Skip to main content

Ownership Queries

The following examples demonstrate Brinqa Query Language (BQL) queries that pertain to ownership clusters. These queries are especially useful when analyzing ownership clusters and their associated assets or vulnerabilities.

Who is responsible for a specific risk or remediation?

FIND User AS u
THAT OWNS RiskOwner AS ro
WHERE ro.name = "Name"
FIND User AS u
THAT OWNS RemediationOwner AS ro
WHERE ro.name = "Name"

Which critical vulnerabilities are owned by a specific remediation cluster?

FIND Vulnerability AS v
THAT HAS Asset AS a
AND a THAT OWNS_REMEDIATION RemediationOwner AS ro
WHERE v.riskRating = "Critical"
AND ro.name = "CloudOps"

Which assets have both risk and remediation owners?

FIND Asset AS a
THAT OWNS_REMEDIATION RemediationOwner AS ro
AND a THAT OWNS_RISK RiskOwner AS ro2

Which assets are missing both risk and remediation owners?

FIND Asset AS a
THAT OWNS_REMEDIATION RemediationOwner AS ro
AND a THAT OWNS_RISK RiskOwner AS ro2
WHERE ro.name = "Unknown"
AND ro2.name = "Unknown"

Which critical assets belong to a specific remediation owner cluster?

FIND RemediationOwner AS ro
THAT OWNS_REMEDIATION Asset AS a
WHERE ro.name LIKE "Windows Workstation Remediation Team"
AND a.riskRating = "Critical"
Last updated on