Skip to main content

Unified Data Model (UDM) Reference

Brinqa Platform includes a Unified Data Model (UDM) that is available to all Brinqa applications. The following table details each models and its attributes:

NameDescriptionParent data modelDefault categories
AccountA user's access to a service.AssetEnvironments, Profiles, Remediation owner, Risk owner, Technologies, Type
Affected technologyA cluster type based on technologies that are affected by a finding, such as Java, Mozilla, or Windows.One to many cluster modelNone
ApplicationA software application.AssetEnvironments, Profiles, Remediation owner, Risk owner, Technologies, Type
AssessmentAn assessment performed against an asset.Entity modelNone
AssetThe base model for various asset categories.Entity modelEnvironments, Profiles, Remediation owner, Risk owner, Technologies, Type
Asset profileA cluster type that enables meaningful, business oriented grouping of assets, such as Payment card industry (PCI) compliance or the Federal Risk and Authorization Management Program (FedRAMP) compliance.One to many cluster modelNone
Asset technologyA cluster type that identifies the type of technology associated with an asset. An asset can be linked to multiple technology categories, such as operating systems or cloud platforms.One to many cluster modelNone
Asset typeA cluster type that determines the identity of an asset. Various tools may have their unique categorizations that could vary slightly. For example, Mobile phone vs. Cell phone. Clustering the assets based on Asset Type enables you to standardize these identities dynamically.One to one cluster modelNone
Attack vectorThe path a vulnerability takes to exploit a system.Entity modelNone
Base modelThe base model that defines characteristics many other data models may have by acting as a parent model to other data models. Child data models inherit the parent model’s attributes, so the base model saves administrators the time of repeatedly adding the same attributes to many different data models.NoneNone
Business serviceA function performed by a business unit.Entity modelNone
Business unitA group of assets that belong to the same business ownership group.Entity modelNone
CertificationA certification a user receives upon completing a course or taking an exam.AssetEnvironments, Profiles, Remediation owner, Risk owner, Technologies, Type
Cloud resourceA resource from a cloud provider and can be anything from a VPC (virtual private cloud) to an individual user in your system.AssetEnvironments, Profiles, Remediation owner, Risk owner, Technologies, Type
Cluster modelA built-in data model that defines common attributes for grouping entities.Base modelNone
Code projectA collection of files scanned by a static code scanner.AssetEnvironments, Profiles, Remediation owner, Risk owner, Technologies, Type
Code repositoryAn archive of a code base.AssetEnvironments, Profiles, Remediation owner, Risk owner, Technologies, Type
CompanyA business organization.Entity modelNone
ContainerA package of all dependencies related to a software component that is run in an isolated environment.AssetEnvironments, Profiles, Remediation owner, Risk owner, Technologies, Type
Container imageAn immutable package of everything that a container needs to run.AssetEnvironments, Profiles, Remediation owner, Risk owner, Technologies, Type
CPE recordThe National Vulnerability Database (NVD) Common Platform Enumeration (CPE) dictionary.Entity modelNone
CVE recordThe descriptive data about a vulnerability associated with a Common Vulnerabilities and Exposures (CVE) ID.Entity modelNone
DeviceAny piece of hardware on a network that may be susceptible to a vulnerabilityAssetEnvironments, Profiles, Remediation owner, Risk owner, Technologies, Type
Dynamic code findingA security finding identified using the Dynamic Application Security Testing (DAST) methodology.FindingRemediation owner, Risk owner
Dynamic code finding definitionA definition that contains all common attributes for any given dynamic code finding.Finding definitionFinding type, Profiles, Technologies
Dynamic code ticketA record that documents the interactions and progress made on a single or group of dynamic code findings.TicketNone
Entity modelA built-in entity model that defines common attributes and relationships between entities.Base modelNone
EnvironmentThe business environment an asset is found on.One to one cluster modelNone
Exception requestA request to have additional time to remediate a finding.RequestNone
False positive requestA request to mark a finding as a false positive.RequestNone
FindingA security finding, which may be a vulnerability, policy violation, an alert, or code issue.Entity modelRemediation owner, Risk owner
Finding definitionA definition that contains all common attributes for any given finding.Entity modelFinding type, Profiles, Technologies
Finding profileA cluster type that enables meaningful, business oriented grouping of findings, such as Open Worldwide Application Security Project (OWASP) Top 10.One to many cluster modelNone
Finding typeA cluster type that provides definition of a finding category. Various tools may have their unique categorizations that could vary slightly. For example, cross-site scripting (XSS) vs. pentest. Clustering the findings based on Finding Type enables you to standardize these identities dynamically.One to one cluster modelNone
HostA computer that serves as a container for workloads. It typically runs an operating system and has an IP address.AssetEnvironments, Profiles, Remediation owner, Risk owner, Technologies, Type
Host imageAn immutable package of everything that a host needs to run.AssetEnvironments, Profiles, Remediation owner, Risk owner, Technologies, Type
