diff --git a/Community Developed/Wiz/ReadMe.md b/Community Developed/Wiz/ReadMe.md
index a7cdd1e..ac3d86f 100644
--- a/Community Developed/Wiz/ReadMe.md	
+++ b/Community Developed/Wiz/ReadMe.md	
@@ -1,6 +1,7 @@
 ## Data Types to Retrieve from Wiz
 1. **Wiz-Workflow.xml**: This file retrieves various types of Wiz issues from the Wiz server and imports them into QRadar.
 2. **Wiz-AuditLogs-Workflow.xml**: This file retrieves different categories of Wiz audit logs from the Wiz server and imports them into QRadar.
+3. **Wiz-Detections-Workflow.xml**: This file retrieves different types of Wiz Detections from the Wiz server and imports them into QRadar.
 
 ## Collect authentication info from Wiz
 
@@ -24,7 +25,7 @@ To generate a client ID and client secret:
 1. Go to <a href="https://app.wiz.io/settings/service-accounts" target="_blank">Settings > Service Accounts</a>, then click **Add Service Account**.
 2. On the New Service Account page:
    1. Give the new service account a meaningful name, e.g. "QRadar integration".
-   2. Select the permission **read:issues** and **admin:audit**.
+   2. Select the permission **read:issues** and **admin:audit** and **read:detections**.
    3. Click **Add Service Account**.
 3. From the secret credential dialog, copy the **Client ID** and **Client Secret** to a local file or secret manager for use below.
 **Note: The Client ID and Client Secret are only shown once. Do not close the dialog without copying them to a local file or secret manager.**
@@ -59,3 +60,4 @@ Parameter Values).
 5. auth_type : The Authentication type used to fetch JWT Token from Wiz.
 6. gql_query : The GraphQL query to be used while fetching the Issues from Wiz (default GraphQL query already present).
 7. audit_logs_gql_query : The GraphQL query to be used while fetching the Audit Logs from Wiz (default GraphQL query already present).
+8. detections_gql_query : The GraphQL query to be used while fetching the Detections from Wiz (default GraphQL query already present).
\ No newline at end of file
diff --git a/Community Developed/Wiz/Wiz-AuditLogs-Workflow.xml b/Community Developed/Wiz/Wiz-AuditLogs-Workflow.xml
index a578c83..f8a9ba8 100644
--- a/Community Developed/Wiz/Wiz-AuditLogs-Workflow.xml	
+++ b/Community Developed/Wiz/Wiz-AuditLogs-Workflow.xml	
@@ -9,12 +9,13 @@
         <Parameter name="auth_type" label="Authentication Type" required="true" />
         <Parameter name="audit_logs_gql_query" label="GraphQL Query" required="true" />
         <Parameter name="gql_query" label="GraphQL Query" required="false" />
+        <Parameter name="detections_gql_query" label="GraphQL Query" required="false" />
     </Parameters>
 
     
     <Actions>
         <Log type="INFO" message="WIZ: Workflow Actions started for Audit Logs..." />
-        <Initialize path="/user_agent_header" value="127fb887-6a5e-99be-c1ef-5c62031e9614/qradar/2.0.3-v2" />
+        <Initialize path="/user_agent_header" value="127fb887-6a5e-99be-c1ef-5c62031e9614/qradar/2.0.4" />
         <If condition="/audit_bookmark != null">
             <!-- Format Date to be passed in fetching events -->
             <FormatDate pattern="yyyy-MM-dd'T'HH:mm:ss'Z'" timeZone="UTC" time="${/audit_bookmark}" savePath="/audit_timestamp" />
diff --git a/Community Developed/Wiz/Wiz-Detections-Workflow.xml b/Community Developed/Wiz/Wiz-Detections-Workflow.xml
new file mode 100644
index 0000000..865626b
--- /dev/null
+++ b/Community Developed/Wiz/Wiz-Detections-Workflow.xml	
@@ -0,0 +1,188 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<Workflow name="Wiz" version="1.0" xmlns="http://qradar.ibm.com/UniversalCloudRESTAPI/Workflow/V1">
+
+    <Parameters>
+        <Parameter name="client_id" label="Client ID" required="true" />
+        <Parameter name="client_secret" label="Client Secret" required="true" secret="true" />
+        <Parameter name="token_url_domain" label="JWT Auth Endpoint" required="true" />
+        <Parameter name="host" label="API Endpoint" required="true" />
+        <Parameter name="auth_type" label="Authentication Type" required="true" />
+        <Parameter name="detections_gql_query" label="Detections GraphQL Query" required="true" />
+        <Parameter name="audit_logs_gql_query" label="GraphQL Query" required="false" />
+        <Parameter name="gql_query" label="GraphQL Query" required="false" />
+    </Parameters>
+
+    
+    <Actions>
+        <Log type="INFO" message="WIZ: Workflow Actions started for Detections..." />
+        <Initialize path="/user_agent_header" value="127fb887-6a5e-99be-c1ef-5c62031e9614/qradar/2.0.4" />
+        <If condition="/detection_bookmark != null">
+            <!-- Format Date to be passed in fetching events -->
