Azure
/
Azure-Sentinel
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

added sample data and logs to creect place

This commit is contained in:
yanivblumWiz 2023-05-02 18:10:18 +03:00
Родитель 3ba0c77026
Коммит f456e8e651
5 изменённых файлов: 327 добавлений и 340 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

0
Solutions/Wiz Issues/Logos/Wiz Logo.svg → Logos/Wiz.svg
Просмотреть файл

Режим "рядом" Свайп Оверлей

До

Ширина:  |  Высота:  |  Размер: 2.2 KiB

После

Ширина:  |  Высота:  |  Размер: 2.2 KiB

0
Solutions/Wiz Issues/Sample Data/WizIssues_IngestedLogs.csv → Sample Data/Custom/Wiz Issues/WizIssues_IngestedLogs.csv
Просмотреть файл

327
Sample Data/Custom/Wiz Issues/WizIssues_RawLogs.json Normal file
Просмотреть файл

@ -0,0 +1,327 @@
[
{
"id": "64414104-045f-4e82-89c4-db057963b107",
"control": {
"id": "wc-id-912",
"name": "AWS account should not have unused SSH public keys",
"resolutionRecommendation": "It is recommended to delete unused SSH Public Keys."
},
"createdAt": "2023-04-24T20:57:18.601598Z",
"updatedAt": "2023-05-02T11:17:31.507962Z",
"resolvedAt": null,
"statusChangedAt": "2023-04-24T20:57:18.376287Z",
"dueAt": null,
"projects": [
{
"id": "83b76efe-a7b6-5762-8a53-8e8f59e68bd8",
"name": "Project 2",
"slug": "project-2",
"businessUnit": "",
"riskProfile": {
"businessImpact": "MBI"
}
},
{
"id": "af52828c-4eb1-5c4e-847c-ebc3a5ead531",
"name": "project 4",
"slug": "project-4",
"businessUnit": "Dev",
"riskProfile": {
"businessImpact": "MBI"
}
},
{
"id": "d6ac50bb-aec0-52fc-80ab-bacd7b02f178",
"name": "Project1",
"slug": "project1",
"businessUnit": "Dev",
"riskProfile": {
"businessImpact": "MBI"
}
}
],
"status": "OPEN",
"severity": "INFORMATIONAL",
"entitySnapshot": {
"id": "965aad01-844f-578e-b9c4-711a33258a10",
"type": "SECRET",
"name": "MK-TE",
"status": "Active",
"cloudPlatform": "AWS",
"region": "eu-north-1",
"providerId": "key-075be8737236a0848",
"nativeType": "keypair",
"subscriptionExternalId": "998231069301",
"subscriptionName": "wiz-integrations",
"subscriptionTags": {},
"resourceGroupExternalId": "",
"cloudProviderURL": "https://eu-north-north-1#KeyPairs:s-SSH-KEY",
"tags": {},
"externalId": "ssh"
},
"notes": [],
"serviceTickets": []
},
{
"id": "3fccf743-1db0-4eb3-a321-3af6d63c4d87",
"control": {
"id": "wc-id-912",
"name": "AWS account should not have unused SSH public keys",
"resolutionRecommendation": "It is recommended to delete unused SSH Public Keys."
},
"createdAt": "2023-04-24T20:57:18.601598Z",
"updatedAt": "2023-05-02T11:17:31.507962Z",
"resolvedAt": null,
"statusChangedAt": "2023-04-24T20:57:18.376287Z",
"dueAt": null,
"projects": [
{
"id": "83b76efe-a7b6-5762-8a53-8e8f59e68bd8",
"name": "Project 2",
"slug": "project-2",
"businessUnit": "",
"riskProfile": {
"businessImpact": "MBI"
}
},
{
"id": "af52828c-4eb1-5c4e-847c-ebc3a5ead531",
"name": "project 4",
"slug": "project-4",
"businessUnit": "Dev",
"riskProfile": {
"businessImpact": "MBI"
}
},
{
