Skip to main content

Glossary

This article contains a glossary of mostly Brinqa specific terminology to help you understand the terms and objects you might come across in your Brinqa Platform and reading the documentation.

Asset

An abstract entity in the Brinqa Platform to store information about servers, containers, cloud resources, services, or applications. This is the entity that findings are associated with. See Asset data model.

Automation

A flexible workflow engine in Brinqa that provides capability to build complex and automated actions on any dataset derived from a BQL query. See Automations.

Base risk score

The initial score assigned to a finding, typically derived from standardized scoring systems such as Common Vulnerability Scoring System (CVSS) v3 or CVSS v2. This score reflects the inherent risk of a finding without considering any additional risk factors or context. See Risk scoring.

Brinqa agent

A secure, high-performance gateway downloaded and installed by a Brinqa customer onto their server to transfer data from the customer’s on-premises sources to the Brinqa Platform. Download the latest version on https://connectors.brinqa.io/#/downloads.

Brinqa connect

A tool for customers to send unstructured data to the Brinqa Platform. The API provides ingress/egress capabilities, along with encryption at rest to protect the data. Download the latest version on https://connectors.brinqa.io/#/downloads.

Brinqa Condition Language (BCL)

A language specifically used when creating or modifying Risk Factors, Service-Level Agreements (SLA), and clusters. The Condition in BCL is what typically comes after a WHERE clause of a BQL query and is used to specify what data to retrieve. See BCL.

Brinqa Query Language (BQL)

Brinqa Query Language utilizes an entity-relationship graph design that is simple to read and compose. You can send requests using BQL to process data stored within Brinqa Risk Graph and retrieve results based on that data.

Brinqa risk intelligence

A custom risk intelligence integration built directly into the Brinqa Platform. This integration enhances the platform's existing risk intelligence capabilities by incorporating advanced data from various sources, aiming to provide better context and reliability of risk intelligence to the vulnerabilities stored in the Brinqa Platform. See Brinqa risk intelligence.

Clusters

Clusters are a way of grouping and organizing your data based on specific characteristics.

Compliance status

The adherence of a finding to specific compliance requirements, such as policies, standards, or regulatory mandates. Compliance status is often used to track and enforce Service-Level Agreements (SLAs) for remediation efforts. See SLA.

Connector

A stand-alone component that connects to a data source and retrieves data. See Connector overview.

Connector store

A page within the Brinqa Platform where customers can install and update the connector for a particular data source.

Data computation

A process to perform actions on data models. For example, execute scripts, launch syncs, or send email notifications.

Data consolidation

A process to combine data from multiple sources based on the same unique identifier, such as the Common Vulnerability and Exposure (CVE) identification number. The homogenization of data makes it comparable, reportable, and actionable. See Data consolidation.

Data integration

A process of importing your data through a streamlined and automated method. See Data integration.

Data lifecycle management (DLM)

A configuration within data integration that enables you to designate data as inactive if it hasn't been updated within a set timeframe. Inactive data can then be scheduled for automatic purging, ensuring that only relevant and current data is retained in the Brinqa Platform. See Data lifecycle configuration.

Data orchestration

A sequence of flows that performs data integration, consolidation, and computation to get your data ready for searching and reporting in the Brinqa Platform. See Data orchestration.

Data server

A record that customers create in their Brinqa Platform to denote a server associated with their on-premises resources. See Data servers and Brinqa Agent.

Date created

An attribute to specify when the record (such as an asset, cluster, finding, finding definition, request, or ticket) is created in the Brinqa Platform.

First found

An attribute to indicate the initial date or time when the finding was detected. This timestamp is retrieved from the source.

First seen

An attribute to indicate the initial date or time when the asset was observed. This timestamp is retrieved from the source.

Finding

An abstract entity in the Brinqa Platform to represent a security finding, which may be a vulnerability, a policy violation, an alert, or a code issue. See Finding data model.

Flow

A series of steps with defined paths. Each step contains an action and a transition. Once an action has been executed, the system determines which step is next based on the execution result and the defined transition. The flow context, which contains the results of the execution of each step, is saved into a persistence layer for robust recovery and high availability.

