To evaluate application risk effectively organizations must analyze information from various application assessment and monitoring tools and programs - SAST, DAST, IAST, SCA, Penetration Testing - effectively and with the knowledge of how these applications support and impact business functions. Brinqa Application Risk Service provides a comprehensive application security data ontology to automate normalization, correlation, and, analysis of data from disparate application testing tools and programs.