"id": "d6ac50bb-aec0-52fc-80ab-bacd7b02f178",
"name": "Project1",
"slug": "project1",
"businessUnit": "Dev",
"riskProfile": {
"businessImpact": "MBI"
}
}
],
"status": "OPEN",
"severity": "INFORMATIONAL",
"entitySnapshot": {
"id": "e6df597e-8519-59a6-a053-b4ca262de759",
"type": "SECRET",
"name": "anna",
"status": "Active",
"cloudPlatform": "AWS",
"region": "eu-north-1",
"providerId": "key-",
"nativeType": "keypair",
"subscriptionExternalId": "998231069301",
"subscriptionName": "wiz-integrations",
"subscriptionTags": {},
"resourceGroupExternalId": "",
"cloudProviderURL": "https://eu-north-1.console.aws.ama",
"tags": {},
"externalId": ""
},
"notes": [],
"serviceTickets": []
},
{
"id": "966aed8f-f1d5-4b8e-87e6-c23dddff6e67",
"control": {
"id": "wc-id-1308",
"name": "EKS service account with high privileges to an Elastic Container Registry",
"resolutionRecommendation": "To follow the principle of least privilege and minimize the risk of unauthorized access and data breaches, it is recommended to limit the EKS service account's access to the Elastic Container Registry (ECR) to read-only. \nThis can be achieved by modifying the permissions of the service account to allow only retrieval of images from ECR, while preventing it from making any modifications, such as pushing or deleting images."
},
"createdAt": "2023-04-09T22:15:12.042216Z",
"updatedAt": "2023-05-02T11:17:27.763468Z",
"resolvedAt": null,
"statusChangedAt": "2023-04-09T22:15:11.935045Z",
"dueAt": null,
"projects": [
{
"id": "83b76efe-a7b6-5762-8a53-8e8f59e68bd8",
"name": "Project 2",
"slug": "project-2",
"businessUnit": "",
"riskProfile": {
"businessImpact": "MBI"
}
},
{
"id": "af52828c-4eb1-5c4e-847c-ebc3a5ead531",
"name": "project 4",
"slug": "project-4",
"businessUnit": "Dev",
"riskProfile": {
"businessImpact": "MBI"
}
},
{
"id": "d6ac50bb-aec0-52fc-80ab-bacd7b02f178",
"name": "Project1",
"slug": "project1",
"businessUnit": "Dev",
"riskProfile": {
"businessImpact": "MBI"
}
}
],
"status": "OPEN",
"severity": "INFORMATIONAL",
"entitySnapshot": {
"id": "34946388-7e9a-5be6-a898-6321a81a0d54",
"type": "KUBERNETES_CLUSTER",
"name": "",
"status": "Active",
"cloudPlatform": "AWS",
"region": "us-east-1",
"providerId": "arn:aw",
"nativeType": "cluster",
"subscriptionExternalId": "998231069301",
"subscriptionName": "wiz-integrations",
"subscriptionTags": {},
"resourceGroupExternalId": "",
"cloudProviderURL": "https://us-east-1.console.aws.amazon.com/eks/home?region",
"tags": {
"Environment": "sample-aws",
"Owner": "Your-Name-SE",
"Terraform": "true"
},
"externalId": ""
},
"notes": [],
"serviceTickets": []
},
{
"id": "fd268aec-22c1-4642-a3e3-9dad2e6e77d6",
"control": {
"id": "wc-id-1335",
"name": "EKS principals assume roles that provide bind, escalate and impersonate permissions",
"resolutionRecommendation": "To follow the principle of least privilege and minimize the risk of unauthorized access and data breaches, it is recommended not to grant `bind`, `escalate` or `impersonate` permissions."