IP rangeA range of IP addresses in a network.AssetEnvironments, Profiles, Remediation owner, Risk owner, Technologies, Type
Manual findingA security finding discovered through manual testing.FindingRemedation owner, Risk owner
Manual finding definitionA definition that contains all common attributes for any given manual finding.Finding definitionFinding type, Profiles, Technologies
Manual ticketA record that documents the interactions and progress made on a single or group of manual findings.TicketNone
Network segmentA group of subnets.AssetEnvironments, Profiles, Remediation owner, Risk owner, Technologies, Type
Open source findingA security finding in the open-source software or library.FindingRemediation owner, Risk owner
Open source finding definitionA definition that contains all common attributes for any given open source finding.Finding definitionFinding type, Profiles, Technologies
Open source ticketA record that documents the interactions and progress made on a single or group of open source findings.TicketNone
PackageAn assemblage of files and information about those files. A package can represent software components, applications from a package manager, and more.AssetEnvironments, Profiles, Remediation owner, Risk owner, Technologies, Type
Pentest findingA security finding discovered through a penetration test.FindingRemedation owner, Risk owner
Pentest finding definitionA definition that contains all common attributes for any given pentest finding.Finding definitionFinding type, Profiles, Technologies
Pentest ticketA record that documents the interactions and progress made on a single or group of pentest findings.TicketNone
PersonA data model representing a person.Entity modelEnvironments, Profiles, Remediation owner, Risk owner, Technologies, Type
Remediation ownerA cluster type used to identify a person or a group of people responsible for remediating findings.One to one cluster modelNone
RequestThe parent data model for requests.Base modelNone
Risk acceptance requestA request to not remediate but assume the risk for a finding.RequestNone
Risk factorA condition that increases or decreases the overall risk score of an entity by a given value.One to many cluster modelNone
Risk levelA built-in model that represents the range used for determining risk rating from a risk score.Base modelNone
Risk ownerA cluster type used to identify a person or a group of people who own the risk associated with findings.One to one cluster modelNone
Risk scoring modelA built-in model that defines how to compute base risk score, risk score, and risk rating for a data model.One to one cluster modelNone
RoleA built-in model that defines characteristics of user roles within the system.Base modelNone
ServiceA service used by an organization.AssetEnvironments, Profiles, Remediation owner, Risk owner, Technologies, Type
Service levelA built-in model to represent a range for a service level to be applied.Base modelNone
SLA definitionA built-in model used to calculate the due date or compliance date of another data model, such as findings or tickets.One to one cluster modelNone
SiteA built-in model to represent a website or web application.AssetEnvironments, Profiles, Remediation owner, Risk owner, Technologies, Type
Site certificateA built-in model to represent a site's certificate.AssetEnvironments, Profiles, Remediation owner, Risk owner, Technologies, Type
SoftwareA computer program developed outside of the organization whose code is not managed by AppSec.AssetEnvironments, Profiles, Remediation owner, Risk owner, Technologies, Type
Software installA computer program whose code is not managed by AppSec that is installed on an asset.AssetEnvironments, Profiles, Remediation owner, Risk owner, Technologies
Source modelA built-in model that defines common attributes for data sources.Base modelNone
Sprint modelA data model that represents a short, time-boxed period for scheduling tickets.Entity modelNone
Static code findingA security finding identified using the Static Application Security Testing (SAST) methodology.FindingRemediation owner, Risk owner
Static code finding definitionA definition that contains all common attributes for any given static code finding.Finding definitionFinding type, Profiles, Technologies
Static code ticketA record that documents the interactions and progress made on a single or group of static code findings.TicketNone
SubnetA subnet in a network.AssetEnvironments, Profiles, Remediation owner, Risk owner, Technologies, Type
Threat IntelligenceInformation about cyber threats to help mitigate potential attacks.Entity modelNone
TicketA record that documents the interactions and progress made on a single or group of findings.Entity modelNone
UserA data model that defines characteristics of individual users of the system.Base modelNone
ViolationA finding that is not following best practice policy.FindingRemediation owner, Risk owner
Violation definitionA definition that contains all common attributes for any given violation.Finding definitionFinding type, Profiles, Technologies
Violation ticketA record that documents the interactions and progress made on a single or group of violations.TicketNone
VulnerabilityA security vulnerability that impacts a network asset or host.FindingRemediation owner, Risk owner
Vulnerability definitionA definition that contains all common attributes for any given vulnerability.Finding definitionFinding type, Profiles, Technologies
Vulnerability ticketA record that documents the interactions and progress made on a single or group of vulnerabilities.TicketNone
WeaknessA type of software and hardware weakness or flaw.Entity modelNone