CPC G06F 16/23 (2019.01) [G06F 16/24564 (2019.01); G06F 16/25 (2019.01); G06F 16/252 (2019.01); G06F 16/273 (2019.01)] | 15 Claims |
1. A system, comprising:
one or more processors; and
one or more computer-readable storage media storing computer-executable instructions that, when executed by the one or more processors, cause the one or more processors to collectively perform operations comprising:
receiving asset information from a plurality of sources in an IT environment, each received asset information describing a corresponding asset in the IT environment;
comparing a first one of the received asset information to previously stored asset information for a plurality of pre-existing assets, wherein each of the pre-existing assets has a corresponding unique identifier that was assigned automatically by the system upon discovery of the respective asset by the system, and wherein the previously stored asset information is stored in a database with the corresponding unique identifiers;
using one or more reconciliation rules applied by the system, determining that the first received asset information is not reconcilable with any of the previously stored asset information and consequently assigning a new unique identifier to the asset corresponding to the first received asset information and storing the first received asset information with the first new unique identifier in the database; and
using the one or more reconciliation rules applied by the system, comparing second received asset information to the previously stored asset information and determining that the second received asset information is reconcilable with previously stored asset information associated with a second unique identifier and consequently merging the second received asset information with the previously stored asset information associated with the second unique identifier,
wherein the merging applies a union operation to synthetic IDs that have been assigned to the respective asset by different source systems monitoring the respective asset, the union operation allowing the respective asset to be correctly mapped back to the different source systems monitoring the respective asset, the union operation further eliminating any duplicative information in the database common to the second received asset information and the previously stored asset information associated with the second unique identifier while maintaining at least the distinct respective synthetic IDs for the second received asset information and the previously stored asset information;
providing the merged asset information with the second unique identifier in the database for the respective asset for a security control operation; and
utilizing the synthetic IDs of the merged asset information to map the asset back to each of the different source systems monitoring the asset.
|