},
"createdAt": "2023-04-09T22:15:09.09103Z",
"updatedAt": "2023-05-02T11:17:30.928954Z",
"resolvedAt": null,
"statusChangedAt": "2023-05-01T17:04:56.720794Z",
"dueAt": null,
"projects": [
{
"id": "83b76efe-a7b6-5762-8a53-8e8f59e68bd8",
"name": "Project 2",
"slug": "project-2",
"businessUnit": "",
"riskProfile": {
"businessImpact": "MBI"
}
},
{
"id": "af52828c-4eb1-5c4e-847c-ebc3a5ead531",
"name": "project 4",
"slug": "project-4",
"businessUnit": "Dev",
"riskProfile": {
"businessImpact": "MBI"
}
},
{
"id": "d6ac50bb-aec0-52fc-80ab-bacd7b02f178",
"name": "Project1",
"slug": "project1",
"businessUnit": "Dev",
"riskProfile": {
"businessImpact": "MBI"
}
}
],
"status": "OPEN",
"severity": "INFORMATIONAL",
"entitySnapshot": {
"id": "9b6cd",
"type": "ACCESS_ROLE",
"name": "edit",
"status": null,
"cloudPlatform": "Kubernetes",
"region": "",
"providerId": "0a0c4a89",
"nativeType": "ClusterRole",
"subscriptionExternalId": "998231069301",
"subscriptionName": "wiz-integrations",
"subscriptionTags": {},
"resourceGroupExternalId": "",
"cloudProviderURL": "",
"tags": {
"kubernetes.io/bootstrapping": "rbac-defaults",
"rbac.authorization.k8s.io/aggregate-to-admin": "true"
},
"externalId": "k8s/clusterrf0c28d10fa3754/edit/16"
},
"notes": [],
"serviceTickets": []
},
{
"id": "fc0586a5-2877-471c-b2f2-89fe3c1ded14",
"control": {
"id": "wc-id-1335",
"name": "EKS principals assume roles that provide bind, escalate and impersonate permissions",
"resolutionRecommendation": "To follow the principle of least privilege and minimize the risk of unauthorized access and data breaches, it is recommended not to grant `bind`, `escalate` or `impersonate` permissions."
},
"createdAt": "2023-04-09T22:15:09.09103Z",
"updatedAt": "2023-05-02T11:17:30.928954Z",
"resolvedAt": null,
"statusChangedAt": "2023-05-01T17:04:56.720794Z",
"dueAt": null,
"projects": [
{
"id": "83b76efe-a7b6-5762-8a53-8e8f59e68bd8",
"name": "Project 2",
"slug": "project-2",
"businessUnit": "",
"riskProfile": {
"businessImpact": "MBI"
}
},
{
"id": "af52828c-4eb1-5c4e-847c-ebc3a5ead531",
"name": "project 4",
"slug": "project-4",
"businessUnit": "Dev",
"riskProfile": {
"businessImpact": "MBI"
}
},
{
"id": "d6ac50bb-aec0-52fc-80ab-bacd7b02f178",
"name": "Project1",
"slug": "project1",
"businessUnit": "Dev",
"riskProfile": {
"businessImpact": "MBI"
}
}
],
"status": "OPEN",
"severity": "INFORMATIONAL",
"entitySnapshot": {
"id": "2cc21bdd-a02c-5317-97bf-53bf1909881c",
"type": "ACCESS_ROLE",
"name": "edit",
"status": null,
"cloudPlatform": "Kubernetes",
"region": "",
"providerId": "0180364a89",
"nativeType": "ClusterRole",
"subscriptionExternalId": "998231069301",
"subscriptionName": "wiz-integrations",
"subscriptionTags": {},
"resourceGroupExternalId": "",
"cloudProviderURL": "",
"tags": {
"kubernetes.io/bootstrapping": "rbac-defaults",
"rbac.authorization.k8s.io/aggregate-to-admin": "true"
},
"externalId": "k8s/clusterrd10fa3754/edit/17"
},
"notes": [],
"serviceTickets": []
}
]

