URIP Advanced Ticketing is a multi-tenant, audit-grade ticketing module that lives alongside the Risk Register and reuses every URIP primitive: tenant scoping, SHA-256 hash-chained audit log, SSE, Celery, Redis, Postgres. It covers the 80% of Jira / Linear / ServiceNow that 80% of teams use — workflow with parallel branches and approvals, 18 custom-field types, multi-goal SLA, automations, URIPQL search, ClamAV-scanned attachments, full bidirectional Risk Register linkage. Replace or coexist with your existing ITSM on a per-tenant basis.
Below: V1 GA = live today; V1.5 = next milestone (target Q3 2026); V2 = roadmap. We don't pretend otherwise.
Designed for SOC analysts, IAM engineers, tenant admins, approvers and external auditors. Same code base ships across every tenant; per-tenant configuration via DB.
Configurable status states, transitions, screen schemes and per-project workflow schemes. Parallel branches and first-class approvals as objects — approvers see a global Approvals tab, not just buried-in-comments toggles. Sub-workflows compose without recursion explosions.
Text, paragraph, number, decimal, date, datetime, select, multi-select, cascading-select, user-picker, group-picker, version-picker, URL, label-list, radio, checkbox, attachment, and a sandboxed formula type with bounded AST evaluation. Per-project schemes. Searchable.
Time-to-first-response, time-to-resolution and arbitrary milestone goals on the same ticket. Business-hours via Pendulum with DST-aware property tests. Pause conditions on transitions. Event-driven scheduler with a 60-second safety-net beat — breaches fire even if a worker dies.
Trigger / condition / action engine with a typed AST. Actions include http_request (SSRF-guarded — RFC1918, link-local and metadata IPs blocked), branch_if, set_field, add_comment, transition. Smart-values via a hardened Jinja2 sandbox. Dry-run + manual-trigger + per-rule audit log.
Lark-based PEG grammar parity with JQL / LQL. Boolean operators, arithmetic, interval literals, custom-field references, function calls. Backed by Postgres tsvector + pg_trgm + numeric side-tables — every saved view runs against EXPLAIN-asserted indexes.
25 MiB per-attachment cap, allowlisted Content-Type and magic-byte sniffing, sanitised filenames. V1 GA today: upload metadata is recorded with scan_status=pending so the attachment row surfaces in the UI immediately. V1.5: ClamAV streaming gates download eligibility; PDF metadata strip via pikepdf and image EXIF strip via Pillow.
One click on any Risk pre-fills a ticket and writes the link into ticket_risk_links with a cross-tenant trigger guard. When the ticket closes, the risk flips to remediated through a transactional outbox + relay worker — at-least-once delivery, never lost on crash.
Every transition, field edit, comment, attachment and approval is appended to URIP’s existing audit-log chain — the same one auditors already verify. Tamper-evident by construction. Verification endpoint replays the chain and surfaces any broken link.
No marketing tricks. We mark every row with the truth — including the items that ship in V1.5 or V2 rather than V1. If you need something we don’t have yet, you should know before you buy.
| Capability | URIP | Jira | Linear | ServiceNow | Freshservice |
|---|---|---|---|---|---|
| Workflow engine parallel branches + approvals | Parallel + approvals | Parity | Limited | Parity | Basic parity |
| Custom field types 18 incl. formula | 18 types | Parity | Parity (recent) | Parity | Basic parity |
| Query language URIPQL ≈ JQL / LQL | URIPQL | JQL | LQL | Encoded query | Limited filter UI |
| SLA with multi-goal policies | Multi-goal · DST-aware | JSM Premium only | No native SLA | Parity | Parity |
| Rich-text editor slash-commands, mentions | TipTap + slash | Parity | Parity | Parity | Basic parity |
| Native Risk Register integration unique to URIP | Native bidirectional | Third-party plugin | Third-party plugin | Third-party plugin | Third-party plugin |
| Hash-chained audit log tamper-evident | SHA-256 chain | Audit log only | Audit log only | Audit log only | Audit log only |
| Multi-tenant + auto tenant-filter | Enforced at ORM layer | Cloud isolation | Cloud isolation | Cloud isolation | Cloud isolation |
| Pricing model | Bundled with URIP | Per-seat | Per-seat | Per-seat (high) | Per-seat |
| Components / Versions object model | V2 | Native | Limited | CMDB-backed | Limited |
| Bidirectional Jira sync field-mapping UI | V1.5 | Native (it is Jira) | No | Plugin | Plugin |
| Native Slack rich Block Kit cards | V1.5 (V1: OAuth + DM-text + slash) | Native | Native | Limited | Native |
| Native mobile app | Responsive web only | iOS + Android | iOS + Android | iOS + Android | iOS + Android |
| Marketplace / plugin SDK | Not planned | Atlassian Marketplace | Limited | ServiceNow Store | Marketplace |
We mark deferred items so you can plan. If your team needs a Components / Versions object model or a native iOS app today, those are on our V2 roadmap — not in V1 GA. If you need bidirectional Jira sync with a field-mapping UI, that lands in V1.5. We will not pretend otherwise.
The same multi-tenant database, the same audit log, the same SSE channel. Risk and remediation aren’t two products glued together — they’re two views of one record.
A connector ingests a finding, the 5-lens engine scores it, and a row lands in the Risk Register with a deterministic 0–10 composite score and SLA timer.
An analyst clicks Create Ticket. The ticket arrives with the risk pre-filled, links written into ticket_risk_links, owners notified via in-app + email + Slack, and an idempotency key prevents duplicates on retry.
When the ticket transitions to Closed, the transactional outbox + relay worker writes the resolution back to the Risk Register — at-least-once delivery, never lost on crash. The audit chain captures every step.
The ticketing module reuses URIP infrastructure that is already in production — not a parallel stack with parallel auth, parallel logs and parallel observability.
The same TenantContext + SQLAlchemy auto-filter that every URIP model uses today. Cross-tenant prevention enforced at the ORM layer.
The existing SHA-256 chain in audit_logs — monthly partitioned, append-only, replay-verifiable. No parallel ticket-only audit table.
The same urip:sse:{tenant_id} Redis pub/sub channel that drives the cockpit. New ticket-event taxonomy added; channel and auth path unchanged.
Existing app and beat scheduler. Four new dedicated queues with priorities and a real DLQ. Two worker containers post-W4. Distributed lock for SLA tick fairness.
Reuses URIP’s crypto service for at-rest encryption of webhook secrets. Per-tenant DEK wrapped by KEK, KMS-backed in production.
V1: 25 MiB per-attachment cap, allowlisted MIME types, magic-byte sniff, sanitised filenames; metadata is recorded immediately. V1.5: ClamAV daemon gates downloads on scan_status=clean.
If you already license URIP, ticketing is included. There is no add-on SKU and no separate seat count to reconcile at renewal. Replace your existing ITSM, or keep it and use URIP Ticketing only for risk-driven remediation — both modes are a per-tenant configuration.
The demo inbox runs the same code that ships to production tenants. Create a ticket, transition it through workflow, attach evidence, watch the audit chain grow.