Wiz Defend Threats alert

Classification:

attack

Goal

Detect threat alerts generated by Wiz Defend.

This rule detects Defend threat alerts that have been generated by Wiz.

Investigate the entity {{@threat.id}} with alert {{@evt.name}}. Review {{@threats.resource.id}} or {{@threats.actors.name}} if populated in the log.
Take necessary and appropriate actions based on the company procedures.