Brinqa unveils AI agents to streamline cyber risk data

Brinqa has launched two artificial intelligence agents designed to address asset ownership gaps and duplicate security findings-issues that can slow remediation and distort risk reporting in large organisations.

The tools, called the AI Attribution Agent and the AI Deduplication Agent, are built into the Brinqa exposure management platform. They target two common operational problems for security teams managing environments with thousands or millions of assets and an expanding set of security products.

Security leaders have invested heavily in scanners, cloud security tools and application security testing, but many organisations still struggle to turn their outputs into decisions that withstand scrutiny from executives and regulators. Conflicting assessments can delay action, repeated alerts can inflate exposure counts, and missing ownership data can leave critical issues unassigned.

Ownership inference

The AI Attribution Agent addresses missing or outdated asset attribution data. It infers details such as owner, business unit and environment classification when those fields are absent or stale.

The agent uses machine learning models trained on patterns in an organisation's existing data and provides reasoning, confidence scores and traceability. A human approval step remains in place before any changes are accepted.

Asset ownership data often sits outside security tooling, living in configuration management databases, cloud accounts, identity systems, procurement records or team-managed spreadsheets. Organisational changes can also make ownership records inaccurate. In exposure management programmes, these gaps can lead to remediation tasks being bounced between teams or left open because no one is accountable for the affected system.

Signal clean-up

The AI Deduplication Agent consolidates duplicate exposure signals from multiple scanners and security tools into a single record. It correlates findings that refer to the same underlying issue, even when tools use different naming conventions or severity ratings.

Duplicate findings are a common operational burden. Organisations often run several products that check for overlapping weaknesses, each with its own identifiers, severity scales and ticketing integrations. In practice, teams can end up working on multiple versions of the same problem. Risk metrics can also become unreliable when reporting relies on raw finding counts rather than consolidated issues.

Brinqa says the approach goes beyond matching on static identifiers such as CVEs and positions the agent to reduce "phantom findings" and conflicting tickets while providing a cleaner view of exposure levels across the environment.

Platform layers

Brinqa has linked the agents to a platform structure it describes as three integrated layers: a Data Layer, an AI Layer and an Orchestration Layer. The Data Layer aggregates exposure, asset, and threat data; the AI Layer runs agents on that dataset; and the Orchestration Layer provides dashboards and workflow automation.

It also highlighted its CyberRisk Graph, described as a proprietary data model that maps relationships between exposure data, assets and threat intelligence. Brinqa says the model adapts as environments change, with data normalisation and cleansing across different source types.

Another element is BrinqaDL, described as a data lake that retains historical exposure and remediation information. Brinqa links this to audit and forensic needs and to long-term trend analysis, and says customers retain ownership and control of their data.

Automation workflows

Within the Orchestration Layer, Brinqa offers dashboards that group exposure priorities in different ways, including by OWASP Top 10 categories, team or business unit, urgency, class and threat. These views are intended for day-to-day triage and management reporting.

Brinqa has also expanded its workflow tooling with SmartFlows, a no-code orchestration engine with a drag-and-drop interface. SmartFlows can trigger alerts, create tickets and route issues based on organisation-defined conditions.

Workflow features have become central to exposure management platforms as organisations try to close the gap between detection and remediation. Integrations with ticketing systems and engineering workflows can reduce time spent moving issues between teams and make it easier to measure whether remediation actions change risk levels over time.

Brinqa is positioning the combined approach to improve decision-making when security tools disagree or produce overlapping outputs. It also links the new agents to governance needs, where leaders want evidence of how issues were prioritised and assigned.

"As attack surfaces expand and security tool sprawl grows, leaders find themselves with more data and less confidence. That's a trust problem," said Dan Pagel, chief executive officer of Brinqa.

"This release addresses it head-on with AI-native agents built into a platform architected for AI from the ground up. Deduplication, ownership attribution, and SmartFlow automations - all transparent, all explainable, all designed to turn exposure management into a trusted and disciplined, continuous system for reducing real risk."

Brinqa says it will continue developing the platform around data ingestion, AI-driven analysis and orchestration, with the new agents forming part of its product roadmap for exposure management in large enterprise environments.