+            <FormatDate pattern="yyyy-MM-dd'T'HH:mm:ss'Z'" timeZone="UTC" time="${/detection_bookmark}" savePath="/detection_timestamp" />
+        </If>
+        
+
+        <If condition="/detection_timestamp != null">
+            <Log type="INFO" message="WIZ: Incremental Polling started for Detections. Pulling Detections from: ${/detection_timestamp}" />
+        </If>
+        <Else>
+            <!-- Set the date for 14 days before Historical Polling -->
+            <FormatDate pattern="yyyy-MM-dd'T'HH:mm:ss'Z'" timeZone="UTC" time="${time() - 14 * 86400000}" savePath="/detection_timestamp" />
+            <Log type="INFO" message="WIZ: Historical Polling started. Pulling all Detections from: ${/detection_timestamp}" />
+        </Else>
+        <Set path="/detection_bookmark" value="${time()}"/>
+        <FormatDate pattern="yyyy-MM-dd'T'HH:mm:ss'Z'" timeZone="UTC" time="${/detection_bookmark}" savePath="/before_time" />
+        <!-- Updating the GraphQL query variable for Incremental/Historical Polling  -->
+        <Set
+            path="/detection_gql_query_variables"
+            value='{
+                "first":500,
+                "filterBy": {
+                    "createdAt":{
+                        "after": "${/detection_timestamp}"
+                    }
+                },
+                "orderBy": {
+                    "field": "CREATED_AT",
+                    "direction": "DESC"
+                }
+            }' 
+        />
+           
+
+        <!-- Initialize the Audience Parameter -->
+        <Initialize path="/audience_parameter" value="wiz-api" />
+
+        <If condition="'${/auth_type}' = 'auth0'">
+            <Set path="/audience_parameter" value="beyond-api" />
+        </If>
+        
+        <!-- Fetch API Token -->
+        <CallEndpoint url="https://${/token_url_domain}/oauth/token" method="POST" savePath="/get_access_token">
+            <RequestHeader name="content-type" value="application/x-www-form-urlencoded" />
+            <RequestHeader name="User-Agent" value="${/user_agent_header}" />
+            <UrlEncodedFormRequestBody>
+                <Parameter name="grant_type" value="client_credentials" />
+                <Parameter name="client_id" value="${/client_id}" />
+                <Parameter name="client_secret" value="${/client_secret}" />
+                <Parameter name="audience" value="${/audience_parameter}" />
+            </UrlEncodedFormRequestBody>
+        </CallEndpoint>
+
+        <Log type="INFO" message="WIZ: Auth Token API call status code:: ${/get_access_token/status_code}" />
+
+        <!-- Handle Errors -->
+        <If condition="/get_access_token/status_code != 200">
+            <Log type="ERROR" message="WIZ: Workflow Aborting.. API Token Failure. Error:: ${/get_access_token/body}" />
+            <Abort reason="Failed requesting API token. Error: ${/get_access_token/body}" />
+        </If>
+
+        <!-- Extract the Access Token -->
+        <Set path="/access_token" value="${/get_access_token/body/access_token}" />
+
+        <Log type="INFO" message="WIZ: First API call for Detections: Using this GraphQL variable ${/detection_gql_query_variables}" />
+
+        <!-- Fetch Events -->
+        <CallEndpoint url="https://${/host}/graphql" method="POST" savePath="/get_detections">
+            <RequestHeader name="Authorization" value="Bearer ${/access_token}" />
+            <RequestHeader name="content-type" value="application/json" />
+            <RequestHeader name="User-Agent" value="${/user_agent_header}" />
+            <RequestBody type="application/json" encoding="UTF-8">
+                {
+                    "query": "${/detections_gql_query}",
+                    "variables": ${/detection_gql_query_variables}
+                }
+            </RequestBody>
+        </CallEndpoint>
+
+        <Log type="INFO" message="WIZ: First API call for Detections status code:: ${/get_detections/status_code}" />
+       
+        <!-- Handle Errors -->
+        <If condition="/get_detections/status_code != 200">
+            <Log type="ERROR" message="WIZ: Workflow Aborting.. Failure while fetching Detections. Error:: ${/get_detections/body}" />
+            <Abort reason="Failed while fetching Wiz Detections. Error:: ${/get_detections/body}" />
+        </If>
+
+        <Log type="INFO" message="WIZ: First API call fetched ${count(/get_detections/body/data/detections/nodes)}  Wiz Detections" />
+
+        <!-- Post Events, if any -->
+        <If condition="count(/get_detections/body/data/detections/nodes) > 0">            
+            <PostEvents path="/get_detections/body/data/detections/nodes" source="${/host}__Detection" />
