Skip to main content
All CollectionsTemplatesIntermediate
Handle Wiz Alert for Public Azure Container with Sensitive Data - Workflow Template
Handle Wiz Alert for Public Azure Container with Sensitive Data - Workflow Template

On trigger from Wiz alert for an Azure Container containing sensitive data, ask a Slack channel or container owner to limit public access

Updated over 7 months ago

This workflow template is designed to manage public Azure Storage Containers that are inadvertently exposing sensitive data. On receiving an alert from Wiz, it automatically initiates a process to assess container exposure. The workflow gathers container details, including tags and public access settings, and reaches out via Slack for approval to alter access settings. With approval, public access is revoked; without it, an issue is escalated within Jira to document and address the permission setting, ensuring prompt and controlled response to potential data exposures.

Trigger

Wiz

Use Cases

CSPM

Workflow Breakdown

  1. Receive an alert from Wiz on a publicly exposed Azure Storage Container with sensitive information

  2. Gather details on the container including tags and the current container public policy property

  3. Ask the Slack channel or container owner for approval to limit the public access on the container

  4. If approved, set the public-access property off on the container and update the Wiz alert comments and move to alert to In Progress

  5. If not approved, open an issue in Jira and note the response and add the Jira issue key to the Wiz alert

Vendors

Slack, Microsoft Azure, Utils, Wiz, Jira Cloud

Did this answer your question?