<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1175921925807459&amp;ev=PageView&amp;noscript=1">

Mapping the Internet: Why High-Quality Company Asset Maps are the Foundation of BitSight Ratings

Ben Fagan | March 16, 2016

BitSight has an inventory of over 80,000 customer curated companies that can be instantly added to any portfolio. All rated companies have the capability to vet and provide feedback on all information within their asset map. This enables customers to quickly get a comprehensive view of the security posture of a third party or themselves - including information on diligence, event, and user behavior risk vectors. In order to provide ratings and risk vector information, BitSight creates a vetted and accurate asset map of each company added to the inventory.

Other emerging companies that claim to measure company performance occasionally boast about the number of companies they have in their inventory. As the creator of the security ratings marketplace, BitSight has set the standard for what it takes to produce a viable rating on a company. Part of this standard is setting thresholds for quality requirements that make the rating actionable for our customers and their 3rd parties. BitSight has a total of 113,000 companies in our ever growing inventory and, in practice, an unlimited number of companies through our innovative provisional ratings methodology. BitSight, however, clearly differentiate the curated ratings from provisional ratings so that customers have all the information that is necessary to make impactful business decisions every day using BitSight’s ratings.

When it comes to ratings that drive business decisions, such as vendor relationships or board reporting, accuracy and quality are paramount. Here are the three key differentiators that make BitSight the most trusted name in the business.

Data Quality

BitSight with its over 650 customers, knows that data quality is the cornerstone for any ratings product. By capturing relevant event, diligence and user behavior data, BitSight’s Data Science Team actively evaluates all risk information that enters the product. Company asset maps are an equally important piece of this puzzle. Many customers and prospects will compare maps from their internal network teams to the ones provided by BitSight in the ratings product. As one multinational customer noted (case study), “The rating service only works as well as the network maps. We were impressed with both the breadth and quality of BitSight’s network maps and data. They were more sophisticated than other solutions.”

An Innovative Process

BitSight uses cutting edge technologies and processes to capture the most accurate information within asset maps. Firstly, this means using technology to capture aggregated asset information on a particular company. BitSight has developed the majority of these patent-pending technologies and continues to innovate in the process of determining the relevant assets of an organization needed to produce a high-quality rating. Then, the Technical Research Team quickly hand curates and determines the appropriate technical assets such as IP addresses, domain names, and non-technical assets such as employee counts, subsidiary relationships and more. These asset maps are then regularly updated and proactively refreshed in the event of a major business change, such as a merger or acquisition. The most important part of the BitSight mapping process boils down to one simple word: transparency. BitSight allows any company, customer or not, to evaluate and recommend changes to their asset maps. Many non-customer companies have requested to see and make changes to their asset maps because they understand that BitSight is quickly becoming a standard for evaluating security performance. This openness and transparency of BitSight’s mapping process further improves the end quality of the maps available in the platform.

A Dedicated Research Team

Lastly, BitSight has invested heavily in the right people to get the job done. The goal of the Technical Research Team is to capture IP information and vet all data that goes into the product. Each researcher is trained on how to find the most relevant information about IP space in order to determine whether a specific CIDR block should or should not be added to a company’s map. Determining this information is not a “yes” or “no” decision; defining a company’s amorphous boundaries requires human intelligence. Examples of this human intelligence include deciphering business relationships or understanding cryptic markers on a CIDR block. “The technical research team is on the front lines of making sure our customers are getting the most accurate information possible within the BitSight platform,” notes CTO Stephen Boyer, adding, “this means that beyond churning out IP maps quickly for customers requests (which we do!), it also includes setting up a process and accountability for making sure that as businesses change, from international expansion to M&A, we can update the information accordingly in our maps.”


BitSight has become the market leader in security ratings because customers can trust and verify the data. This trust and the actionability of information provided in the BitSight platform - proven to indicate the risk of a breach - has positioned BitSight as the only security ratings provider that is used by security and risk leaders to report to the board. Jack Nichelson, Director of IT Infrastructure and Security at Chart Industries, recently noted that BitSight data can help his board understand if they are spending money in the right areas when it comes to security. With many customers paying for our service, including 52 of the Fortune 500, BitSight is committed to providing ratings that are objective, verifiable and actionable. In order to accomplish this, BitSight has invested in the right technology, process and people to ensure that the company maps available in the platform are, without a doubt, the best, most accurate in the industry.

Suggested Posts

Subscribe to get security news and updates in your inbox.