0
Solutions/Wiz Issues/Sample Data/WizIssues_Schema.csv → Sample Data/Custom/Wiz Issues/WizIssues_Schema.csv
Просмотреть файл

340
Solutions/Wiz Issues/Sample Data/WizIssues_RawLogs.json
Просмотреть файл

@ -1,340 +0,0 @@
{
"id": "e63db3b4-270c-4054-a1ff-ad5b5fb89f2b",
"control": {
"id": "wc-id-609",
"name": "CVE-2021-44228 (Log4Shell) detected on a publicly exposed VM instance/serverless",
"resolutionRecommendation": "We strongly recommend that you upgrade your log4j versions to log4j-2.17.0 or later.\nIf you are using a version older than 2.10.0 and cannot upgrade, your mitigation choices are:\n * Modify every logging pattern layout to say %m{nolookups} instead of %m in your logging config file, or\n * Substitute a non-vulnerable or empty implementation of the affected class, in a way that your class loader uses your replacement instead of the vulnerable version of the class (org.apache.logging.log4j.core.lookup.JndiLookup)."
},
"createdAt": "2023-03-22T20:35:31.931572Z",
"updatedAt": "2023-05-02T11:16:35.047269Z",
"resolvedAt": null,
"statusChangedAt": "2023-04-30T08:20:33.899687Z",
"dueAt": null,
"projects": [
{
"id": "83b76efe-a7b6-5762-8a53-8e8f59e68bd8",
"name": "Project 2",
"slug": "project-2",
"businessUnit": "",
"riskProfile": {
"businessImpact": "MBI"
}
},
{
"id": "af52828c-4eb1-5c4e-847c-ebc3a5ead531",
"name": "project 4",
"slug": "project-4",
"businessUnit": "Dev",
"riskProfile": {
"businessImpact": "MBI"
}
},
{
"id": "d6ac50bb-aec0-52fc-80ab-bacd7b02f178",
"name": "Project1",
"slug": "project1",
"businessUnit": "Dev",
"riskProfile": {
"businessImpact": "MBI"
}
}
],
"status": "IN_PROGRESS",
"severity": "CRITICAL",
"entitySnapshot": {
"id": "03a8cf48-bb9d-5fee-898b-40047a70c2a5",
"type": "VIRTUAL_MACHINE",
"name": "qradar-instance-new",
"status": "Active",
"cloudPlatform": "AWS",
"region": "eu-north-1",
"providerId": "arn:aws:ec2:eu-north-1:998231069301:instance/i-05bdbe2c931a45d52",
"nativeType": "virtualMachine",
"subscriptionExternalId": "998231069301",
"subscriptionName": "wiz-integrations",
"subscriptionTags": {},
"resourceGroupExternalId": "",
"cloudProviderURL": "https://eu-north-1.console.aws.amazon.com/ec2/v2/home?region=eu-north-1#InstanceDetails:instanceId=i-05bdbe2c931a45d52",
"tags": {
"Name": "qradar-instance-new"
},
"externalId": "i-05bdbe2c931a45d52"
},
"notes": [
{
"createdAt": "2023-03-29T15:40:19.434319Z",
"updatedAt": "2023-04-30T08:20:34.259046Z",
"text": "test",
"user": {
"name": "wizviacognito_yaniv.blum@wiz.io",
"email": "yaniv.blum@wiz.io"
},
"serviceAccount": null
}
],
"serviceTickets": []
},
{
"id": "c087e17b-4e49-4e61-9bbb-4f7a50c52bde",
"control": {
"id": "wc-id-182",
"name": "Publicly exposed container running on a VM instance with unpatched kernel with vulnerabilities",
