BitSight Expands Data Breadth in Security Ratings Platform

Ben Fagan | April 29, 2016

BitSight is proud to announce the release of new features that provide expanded data breadth to all customers. These new innovations enable customers to better identify risks in third party networks and their own networks. Annotations, a new innovation in the security ratings market that allows customers to add tags to specific parts of their network asset maps, providing context for customers to take appropriate action with new events on their network or the network of a third party. Furthering BitSight’s mission to provide actionable data, Patching Cadence, the newest Diligence risk vector, is expanding data breadth in the platform. This risk vector evaluates a company’s responsiveness in patching major vulnerabilities. Learn more about these features that are helping customers better manage and streamline their security risk management efforts:

Building a Collaborative Platform with Annotations

Annotations enable companies to provide tags on specific CIDR blocks belonging to that company. As a quickly growing standard in the market, companies can use these tags to provide internal or external comments on specific CIDR blocks. For example, many companies have guest wifi networks that are separate from the corporate network. These guest wifi networks may have specific event, diligence or user behavior issues that are reflected in the BitSight platform.

Annotations provides collaborative capabilities previously not available to security ratings customers. By introducing this new innovation, companies can streamline their internal security processes, vendor monitoring, cyber insurance underwriting and mergers and acquisitions due diligence. By being able to filter by tagged IP addresses, customers can better manage changes in events, diligence or user behavior items on their own network, or better prioritize outreach to vendors with new observed issues. This latest innovation by BitSight expands the platform to give companies the ability to expand communication and provide context both internally and externally.

BitSight’s Latest Diligence Risk Vector: Patching Cadence

Patching Cadence is the newest Diligence risk vector available for all customers in the platform. This risk vector evaluates how many systems in an organization's network infrastructure are affected by vulnerabilities and how quickly the company resolved any issues. Vulnerabilities are publicly disclosed holes or bugs in software or device firmware that can be used by attackers to gain unauthorized access to systems and data. Patches are updates to the affected software that resolve the vulnerability and close that particular avenue of attack.

Patching Cadence is a beta risk vector and is not currently used in the rating of a company’s ratings. Yet, customers can begin to put this information to immediate action by identifying any major vulnerabilities on their network to remediate any major issues. Companies can also use the Request Vendor Access button to enable third parties to remediate issues as they arise.


These new powerful features help customers move their security risk management forward. By providing additional context to their network asset maps, companies can have more informed and insightful conversations around security and potential issues in their network or the network of a third party. The Patching Cadence risk vector will provide even more data breadth and insight into security posture of organizations worldwide. These new features are further enhancing the BitSight platform and solidifying this solution as the standard in security ratings.

Suggested Posts

What Companies Using Cloud Services Need To Know About Their Risk Responsibilities

Cloud computing is not new to the cyber world; it’s here to stay. Web services are common in our everyday lives and workplaces, with things like Facebook, Salesforce, JIRA, Adobe, and GSuite all falling into the cloud-based category. But...


Joint Effort with Microsoft to Disrupt Massive Criminal Botnet Necurs

Since 2017 BitSight has been working together with Microsoft’s Digital Crimes Unit (DCU) to understand the inner workings of the Necurs malware, its botnets and command and control infrastructure in order to take disruptive action against...


Forecasting and Advanced Analytics: Building a Solid Security Strategy For 2020

2020 is not only the beginning of a new year, but the start of a new decade, and with it comes the dawn of a new era for the digital world. We’re now in the midst of the once far-off, “futuristic” time periods old books and movies used to...


Subscribe to get security news and updates in your inbox.