| CPC G06F 21/577 (2013.01) [G06F 21/53 (2013.01); G06F 21/6218 (2013.01); G06F 2221/034 (2013.01)] | 13 Claims |
|
1. A method for cybersecurity vulnerability management through ticket system reduction, comprising:
receiving a plurality of alerts from a cybersecurity monitoring system, the cybersecurity monitoring system configured to monitor a computing environment, wherein each alert includes a plurality of attributes;
generating in a graph database a ticket node corresponding to each alert of the received plurality of alerts;
generating in the graph database a ticket group node, the ticket group node connected to a plurality of ticket nodes, each ticket node of the plurality of ticket nodes corresponding to an alert having an attribute with a same value;
generating a ticket in a ticketing system corresponding to the ticket group node;
generating a visual representation of the ticket corresponding to the ticket group node;
receiving a second plurality of alerts from a second cybersecurity monitoring system which is also configured to monitor the computing environment such that the cybersecurity monitoring system and the second cybersecurity monitoring system provide overlapping detection of cybersecurity issues, do not communicate with one another, and possibly generate alerts for a same cybersecurity issue;
connecting the ticket group node to a second plurality of ticket nodes, each ticket of the second plurality of ticket nodes corresponding to another alert of the second plurality of alerts having the attribute with the same value; and
generating a unified ticket node, the unified ticket node based on the alert received from the cybersecurity monitoring system and the another alert received from the second cybersecurity monitoring system, wherein the alert includes a resource identifier which matches a resource identifier of the another alert, and the alert further includes a cybersecurity issue identifier which matches a cybersecurity issue identifier of the another alert.
|