Overview

Enable native support for SBOM ingestion through the Wiz integration/exporter, leveraging Wiz Graph API resources:

Goal

Allow customers to ingest SBOM-related data from Wiz into Port in a structured and scalable way, enabling visibility into packages, dependencies, vulnerabilities, and their relationships to services and repositories.

Requested Resources (from Wiz Graph API):

Package & Branch Package

Code Repository & Repository Branch

Resource Declaration Code

Technology & Hosted Technology

Vulnerability

These resources should allow us to model:

Package inventories per image/repository

Dependency relationships

Vulnerability exposure

Technology stack attribution

Code-to-resource mapping