"resolutionRecommendation": "To resolve this issue follow these steps:\n1. Inspect the evidence to see the affected containers and compute group.\n * If the compute group or the container are stale, remove them.\n2. Access the VM and run the appropriate update command:\n * Amazon Linux - <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/al2-live-patching.html>\n * Ubuntu - <https://ubuntu.com/security/livepatch>\n * RHEL - <https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/kernel_administration_guide/applying_patches_with_kernel_live_patching>\n * Windows - use Windows update agent\n3. Update the compute instance group image to the latest version.\n * If the image is public, ensure you specify the latest version.\n * If the image is private, build a new and patched version.\n4. Restrict container exposure:\n * Remove any NSGs with wide exposure, i.e. 0.0.0.0/0, and replace them with IP ranges."
},
"createdAt": "2023-04-19T19:21:07.936344Z",
"updatedAt": "2023-05-02T11:17:01.787912Z",
"resolvedAt": null,
"statusChangedAt": "2023-04-19T19:21:07.808172Z",
"dueAt": null,
"projects": [
{
"id": "83b76efe-a7b6-5762-8a53-8e8f59e68bd8",
"name": "Project 2",
"slug": "project-2",
"businessUnit": "",
"riskProfile": {
"businessImpact": "MBI"
}
},
{
"id": "af52828c-4eb1-5c4e-847c-ebc3a5ead531",
"name": "project 4",
"slug": "project-4",
"businessUnit": "Dev",
"riskProfile": {
"businessImpact": "MBI"
}
},
{
"id": "d6ac50bb-aec0-52fc-80ab-bacd7b02f178",
"name": "Project1",
"slug": "project1",
"businessUnit": "Dev",
"riskProfile": {
"businessImpact": "MBI"
}
}
],
"status": "OPEN",
"severity": "HIGH",
"entitySnapshot": {
"id": "ff3d39cf-ec53-5294-86e4-a2aed12af358",
"type": "COMPUTE_INSTANCE_GROUP",
"name": "eks-sample-aws-eks-20230402094808052100000015-46c3a0ae-f875-d63c-def3-408e2bd2f0b4",
"status": null,
"cloudPlatform": "AWS",
"region": "us-east-1",
"providerId": "arn:aws:autoscaling:us-east-1:998231069301:autoScalingGroup:82e2a9bd-cb64-46e3-b9fa-ecf44800f697:autoScalingGroupName/eks-sample-aws-eks-20230402094808052100000015-46c3a0ae-f875-d63c-def3-408e2bd2f0b4",
"nativeType": "autoScalingGroup",
"subscriptionExternalId": "998231069301",
"subscriptionName": "wiz-integrations",
"subscriptionTags": {},
"resourceGroupExternalId": "",
"cloudProviderURL": "https://us-east-1.console.aws.amazon.com/ec2autoscaling/home?region=us-east-1#details/eks-sample-aws-eks-20230402094808052100000015-46c3a0ae-f875-d63c-def3-408e2bd2f0b4?view=details",
"tags": {
"eks:cluster-name": "sample-aws-eks-cluster",
"eks:nodegroup-name": "sample-aws-eks-20230402094808052100000015",
"k8s.io/cluster-autoscaler/enabled": "true",
"k8s.io/cluster-autoscaler/sample-aws-eks-cluster": "owned",
"kubernetes.io/cluster/sample-aws-eks-cluster": "owned"
},
"externalId": "arn:aws:autoscaling:us-east-1:998231069301:autoScalingGroup:82e2a9bd-cb64-46e3-b9fa-ecf44800f697:autoScalingGroupName/eks-sample-aws-eks-20230402094808052100000015-46c3a0ae-f875-d63c-def3-408e2bd2f0b4"
},
"notes": [],
"serviceTickets": []
},
{
"id": "c37025b2-2777-4774-abda-e343ccdcde93",
"control": {
"id": "wc-id-1362",
"name": "Publicly exposed VM vulnerable to CVE-2023-28252 (EoP 0-day vulnerability exploited in ransomware attacks)",
