Platform · Dependency Mapping
Upstream and downstream dependencies on every asset, classified by service or data, scored by criticality, and built into the same record that holds the asset's vulnerabilities, continuity plan, and data governance.
Why it matters
Most security teams have an asset inventory. Some have a CMDB. Almost none have an accurate, current, criticality-scored dependency map of which assets rely on which, and how data flows between them. So when an incident hits, the blast radius is estimated in a meeting rather than read off a screen.
Alvor models dependencies as part of the asset record. Open any asset and you see its upstream services and data sources, its downstream consumers, and a criticality score on every link. It is the same data model the Risk module uses to score residual impact and the Business Continuity module uses to set RTO and RPO targets.
One asset record, one dependency graph, one source of truth for blast radius, continuity, and risk.
On every asset
Five upstream services, three downstream consumers, every link criticality-scored. No tab-switching, no separate CMDB.
web-frontend:latest
vm-p-bastion-amd
Riyadh DR Data Center
orders-db-primary
EU Customer Portal
app.example.com
alvor-github-actions
main.manage.suite
exec-analytics
web-frontend:latest
vm-p-bastion-amd
Riyadh DR Data Center
orders-db-primary
EU Customer Portal
app.example.com
alvor-github-actions
main.manage.suite
exec-analytics
Capabilities
Built into the asset record, classified by type, scored by criticality, cross-linked across the platform.
Pan, zoom, and explore upstream and downstream dependencies as a node graph, with a synchronised list view alongside.
Every link is tagged as a service dependency (continuity concern) or data dependency (privacy concern). Each gets its own review.
Critical, High, Medium, Low scoring so blast radius and risk impact propagate automatically into Risk and Continuity.
Every asset shows its dependency counts at a glance. Five upstream, three downstream: how many things does this asset hold up.
Downstream dependencies drive realistic RTO and RPO targets. Upstream dependencies feed inherent and residual risk scoring.
Dependencies live on the asset record, alongside components, vulnerabilities, continuity, and data governance. One record, six dimensions.
Where it fits
Questions
Every asset in Alvor carries its own dependency map. Open any asset and you see its upstream dependencies (what it depends on) and downstream dependencies (what depends on it) as an interactive graph, plus a flat list view. Dependencies are classified as service dependencies or data dependencies, and each one is criticality-scored (Critical, High, Medium, Low) so blast radius is visible at a glance.
Get started
Whether you lead security, run IT, manage compliance, or sit in the C-suite - we'll show you your view.