- July 21, 2023: Infrastructure Changes report.
- May 12, 2023: Vulnerability Detection & Vulnerability Detection Evidence reports.
- May 8, 2023: Company Relative Risk report.
Reports allow you to gain insight into security risks and exposures within a single organization or across a portfolio of companies. If you have any questions or feedback about a specific report, please contact Bitsight Support.
- Reports in the Security Performance Management application surfaces specific security risks, vulnerabilities, and remediations for your company. It offers a detailed view into the security posture of your organization. You can identify security trends and the distribution of findings within your company and investigate specific findings.
- The Portfolio Dashboard highlights a Featured Report.
Use the filters to search for reports depending on your reporting needs. Reports are organized into the following categories and subcategories:
- Assessment Questionnaires
- Comparisons
- Findings and Infrastructure Details
- History and Trends
- Overview and Executive Reporting
Assessment Questionnaires
Name | Description |
---|---|
|
A summary of a company’s alignment with ISO/IEC 27001 using Bitsight Security Ratings data as evidence. |
|
A summary of a company‘s alignment with the NIST CSF using Bitsight data as evidence. |
|
Have visibility into aggregated risk, data breaches and security effectiveness of vendors that are in the scope of regulatory assessments. |
Comparisons
Name | Description |
---|---|
Benchmarking |
Compare a company and up to 5 industry peers, industries, tiers, or folders. |
Company Comparison |
Compare up to 5 companies in your portfolio. |
Industry Ratings |
Security rating averages for industries represented in your portfolio. |
Findings and Infrastructure Details
Name | Description |
---|---|
3rd Party Security Incidents |
Identify security incidents across your monitored third parties to understand possible points of exposure. |
4th Party Security Incidents |
Identify security incidents across your fourth party service providers to understand possible points of exposure. |
|
See your assets in your externally exposed attack surface. |
Compromised Systems |
Compromised Systems event details including infection type, start date, end date, and duration. |
Diligence |
Diligence details including evidence, grade, start date, end date, and risk vector specific information. |
Forensics |
Forensic details for Compromised Systems and User Behavior events including C&C IP address and torrent hash of malware. |
|
See changes in your organization’s infrastructure and details about the change. |
Infrastructure |
CIDR blocks, IP addresses, and domains attributed to your organization. |
|
An overview of your organization’s Bitsight platform usage. |
|
Discover the concentration of vulnerabilities across your portfolio. |
User Behavior |
User Behavior details including risk type, category, start date, and end date. |
|
Get an extensive summary of your organization’s external attack surface. |
Vulnerability Detection Evidence |
See evidence for the vulnerabilities detected in your organization. |
History and Trends
Name | Description |
---|---|
Infection Trends |
Discover how the concentration of infections is changing across your portfolio. |
|
Measure the effectiveness of your TPRM program using key security ratings performance indicators. |
|
Have visibility into the data of your entire portfolio. Understand and monitor their security posture. |
Ratings History |
Bitsight Security Ratings data for the past 12 months for a company including daily ratings, grades, and percentiles. |
Vulnerability Trends |
Discover how a concentration of vulnerabilities can change across your portfolio. |
Overview and Executive Reporting
Name | Description |
---|---|
|
Security rating reports including a security performance overview and comparison to industry averages. |
Company Preview |
A synopsis of how a company is performing when compared to its industry peers. |
|
Review a company's relative risk and past Bitsight Security Rating performance. |
Control Insights Executive Summary |
Share your organization’s control, current evaluation, and history with your stakeholders. |
Executive | Present a high-level overview of your company’s cybersecurity posture to non-technical and executive stakeholders, including company leadership, board members, investors, and shareholders. |
|
Communicate progress of your vendors’ Security Rating improvement program. |
Industry Ratings |
Security rating averages for industries represented in your portfolio. |
Life Cycle Overview |
See the companies in your portfolio across the life cycle stages. |
Life Cycle Trend |
See the average number of days that companies in your portfolio are in the Onboarding and Re-Assessment life cycle stages. These can be benchmarked against the portfolio average. |
|
Executive summary of your organization’s security performance with customizable notes. |
|
Get an overview of collaboration engagement across your portfolio, highlight touch-points, and track your collaboration progress (including changes in risk). |
|
Identify how risk is distributed across your portfolio. |
Portfolio Overview |
An overview of the Bitsight Security Ratings across your portfolio of companies. |
|
Provides insight into the level of cyber risk exposure introduced to companies in your portfolio. |
Portfolio Ratings |
Bitsight Security Ratings and risk vector grades for your portfolio companies. |
|
See the likelihood of companies in your portfolio falling victim to a ransomware attack. |
|
Get a comparison of a client’s risk vector performance compared to your underwriting risk tolerance. |