_to_findings():          # each Wiz issue → a grounded Evidence
    print(f.severity, f.title, [t.value for t in f.taxonomy])
# critical  Publicly exposed model endpoint without authentication  ['LLM02']
# high      Over-permissive IAM role attached to AI training job    ['ASI03']
# medium    Model artifact bucket without encryption at rest        ['ASI04']

The live path authenticates (OAuth2 client-credentials) and queries the Wiz GraphQL API. Passes tulip.security.testing conformance.

Credentials

Set WIZ_API_ENDPOINT / WIZ_CLIENT_ID / WIZ_CLIENT_SECRET to run it against your Wiz tenant — adjust fields per your deployment.