"resolutionRecommendation": "1. limit external exposure\n * Restrict access to resources that do not need to be accessible from the internet. \n * Ensure that exposed ports allow only encrypted communications.\n2. Stay patched for high profile vulnerabilities \n * Update all software running in your environment to the latest version. If you cannot use the latest version, prioritize patching resources in your environment according to the attack surface they are exposed to and the potential impact of this resources compromise (based on the Issue severity). \n * Prioritize patching high-profile vulnerabilities as malicious actors are more likely to exploit them."
},
"createdAt": "2023-04-17T12:40:48.876574Z",
"updatedAt": "2023-05-02T11:17:01.57551Z",
"resolvedAt": null,
"statusChangedAt": "2023-04-17T12:40:48.546372Z",
"dueAt": null,
"projects": [
{
"id": "83b76efe-a7b6-5762-8a53-8e8f59e68bd8",
"name": "Project 2",
"slug": "project-2",
"businessUnit": "",
"riskProfile": {
"businessImpact": "MBI"
}
},
{
"id": "af52828c-4eb1-5c4e-847c-ebc3a5ead531",
"name": "project 4",
"slug": "project-4",
"businessUnit": "Dev",
"riskProfile": {
"businessImpact": "MBI"
}
},
{
"id": "d6ac50bb-aec0-52fc-80ab-bacd7b02f178",
"name": "Project1",
"slug": "project1",
"businessUnit": "Dev",
"riskProfile": {
"businessImpact": "MBI"
}
}
],
"status": "OPEN",
"severity": "HIGH",
"entitySnapshot": {
"id": "6241b71a-618e-5bc7-9986-aa7514ca69b3",
"type": "VIRTUAL_MACHINE",
"name": "discovery-win-server-05658",
"status": "Active",
"cloudPlatform": "AWS",
"region": "eu-north-1",
"providerId": "arn:aws:ec2:eu-north-1:998231069301:instance/i-07edb936357023119",
"nativeType": "virtualMachine",
"subscriptionExternalId": "998231069301",
"subscriptionName": "wiz-integrations",
"subscriptionTags": {},
"resourceGroupExternalId": "",
"cloudProviderURL": "https://eu-north-1.console.aws.amazon.com/ec2/v2/home?region=eu-north-1#InstanceDetails:instanceId=i-07edb936357023119",
"tags": {
"Name": "discovery-win-server-05658"
},
"externalId": "i-07edb936357023119"
},
"notes": [],
"serviceTickets": []
},
{
"id": "64e0ea82-c70a-430f-8146-192bdd6d1279",
"control": {
"id": "wc-id-1362",
"name": "Publicly exposed VM vulnerable to CVE-2023-28252 (EoP 0-day vulnerability exploited in ransomware attacks)",
"resolutionRecommendation": "1. limit external exposure\n * Restrict access to resources that do not need to be accessible from the internet. \n * Ensure that exposed ports allow only encrypted communications.\n2. Stay patched for high profile vulnerabilities \n * Update all software running in your environment to the latest version. If you cannot use the latest version, prioritize patching resources in your environment according to the attack surface they are exposed to and the potential impact of this resources compromise (based on the Issue severity). \n * Prioritize patching high-profile vulnerabilities as malicious actors are more likely to exploit them."
},
"createdAt": "2023-04-17T12:40:48.876574Z",
"updatedAt": "2023-05-02T11:17:01.57551Z",
"resolvedAt": null,
"statusChangedAt": "2023-04-17T12:40:48.546372Z",
"dueAt": null,
"projects": [
{
"id": "83b76efe-a7b6-5762-8a53-8e8f59e68bd8",
"name": "Project 2",
"slug": "project-2",
"businessUnit": "",
"riskProfile": {
"businessImpact": "MBI"
}
},
{
"id": "af52828c-4eb1-5c4e-847c-ebc3a5ead531",
"name": "project 4",
"slug": "project-4",
"businessUnit": "Dev",
"riskProfile": {
"businessImpact": "MBI"
}
},
{