Host

A computer that serves as a container for workloads. It typically runs an operating system and has an IP address. A host is a type of asset. See Host data model.

Last assessed

An attribute to specify the most recent date or time when an asset was assessed for vulnerabilities. This timestamp is retrieved from the source.

Last captured

An attribute to specify the most recent date or time when the data is ingested into the Brinqa Platform. This timestamp is used by data lifecycle management.

Last enrollment

An attribute to specify the most recent date or time when an asset was registered or enrolled into a system, program, or service. This timestamp is retrieved from the source.

Last fixed

An attribute to specify the most recent date or time when the finding was resolved or fixed. This timestamp is retrieved from the source.

Last found

An attribute to indicate the most recent date or time when the finding was detected. This timestampa is typically retrieved from the source, but can also be calculated by the connector.

Last integrated

An attribute to specify the most recent date or time when the integration started in the Brinqa Platform.

Last inventory update

An attribute to specify the most recent date or time when the inventory data was reviewed, modified, or refreshed. This timestamp is retrieved from the source and may reflect changes in asset status.

Last seen

An attribute to specify the most recent date or time when the asset was observed within a system, network, or environment. This timestamp is typically retrieved from the source, but can also be calculated by the connector.

Last updated

An attribute to specify the most recent date or time when the record (such as an asset, cluster, finding, finding definition, request, or ticket) was updated in the Brinqa Platform.

Remediation request

A mechanism in the Brinqa Platform for handling exceptions to prioritize vulnerabilities and accelerate the remediation process. See Remediation requests.

Remediation campaign

A way to organize remediation efforts into a structured hierarchy, giving teams the ability to align specific tasks, or tickets, under broader, strategic objectives. See Remediation campaigns.

Risk factor

A data model for users to increase or decrease risk scores without knowledge of calculated attributes or scripting. See Risk factors.

Risk rating

A qualitative representation of the risk score that considers both the severity of a finding and the likelihood of its exploitation. Risk ratings incorporate additional contextual factors, such as risk factors and environmental considerations, to provide a clear and accessible view of the overall risk associated with a finding. Usually expressed as category like Low, Medium, High, or Critical, making them useful for prioritizing remediation efforts. See Risk scoring.

Risk score

A calculated score, ranging from 1 to 10, that takes the base risk score and adjusts it by considering additional risk factors specific to your organization or environment, such as asset criticality, business impact, and threat intelligence. This score provides a more accurate assessment of the actual risk posed by a vulnerability in your specific context. See Risk scoring.

Severity

A measure of the potential impact or consequences of a finding being exploited, typically provided by data sources such as vulnerability scanners. Severity represents the criticality of the issue without considering the likelihood of exploitation or additional contextual factors. It is often categorized as Low, Medium, High, or Critical, based on the evaluation by the scanning tool.

SLA definition

A special type of data model that you can apply to other data models, enabling you to implement service-Level agreement compliance and set due dates for remediation tickets in a standardized manner. See SLA.

Source data models (SDM)

Source data models are generated by connectors in the data integration process to normalize data from different data sources, so that they can be mapped to Brinqa's unified data models.

Status configuration

A mechanism for managing and tracking the status of your assets and findings. It ensures that the status of your assets and findings accurately reflects their current state by using contextual information from your data integrations and data lifecycle management policies. See Status configurations.

Ticket

A record that documents the interactions and progress made on a single or group of findings. See Generate tickets from findings.

Unified data models (UDM)

Data models that define schema for datasets, automate data inputs, and normalize data from different sources. They are the most central elements in the Brinqa Platform, structuring and determining relationships between all data and objects in the system. See Data model reference.

View

A view defines the metadata to visualize data. Views are associated with data models. Brinqa includes several data models out of the box with preconfigured views: list, form, show, lookup, and compact. See Views.

Vulnerability

A security vulnerability that impacts a network asset or host. A vulnerability is a type of finding. See Vulnerability data model.

Vulnerability definition

A definition that contains all common attributes for any given vulnerability. See Vulnerability Definition data model.