Defenda Security Intelligence
  • Introduction
    • Welcome
    • What is Security Intelligence?
    • Highlighting The Important Risks
    • We Need Your Feedback
  • Vulnerability API
    • Defenda OSINT Vulnerability API
    • What is the Vulnerability API For?
    • How to Use the Vulnerability API
  • Intelligence API
    • The Intelligence Data Model
Powered by GitBook
On this page
  • Unit
  • System
  • Service
  • Findings
  • Frameworks
  • Rulebooks
  1. Intelligence API

The Intelligence Data Model

How we glue information to getter to produce the insights we need

PreviousHow to Use the Vulnerability API

Last updated 3 months ago

Unit

In Defenda's terminology, a "unit" denotes a team, department, or domain. We request organizations to provide unit data to link risks and security vulnerabilities to the appropriate business units. This data enables us to identify managers and team members for notifications regarding critical actions. Most importantly, we offer reports and insights to help you understand which units require more or less attention and support in terms of security.

System

In Defenda's terms, a "system" is any application or platform, usually consisting of multiple services, that plays a crucial role in an organization’s operations. We require system data to accurately link vulnerabilities and security events to specific systems within your infrastructure. This system information enables a more precise evaluation of risks posed by vulnerabilities in a system, helping in identifying areas needing intervention and ensuring targeted security measures. We offer detailed reports and guidelines to aid in enhancing the security posture of these systems.

Service

To achieve a more accurate risk evaluation, consider breaking down your system into different services, each with its own security constraints. This approach will help Defenda evaluate risks more effectively and improve reporting.

Findings

A finding, as in security finding, is anything that points torwards something that might be wrong, needs evaluation or a fix. When you report findings in Defenda, those findings must be linked to a service, a system or a unit. By linking the findings with services and systems we can more precisely evaluate the risk they pose and by linking findings with units we can provide you with a better accountability overview.

Frameworks

A security framework is a set of structured guidelines and best practices aimed at helping organizations manage and mitigate security risks. By offering a comprehensive approach to identifying and addressing threats, these frameworks ensure consistent security protocols across various systems and services. Defenda correlates its findings with these frameworks to provide a thorough understanding of compliance risks associated with detected issues.

Rulebooks

Managing compliance across multiple security frameworks can be challenging. With Defenda, you can simplify this process by creating internal rulebooks that map to various framework requirements. This ensures your team follows a single, streamlined security guideline, reducing complexity and improving efficiency. By linking a rulebook with multiple frameworks you can then correlate findings with rules from the rulebook and get a complete compliance overview.

https://intelligence.api.defenda.seintelligence.api.defenda.se