"id": "d6ac50bb-aec0-52fc-80ab-bacd7b02f178",
"name": "Project1",
"slug": "project1",
"businessUnit": "Dev",
"riskProfile": {
"businessImpact": "MBI"
}
}
],
"status": "OPEN",
"severity": "HIGH",
"entitySnapshot": {
"id": "9659a8df-2b4e-522f-b212-0ab889db0803",
"type": "VIRTUAL_MACHINE",
"name": "agent-win1",
"status": "Active",
"cloudPlatform": "AWS",
"region": "us-east-1",
"providerId": "arn:aws:ec2:us-east-1:998231069301:instance/i-0339b53dda9f3c4d2",
"nativeType": "virtualMachine",
"subscriptionExternalId": "998231069301",
"subscriptionName": "wiz-integrations",
"subscriptionTags": {},
"resourceGroupExternalId": "",
"cloudProviderURL": "https://us-east-1.console.aws.amazon.com/ec2/v2/home?region=us-east-1#InstanceDetails:instanceId=i-0339b53dda9f3c4d2",
"tags": {
"Name": "agent-win1"
},
"externalId": "i-0339b53dda9f3c4d2"
},
"notes": [],
"serviceTickets": []
},
{
"id": "2b5a458b-2cff-4dd4-aa7f-1108eaa38d05",
"control": {
"id": "wc-id-1362",
"name": "Publicly exposed VM vulnerable to CVE-2023-28252 (EoP 0-day vulnerability exploited in ransomware attacks)",
"resolutionRecommendation": "1. limit external exposure\n * Restrict access to resources that do not need to be accessible from the internet. \n * Ensure that exposed ports allow only encrypted communications.\n2. Stay patched for high profile vulnerabilities \n * Update all software running in your environment to the latest version. If you cannot use the latest version, prioritize patching resources in your environment according to the attack surface they are exposed to and the potential impact of this resources compromise (based on the Issue severity). \n * Prioritize patching high-profile vulnerabilities as malicious actors are more likely to exploit them."
},
"createdAt": "2023-04-17T12:40:48.876574Z",
"updatedAt": "2023-05-02T11:17:01.57551Z",
"resolvedAt": null,
"statusChangedAt": "2023-04-17T12:40:48.546372Z",
"dueAt": null,
"projects": [
{
"id": "83b76efe-a7b6-5762-8a53-8e8f59e68bd8",
"name": "Project 2",
"slug": "project-2",
"businessUnit": "",
"riskProfile": {
"businessImpact": "MBI"
}
},
{
"id": "af52828c-4eb1-5c4e-847c-ebc3a5ead531",
"name": "project 4",
"slug": "project-4",
"businessUnit": "Dev",
"riskProfile": {
"businessImpact": "MBI"
}
},
{
"id": "d6ac50bb-aec0-52fc-80ab-bacd7b02f178",
"name": "Project1",
"slug": "project1",
"businessUnit": "Dev",
"riskProfile": {
"businessImpact": "MBI"
}
}
],
"status": "OPEN",
"severity": "HIGH",
"entitySnapshot": {
"id": "509cfafb-629d-54ce-870c-03b96ab0086b",
"type": "VIRTUAL_MACHINE",
"name": "discovery-win-05658",
"status": "Active",
"cloudPlatform": "AWS",
"region": "eu-north-1",
"providerId": "arn:aws:ec2:eu-north-1:998231069301:instance/i-048ca39cb396845bd",
"nativeType": "virtualMachine",
"subscriptionExternalId": "998231069301",
"subscriptionName": "wiz-integrations",
"subscriptionTags": {},
"resourceGroupExternalId": "",
"cloudProviderURL": "https://eu-north-1.console.aws.amazon.com/ec2/v2/home?region=eu-north-1#InstanceDetails:instanceId=i-048ca39cb396845bd",
"tags": {
"Name": "discovery-win-05658"
},
"externalId": "i-048ca39cb396845bd"
},
"notes": [],
"serviceTickets": []
}