Cybersecurity Asset Inventory
A complete security Assets structure with vulnerability tracking, risk management, control mapping, and compliance evidence collection. Built for security teams who need a unified view of their security posture inside JSM Assets.
What You Get
Five object types that form a closed security loop -- from assets through vulnerabilities to controls, risks, and compliance requirements. Each deploys with pre-configured attributes and relationships.
Security Asset
Physical and virtual devices requiring security management, vulnerability scanning, and compliance monitoring. Tracks hostname, IP, criticality, data classification, owner, and discovery source.
Vulnerability
Known security weaknesses from scanners tracked through remediation. Records CVE ID, CVSS score, severity, affected asset, discovery date, remediation status, and SLA deadline.
Security Control
Safeguards and countermeasures that protect assets and satisfy compliance requirements. Maps to CIS Controls, NIST CSF, ISO 27001, SOC 2, or PCI-DSS frameworks.
Risk
Identified security risks with inherent and residual scoring. Tracks likelihood, impact, treatment plan, affected assets, related controls, and risk owner for executive accountability.
Compliance Requirement
Regulatory and policy requirements mapped to controls for audit evidence. Supports ISO 27001, SOC 2, PCI-DSS, HIPAA, GDPR, and NIST 800-53 frameworks.
How They Connect
17 pre-configured relationships form a closed security loop: assets attract vulnerabilities, controls address them, risks link back to assets, and compliance requirements tie everything together.
Documentation
Supplementary guides for this schema are in progress and will be available soon.
Ready to deploy?
Install JSM Launchpad from the Atlassian Marketplace and deploy the Cybersecurity schema in under a minute.
Install from Marketplace