Wiz Runtime Sensor - Tech Stack - doc: update data classification for wiz runtime sensor
Tech Stack - Update Existing System
Please do not merge before the Business Systems Analysts have reviewed and approved!
Questions? Ask in #tech-owners_tech-stack Slack channel.
Business/Technical System Owner or Delegate to Complete
-
Rename this MR's title to [System Name] - Tech Stack - Update Existing System
-
Update data field(s) for the existing system within the 'Changes' tab of this MR. Commit update when ready. More instructions are here.
Are you changing the existing system's provisioner(s)?
-
Yes. Create an Issue to add the new provisioner(s) of the system to the appropriate Google/Slack/GitLab groups: - Issue Link:
-
No
Are you removing an existing system from the Tech Stack?
-
Yes. Be sure to complete a Tech Stack Offboarding Issue as well. Offboarding Issue Link: -
No
Security Risk Team to Complete
Not required prior to merging.
-
Once updates are finalized and if necessary, communicate change to impacted parties (e.g. Security Compliance)
The data classification for the Wiz SaaS/Backend is RED. The different Wiz Scans will redact data before sending it to the the Wiz Backend, but since there's a non-zero risk that it might fail, we still treat the system as RED data holder.↵ ↵ The Wiz Linux sensor stores temporary data on the VM disk and has high privileges on VMs that contain RED data. So, the scope of the data access should be considered RED.↵ ↵ The discussion is surfaced while production readiness review of the runtime sensor for linux↵