US Patent 11805146 System and method for detection promotion

A modified configuration management database (CMDB) system is disclosed in which detected configuration item (CI) vulnerabilities are stored as less-resource-intensive detection objects, rather than as more-resource-intensive vulnerable item (VI) objects. The system includes a vulnerability response (VR) server that enables promotion rules to be created and periodically applied to the stored detections. When the conditions of a detection promotion rule are satisfied by information relating to a stored detection, a new VI may be created and related to the stored detection within the CMDB. The disclosed promotion rules can be configured to ensure that VIs are only automatically created for high-risk or relevant detections, substantially reducing the number of VIs to be created, stored, and managed. As such, the disclosed system substantially reduces resource consumption and improves the efficiency and operation of the CMDB.