Security Performance Management
Continuous Monitoring
Cyber Insurance
National Cybersecurity

Articles in this section

Working with Bitsight on Questions About Data Quality and Event Attribution

Avatar
Ingrid
Follow
  • July 6, 2023: Appeals process.
  • September 6, 2022: Added directory to sections.
  • January 12, 2021: Linked to more information on the available tools for providing context.

When your rating is impacted by a finding, a criterion is used to establish its validity. This is in line with how we think about objectivity. We’re bringing our process to light to help make it easier and safer for you to do business with your partners. Our data sources have been rigorously tested and evaluated to ensure that each record included in your security rating is verifiable. We establish processes and systems for ensuring reliability throughout the lifetime of the data.

About the Data

Our data sources have been rigorously tested and evaluated to ensure that each record included in your security rating is verifiable. We establish processes and systems for ensuring reliability throughout the lifetime of the data. Learn more about our threat research process to ensure data quality.

Event Attribution

When your rating is impacted by a finding, a criterion is used to establish its validity. This is in line with how we think about objectivity. We’re bringing our process to light to help make it easier and safer for you to do business with your partners. Our data sources have been rigorously tested and evaluated to ensure that each record included in your security rating is verifiable. We establish processes and systems for ensuring reliability throughout the lifetime of the data.

Appeals

The security ratings industry can only exist if ratings providers maintain their objectivity; customers rely on our product for benchmarking cybersecurity performance and ensuring that vendors are taking the necessary steps to improve their own security posture. As a result, we have built out a fair and consistent process for handling all appeals.

After using the features on the platform to look at all the factors we measure, if you believe there is a problem with the way we’ve rated your company, we have the following appeals process that you can follow with our team.

Preparation

Several things to keep in mind as you prepare to file an appeal:

  • Forensic Information and Details is Provided for your Team in the Product: The forensic information we have is included on the findings detail page for each finding. This includes the specifics, PCAP if it is available and any additional information. See Findings for more details.
  • Valid, Remediated Findings Will Need to Live out their Lifetime: If you have fixed a finding, it will need to live out its lifetime before it stops impacting your rating. See What To Do After Remediation.
  • Findings from Guest Networks are Considered Valid as they Happened on your company’s Network: If this is a concern for your team, we recommend creating a self-published rating that excludes your guest Wi-Fi network and explain this fact in the headline. See Requesting a Self-Published Report to get started. You can also create a public infrastructure tag for the IP addresses handling this traffic.
  • Findings were the Result of Legitimate Testing on your Network: Please use our process outlined here for appealing these findings.

Requirements and Best Practices for an Appeal

After using the features on the platform to look at all the factors we measure, if you believe there is a problem with the way we’ve rated your company, we have an appeals process that you can follow with our team.

We agree to mutual confidentiality provisions with all of our customers and Access Request recipients. You may also submit redacted screenshots.

You will need to submit a ticket to Bitsight Support with the following information from your internal systems:

  • Date of observation.
  • Type of observation.
  • Your reason for contesting the result.
  • Steps you have taken to troubleshoot the event.
  • Screenshots of logs or other dashboards (vs. spreadsheets or text files) that demonstrate the results of your troubleshooting are generally preferred.

Acceptable logging information include:

  • Screenshot(s) from logging systems or your malware testing environment
  • Dates and times
  • Source and destination ports
  • Source and destination IPs
  • Complementary written documentation about how your organization’s systems are handling the traffic in question and why you believe it doesn’t merit inclusion

CSV or text files that contain log outputs are considered to be less robust.

Once your organization has taken the action(s) required and compiled recommended logging information, send your report to the Bitsight Support team.

Response Times

Your request may require input from our research, data science, and engineering teams and often requires a time-intensive analysis of the data impacting your rating. Allow 7-10 business days for Bitsight to complete its investigation.

Related articles