Bank of America Corporation
Generating Alerts Based on Continuous Monitoring of Third Party Systems

Abstract:

Aspects of the disclosure relate to generating alerts based on continuous monitoring of third party systems. In some embodiments, a computing platform may receive asset inventory data of a third party computing system of an entity. Based on comparing the asset inventory data of the third party computing system to a list of security vulnerability definitions maintained in a common vulnerabilities and exposures database, the computing platform may identify vulnerabilities and send a notification to the third party computing system of the identified vulnerabilities. Then, the computing platform may request implementation of remediation actions, by the third party computing system of the first entity, for the identified vulnerabilities within a predefined period of time. Next, the computing platform may receive a status of the remediation actions. Based on the third party computing system of the first entity implementing the remediation actions, the computing platform may store updated asset inventory data.