+            <Log type="INFO" message="WIZ: First API call for Detections is done. Sent ${count(/get_detections/body/data/detections/nodes)} Wiz Detection Events to QRadar" />
+
+        </If>
+
+        
+        <!-- Fetch remaining events -->
+        <While condition="/get_detections/body/data/detections/pageInfo/hasNextPage">
+
+            <Set
+                path="/detection_gql_query_variables"
+                value='{
+                    "first":500,
+                    "filterBy": {
+                        "createdAt":{
+                            "after": "${/detection_timestamp}"
+                        }   
+                    },
+                    "orderBy": {
+                        "field": "CREATED_AT",
+                        "direction": "DESC"
+                    },
+                    "after": "${/get_detections/body/data/detections/pageInfo/endCursor}"
+                }' 
+            />
+
+
+
+            <Log type="INFO" message="WIZ: Paginated API call for Detections: Using this GraphQL variable : ${/detection_gql_query_variables}" />
+            
+            <!-- Fetch events -->
+            <CallEndpoint url="https://${/host}/graphql" method="POST" savePath="/get_detections">
+                <RequestHeader name="Authorization" value="Bearer ${/access_token}" />
+                <RequestHeader name="content-type" value="application/json" />
+                <RequestHeader name="User-Agent" value="${/user_agent_header}" />
+                <RequestBody type="application/json" encoding="UTF-8">
+                    {
+                        "query": "${/detections_gql_query}",
+                        "variables": ${/detection_gql_query_variables}
+                    }
+                </RequestBody>
+            </CallEndpoint>
+
+            <Log type="INFO" message="WIZ: Paginated API call for Detections status code: ${/get_detections/status_code}" />
+
+            <!-- Handle Errors -->
+            <If condition="/get_detections/status_code != 200">
+                <Log type="ERROR" message="WIZ: Workflow Aborting.. Failure while fetching Detections. Error:: ${/get_detections/body}" />
+                <Abort reason="Failed while fetching Wiz Detections. Error:: ${/get_detections/body}" />
+            </If>
+
+            <Log type="INFO" message="WIZ: Paginated API call for Detections. Fetched ${count(/get_detections/body/data/detections/nodes)} Wiz Detections" />
+
+            <!-- Post Events, if any -->
+            <If condition="count(/get_detections/body/data/detections/nodes) > 0">
+                <PostEvents path="/get_detections/body/data/detections/nodes" source="${/host}__Detection" />                
+                <Log type="INFO" message="WIZ: Paginated API call for Detections is done. Sent ${count(/get_detections/body/data/detections/nodes)} Wiz Detections to QRadar" />
+            </If>
+            
+
+        </While>
+        <Set path="/detection_bookmark" value="${/detection_bookmark + 1000}"/>
+        <Log type="INFO" message="WIZ: Updated the bookmark for Detections ${/detection_bookmark}." />
+        <Log type="INFO" message="WIZ: All Actions for Detections are completed." />
+
+
+    </Actions>
+
+    <Tests>
+        <DNSResolutionTest host="${/host}" />
+        <TCPConnectionTest host="${/host}" />
+        <SSLHandshakeTest host="${/host}" />
+        <DNSResolutionTest host="${/token_url_domain}" />
+        <TCPConnectionTest host="${/token_url_domain}" />
+        <SSLHandshakeTest host="${/token_url_domain}" />
+    </Tests>
+
+
+</Workflow>
\ No newline at end of file
diff --git a/Community Developed/Wiz/Wiz-Workflow-Parameter-Values.xml b/Community Developed/Wiz/Wiz-Workflow-Parameter-Values.xml
index 8c826f0..7d0c001 100644
--- a/Community Developed/Wiz/Wiz-Workflow-Parameter-Values.xml	
+++ b/Community Developed/Wiz/Wiz-Workflow-Parameter-Values.xml	
@@ -30,7 +30,6 @@
                     name
                     controlDescription: description
                     resolutionRecommendation
-                    risks
                     securitySubCategories {
                         title
                         category {
@@ -49,7 +48,6 @@
                     cloudEventRuleDescription: description
                     sourceType
                     type
-                    risks
                     }
                     ... on CloudConfigurationRule {
                     id
@@ -57,7 +55,6 @@
                     cloudConfigurationRuleDescription: description
                     remediationInstructions
                     serviceType
-                    risks
                     }
                 }
                 createdAt
@@ -154,4 +151,173 @@
         }
     "
     />
