Overwhelmed by the complexities of the cloud? Torq’s enterprise-grade security hyperautomation workflows integrated with Wiz offers dramatic value for improving your cloud security. Torq frees up SecOps, CloudOps, DevOps, and other teams’ precious time, empowering them to focus on strategic business initiatives without being bombarded by cloud alerts.
Here are the top-3 Torq and Wiz automations:
Bucket List: S3 bucket permissions
This workflow receives an alert from Wiz and is triggered by an event with control name “S3 Bucket default encryption disabled.” If an owner tag is found the user will be looked up in Slack, otherwise update the Slack channel. Next, the encryption status will be checked on the bucket to see if the encryption is still disabled. Then, the owner or channel will be asked to enable encryption on the bucket. If an error occurs or the owner/channel does not allow encryption to be enabled, a Jira issue will be opened. Together, Torq and Wiz limit public access to an exposed bucket.
Open Sesame: Open Ports
This workflow receives an issue from Wiz where it is triggered by an event that contains “Virtual machine in Azure with SSH open to the internet.” The workflow will pull the owner information from the VM and NSG and ask the owner or channel for approval to add a blocking rule to the NSG. If approved, the workflow will find an available priority in the NSG and attempt to add the rule. If not approved or the Slack message times out, Jira issue will be opened and a note added to Wiz open issue. Wiz and Torq slam the door on threat actors by keeping your IT environments secure.
Lookup Hookups: Data Lookups
This workflow is triggered by a mention via slack for a specific CVE to search for. The CVE will be extracted from the command a search will occur in both Wiz and Snyk for findings. An update will be made into the Slack thread if any findings are provided. With Torq and Wiz, CVE issues are searched for in no-time, empowering organizations to take early action against threat actors.
Wiz customers, combined with Torq’s enterprise-grade security hyperautomation, deliver actionable remediation and response to threats with a full audit trail of automated security actions. Simply put, we’re better together.
Want to learn more about how Torq Hyperautomation can dramatically enhance your security workflows so you can stay ahead of emerging threats? Test drive Torq Hyperautomation, here: https://torq.io/demo/