BitSight Data

BitSight collects best-in-class security data through the largest proprietary data set of any security ratings provider and exclusive partnerships with proven global organizations. Using more than 120 data sources, we provide comprehensive insight into an organization’s security posture to rate performance and identify areas of risk.

Objective, Verifiable, and Actionable Data on Security Performance

Since its founding in 2011, BitSight has consistently delivered security ratings with the greatest depth and breadth of coverage for organizations operating around the globe. BitSight is the most widely used Security Rating Service, with more than 2,100 customers putting our data into action to make integral business and security decisions. Independent third parties have confirmed that BitSight Security Ratings are correlated to the likelihood of a data breach. BitSight invests heavily in research and development to empower customers with objective, verifiable, and actionable security data. We follow a rigorous, multi-month research and evaluation process for each new data source to qualify its accuracy and reliability. We leverage data on compromised systems from our proprietary sinkholing infrastructure — regarded as the largest in the world. Our team also develops strategic partnerships with global data providers to increase the diversity of perspectives that inform corporate, industrial, and sovereign security risk.


BitSight Security Ratings Correlate to Data Breaches

Data breaches — especially those originating from compromised third parties and vendors — are on the rise. According to a recent Bomgar study, 67% of organizations have experienced a data breach as a result of vendor access. Today, organizations need security data that clearly puts risk into business context.

BitSight Data Chart

BitSight helps organizations understand the risk and likelihood of a data breach. We provide insight into vulnerabilities facing your organization and your third parties. As validated by
AIR Worldwide, companies with a BitSight Security Rating of 500 or lower are almost five times more likely to have a breach than those with a rating of 700 or more.

Bitsight Data Sheet
Data Sheet
BitSight Security Ratings Correlate to Breaches

Read this data sheet to learn why BitSight is the only security ratings platform that indicates the risk of a publicly disclosed data breach.

Download Now


Four Data Categories in BitSight's Security Ratings Platform

Compromised Systems are devices within an organization's network that are infected with malware. Each separate instance of malware communications, even if it is from the same machine, constitutes a single observation.

We identify and classify compromised systems into the following risk types:

Botnet Infections
A unified network of machines that are performing coordinated actions based on instructions received from the malware’s creators.
Spam Propagation
Machines compromised with malware that causes them to send large volumes of unwanted email.
Malware Servers
A machine hosting a website that injects malicious code into a visitor’s browser, often resulting in the installation of new malware on that visitor’s computer.
Potentially Exploited
A machine running a potentially unwanted application which leaves the system vulnerable to adware, spyware, and remote access tools.
Unsolicited Communications
Any host that is observed trying to contact a service on another host that is not expected or supported.

Diligence records demonstrate the steps a company has taken to prevent attacks. We identify and classify diligence risk vectors as follows:

Open Ports
Ports that are exposed to the public internet, which are evaluated to determine whether or not unnecessary access points exist.
TLS/SSL Certificates
Records verifying the authenticity of your company servers to your associates, clients, and guests, and which serve as the basis for establishing cryptographic trust.
TLS/SSL Configuration
Records indicating that servers have properly configured security protocol libraries and support strong encryption standards when making encrypted connections to other machines.
Web Application Headers
HTTP header configurations that inform how to receive and respond to web requests in a manner that prevents malicious behavior such as man-in-the-middle and cross-site scripting attacks.
Sender Policy Framework (SPF)
A DNS (Domain Name System) record identifying which mail servers are permitted to send email on behalf of a domain, preventing spammers from sending emails with forged “From:” addresses.
DomainKeys Identified Mail (DKIM)
A protocol designed to prevent unauthorized servers from sending email on behalf of a company’s domain.
Patching Cadence
The speed at which a company resolves publicly disclosed vulnerabilities, which are bugs in software or device firmware that can be used to gain unauthorized access to systems and data.
Server Software
Versions of commonly installed IT infrastructure software, which can indicate security vulnerabilities and obsolescence.
Desktop and Mobile Software
Versions of commonly installed desktop and mobile operating systems and browsers, which can indicate security vulnerabilities and obsolescence.
Insecure Systems
Devices that may be communicating with domains registered by malware distributors or hacking teams, which could allow attackers to inject malicious code back into these systems and access or extract sensitive data.
DNSSEC Records*
A protocol that uses public key encryption to authenticate DNS servers.
Mobile Application Security*
Versions of mobile applications in Android and iOS app stores with known security risks that can compromise end-users' devices and networks.
Domain Squatting*
Web Domains that appear to be a legitimate domain of an organization, but are under the control of external actors and can be used to carry out spear phishing attacks.
* risk vector does not currently impact rating calculations

User Behavior examines activities that may introduce malicious software onto a corporate network, for example, by downloading a compromised file. We identify and classify user behavior into the following risk types:

File Sharing
Media and software shared using peer-to-peer exchange protocols, which can be infected with malware.
Exposed Credentials*
Indicates whether employees of a company have had their personal or corporate information revealed as a result of a publicly-disclosed data breach.
* risk vector does not currently impact rating calculations

BitSight collects information about publicly disclosed breaches and interruptions to business continuity from a variety of news sources and data breach aggregation services. A breach is attributed to a company when there is significant, publicly-disclosed evidence that the company was at fault for the data loss, such as a company-issued disclosure notice or investigation from a credit card company.

author photo

"We were very confident in BitSight’s ability to deliver accurate information to us and have that accuracy over time."

Chris Porter, CISO, Fannie Mae
View Case Study

Experience the BitSight Security Ratings Platform

Learn how you can simplify your risk management and take charge of your cybersecurity with these intuitive and powerful solutions.

Request A Demo