+
+    <Value
+        name="detections_gql_query"
+        value="
+              query Detections($filterBy: DetectionFilters, $first: Int, $after: String, $orderBy: DetectionOrder, $includeTriggeringEvents: Boolean = true) {
+  detections(
+    filterBy: $filterBy
+    first: $first
+    after: $after
+    orderBy: $orderBy
+    enforceTimestampContinuity: true
+  ) {
+    nodes {
+     __typename
+      id
+      issue {
+        id
+        url
+      }
+      ruleMatch {
+        rule {
+          id
+          name
+          sourceType
+          securitySubCategories {
+            title
+            category {
+              name
+              framework {
+                name
+              }
+            }
+          }
+        }
+      }
+      description
+      severity
+      createdAt
+      cloudAccounts {
+        cloudProvider
+        externalId
+        name
+        linkedProjects {
+          id
+          name
+        }
+      }
+      cloudOrganizations {
+        cloudProvider
+        externalId
+        name
+      }
+      startedAt
+      endedAt
+      actors {
+        id
+        externalId
+        name
+        type
+        nativeType
+        actingAs {
+          id
+          externalId
+          name
+          type
+          nativeType
+        }
+      }
+      primaryActor {
+        id
+      }
+      resources {
+        id
+        externalId
+        name
+        type
+        nativeType
+        region
+        cloudAccount {
+          cloudProvider
+          externalId
+          name
+        }
+        kubernetesNamespace {
+          id
+          providerUniqueId
+          name
+        }
+        kubernetesCluster {
+          id
+          providerUniqueId
+          name
+        }
+      }
+      primaryResource {
+        id
+      }
+      triggeringEvents(first: 10) @include(if: $includeTriggeringEvents) {
+        nodes {
+          ... on CloudEvent {
+            id
+            origin
+            name
+            description
+            cloudProviderUrl
+            cloudPlatform
+            timestamp
+            source
+            category
+            status
+            actor {
+              id
+              actingAs {
+                id
+              }
+            }
+            actorIP
+            actorIPMeta {
+              country
+              autonomousSystemNumber
+              autonomousSystemOrganization
+              reputation
+              reputationDescription
+              reputationSource
+              relatedAttackGroupNames
+              customIPRanges {
+                id
+                name
+                isInternal
+                ipRanges
+              }
+            }
+            resources {
+              id
+            }
+            extraDetails {
+              ... on CloudEventRuntimeDetails {
+                processTree {
+                  command
+                  container {
+                    id
+                    externalId
+                    name
+                    image {
+                      id
+                      externalId
+                    }
+                  }
+                  path
+                  hash
+                  size
+                  executionTime
+                  runtimeProgramId
+                  userId
+                  userName
+                }
+              }
+            }
+          }
+        }
+      }
+    }
+    pageInfo {
+      hasNextPage
+      endCursor
+    }
+  }
+}"
+    />
 </WorkflowParameterValues>
diff --git a/Community Developed/Wiz/Wiz-Workflow.xml b/Community Developed/Wiz/Wiz-Workflow.xml
index 564289e..4b44a92 100644
--- a/Community Developed/Wiz/Wiz-Workflow.xml	
+++ b/Community Developed/Wiz/Wiz-Workflow.xml	
@@ -9,12 +9,13 @@
         <Parameter name="auth_type" label="Authentication Type" required="true" />
         <Parameter name="gql_query" label="GraphQL Query" required="true" />
         <Parameter name="audit_logs_gql_query" label="GraphQL Query" required="false" />
+        <Parameter name="detections_gql_query" label="Detections GraphQL Query" required="false" />
     </Parameters>
 
     <Actions>
         
         <Log type="INFO" message="WIZ: Workflow Actions started..." />
-        <Initialize path="/user_agent_header" value="127fb887-6a5e-99be-c1ef-5c62031e9614/qradar/2.0.3-v2" />
+        <Initialize path="/user_agent_header" value="127fb887-6a5e-99be-c1ef-5c62031e9614/qradar/2.0.4" />
         <If condition="/bookmark != null">
             <!-- Format Date to be passed in fetching events -->
             <FormatDate pattern="yyyy-MM-dd'T'HH:mm:ss'Z'" timeZone="UTC" time="${/bookmark}" savePath="/timestamp" />