Systems and methods of detecting and mitigating malicious network activity

What is claimed is: 1. A computer-implemented method comprising: receiving, by a computer, a set of one or more alert elements containing a customer identifier from one or more alert-generating systems configured to generate a corresponding alert element; generating, by the computer, in an integrated alert database an integrated alert associated with the customer identifier, the integrated alert comprising one or more data fields containing data from the set of one or more alert elements associated with the customer identifier in the alert element database, wherein the integrated alert database is configured to store a plurality of integrated alerts associated with a plurality of customer identifiers; generating, by the computer, a first learning algorithm configured to determine a risk associated with each of the set of one or more alert elements, wherein the first learning algorithm receives an input of a first learning algorithm dataset based on data associated with a set of one or more scenario attribute models, wherein each of the set of one or more scenario attribute models is associated with a different rate of fraud; iteratively updating, by the computer, the first learning algorithm dataset based on updated data associated with the set of one or more scenario attribute models, wherein the computer periodically queries a database to receive the updated data associated with the set of one or more scenario attribute models; executing, by the computer, the first learning algorithm on each integrated alert stored in the integrated alert database to generate a risk score for each respective integrated alert, the risk score of the integrated alert based upon the one or more data fields in the integrated alert; and upon the computer receiving a second alert element associated with the customer identifier from an alert-generating system: identifying, by the computer, in the integrated alert database the integrated alert associated with the customer identifier; and updating, by the computer, the risk score for the integrated alert based upon the one or more data fields of the second alert element and the set of one or more alert elements, upon determining that the integrated alert is not marked as completed. 2. The computer-implemented method according to claim 1 , further comprising: storing, by the computer, each alert element into an alert element database configured to store a plurality of alert elements associated with a plurality of customer identifiers. 3. The computer-implemented method according to claim 1 , wherein an alert element of the set of one or more alert elements comprises log files. 4. The computer-implemented method according to claim 1 , wherein an alert element of the set of one or more alert elements comprises machine-readable code containing data fields describing a detected event associated with a data channel. 5. The computer-implemented method according to claim 1 , wherein the one or more alert-generating systems are further configured to generate alert elements comprising data field associated with type of the alert-generating system. 6. The computer-implemented method according to claim 1 , further comprising: formatting, by the computer, the one or more alert elements received from the one or more alert-generating systems. 7. The computer-implemented method according to claim 1 , further comprising: matching, by the computer, the one or more alert elements received from the one or more alert-generating systems with a set of one or more scenario attribute models. 8. The computer-implemented method according to claim 7 , further comprising: determining, by the computer, a scenario from the set of one or more scenario attribute models that is matched with the one or more alert elements received from the one or more alert-generating systems, wherein the scenario from the set of one or more scenario attribute models identify a particular type of fraud or attack. 9. The computer-implemented method according to claim 1 , further comprising: generating, by the computer, the risk score for each respective integrated alert based on a first learning algorithm that applies to the one or more data fields of the alert elements underlying each respective integrated alert. 10. The computer-implemented method according to claim 1 , further comprising: updating, by the computer, the risk score for an integrated alert at a predetermined interval. 11. The computer-implemented method according to claim 1 , further comprising: generating, by the computer, the risk score for each respective integrated alert in response to a triggering event, wherein the triggering event comprises receiving a new alert element for the customer identifier of the integrated alert. 12. The computer-implemented method according to claim 1 , further comprising: generating, by the computer, the risk score for each respective integrated alert in response to a triggering event, wherein the triggering event comprises when a threshold number of alert elements have been received for the customer identifier of the integrated alert. 13. The computer-implemented method according to claim 1 , further comprising: sorting, by the computer, each respective integrated alert according to the risk score such that each respective integrated alert is presented on a graphical user interface (GUI) of an analyst computer in order of priority as indicated by the relative risk score. 14. A computer-implemented method comprising: receiving, by a computer, a set of one or more alert elements containing a customer identifier from one or more alert-generating systems configured to generate a corresponding alert element; storing, by the computer, each alert element into an alert element database configured to store a plurality of alert elements associated with a plurality of customer identifiers; generating, by the computer, in an integrated alert database an integrated alert associated with the customer identifier, the integrated alert comprising one or more data fields containing data from the set of one or more alert elements associated with the customer identifier in the alert element database, wherein the integrated alert database is configured to store a plurality of integrated alerts associated with a plurality of customer identifiers; generating, by the computer, a risk score for each respective integrated alert stored in the integrated alert database, the risk score of the integrated alert based upon the one or more data fields in the integrated alert; and upon the computer receiving a second alert element associated with the customer identifier from an alert-generating system: identifying, by the computer, in the integrated alert database the integrated alert associated with the customer identifier; and updating, by the computer, the risk score for the integrated alert based upon the one or more data fields of the second alert element and the set of one or more alert elements, upon determining that the integrated alert is not marked as completed. 15. A system comprising: one or more alert-generating systems configured to generate an alert element; an alert element database configured to store a plurality of alert elements; and a computer configured to: receive a set of one or more alert elements containing a customer identifier from the one or more alert-generating systems configured to generate a corresponding alert element; store each alert element into the alert element database configured to store the plurality of alert elements associated with a plurality of customer identifiers; generate in an integrated