Skip to main content
Security Performance Management
Continuous Monitoring
Vendor Risk Management
Trust Management Hub
Cyber Insurance
National Cybersecurity

Insurance App: Vulnerability Detection

Ingrid

The menu-vulnerability-detection.png Vulnerability Detection page in the Cyber Insurance application provides a workflow for underwriters to access and manage clients’ vulnerabilities and exposures - including major security events.

What is Vulnerability Response

This includes Vulnerability Response, which allows users to send questionnaires for vulnerabilities.

Bitsight API: GET: Portfolio Threats [/v2/threats/]

Vulnerability Detection

Vulnerability Detection: Actions

Vulnerability Detection Breakdown

Expand or collapse the Vulnerability Detection breakdown.

Instructions:

  • Select View full breakdown to expand the breakdown.
  • Select Hide breakdown to collapse the breakdown.

Export Vulnerability Detection Data (.csv)

Instructions: Select download.png Download CSV at the top-right of the table.

Filter Vulnerability Detection

Instructions: Use the available filters or filter sets from the filters.png filter options.

Search Vulnerability Detection

Instructions: Use the search field at the top-right of the table to search by vulnerability name.

View Vulnerability Detection Details

See vulnerability details.

Instructions: Select a vulnerability from the table.

Vulnerability Detection: Breakdown

The breakdown in Vulnerability Detection contains the following information:

Vulnerabilities detected in Portfolio
A chart showing confirmed vulnerabilities detected in your portfolio out of all Bitsight-supported vulnerabilities.
Exposure 14 day Trend
The number of trending vulnerabilities during the past 14 days.
Recently Supported Vulnerabilities
Vulnerabilities that were most recently added to the Bitsight platform.

Vulnerability Detection: Fields

CTI Attributes
Cyber Threat Intel (CTI) attributes are used to calculate the DVE score.
[Date] First Seen
The date when this vulnerability was first detected in your portfolio.
DVE Score
Dynamic Vulnerability Exploit (DVE) is a scoring system to prioritize vulnerabilities.
EPSS
The Exploit Prediction Scoring System (EPSS) percentage, which estimates the likelihood that a software will be exploited. The higher the percentage the more likely it is to be exploited.
Evidence Certainty
Evidence certainty indicates how conclusively the evidence shows that a company is exposed to or has mitigated a vulnerability.
Exposure Detected
Companies exposed to this vulnerability in the past 60 days.
Exposure Trend
The trend in the number of companies in your portfolio that are exposed to this vulnerability compared to 14 days ago.
Mitigation Detected
Companies that have evidence of mitigation or do not have evidence of exposure in the past 60 days.
Severity Details

The CVSS score of this vulnerability. For vulnerability groups, the highest CVSS affecting your portfolio is displayed for that group.

Learn more about the CVSS scoring model.

Vulnerability
The name of this vulnerability.

Filters

Category

Filter by threats.

Values: vulnerabilities or vulnerability groups.

Companies Exposed

Filter by the number of companies that are currently exposed to a vulnerability.

Values: A number range of companies (minumum & maximum).

Companies Mitigated

Filter by the number of companies that have mitigated the vulnerability.

Values: The number range of companies (minumum & maximum).

CTI Attributes
Filter by CTI attributes. See attributes.
[Date] First Seen

Filter vulnerabilities by when they were first seen.

Values: A date range within the last…

  • 7d (days)
  • 1m (month)
  • 3m (months)
  • Custom
DVE Score
Filter by a range in DVE scores.
EPSS

Filter by a range in EPSS %, which estimates the likelihood that a software will be exploited. The higher the percentage the more likely it is to be exploited.

Values: The EPSS % range (minimum & maximum).

Evidence Certainty
Filter by evidence certainty.
Exposure Trend

Filter by exposure trend.

Values:

  • Increasing
  • Flat
  • Decreasing
Folder

Filter by folder.

Values: Folder name.

Severity Details

Filter by severity.

Values: 0-10 CVSS v3 score.

Vulnerability Detected
Include only detected vulnerabilities.
Vulnerability

Filter by a specific vulnerability.

Values: Vulnerability name or CVE ID.

Evidence Available

Various types of evidence correlating to a company's state of exposure are detected in Vulnerability Detection. A company can have one or more types of evidence.

Values

Long time since last detection
Indicates that the vulnerable software or configuration was previously observed, but has not been detected for 60 days. This may suggest that the affected system is no longer active, has been patched, or is less exposed. However, because Bitsight data relies on external observations, the absence of recent detections does not guarantee remediation.
Mitigation applied
Indicates that while a vulnerable product or version was detected, Bitsight has observed evidence suggesting compensating controls or configurations are in place. This can include protective measures such as web application firewalls, updated dependencies, or secured configurations that reduce or neutralize the vulnerability’s impact. Vulnerabilities marked with this evidence type may not contribute to confirmed exposure but still indicate prior detection and monitoring value.
Vulnerable software or configuration in use
Indicates that Bitsight has observed a product, technology, or configuration known to be associated with CVEs, but without sufficient version or mitigation details to confirm exposure. This corresponds to a Possible or Likely certainty level. The organization may or may not be vulnerable, depending on patch status and internal controls that cannot be externally verified.
Vulnerable software version in use
Indicates that Bitsight has observed both the product and version that explicitly match known vulnerable releases listed in CVE disclosures. No evidence of mitigation or protective controls was found, leading to a high likelihood or confirmation of exposure. This evidence type contributes directly to confirmed findings that impact the company's risk vector grades and overall Bitsight rating.

Vulnerability Details

The Vulnerability Details sheet provides details on a selected vulnerability.

Vulnerability Details: Actions

Expand or Collapse the Vulnerability Breakdown

Expand or collapse the Vulnerability Details breakdown.

Instructions:

  • Select View full breakdown to expand the breakdown.
  • Select Hide breakdown to collapse the breakdown.

Export Vulnerability Details (.csv)

Instructions: Select download.png Download at the top-right of the table.

Filter Vulnerability Details

Filter the table data by exposure status.

Instructions: Select the tab at the top of the table. Available tabs…

  • Currently exposed
  • Previously exposed
  • Total exposed

Download the Vulnerability Detection Report (.pdf)

Instructions: Select Download Overview at the top-right of the Vulnerability Details page.

Filter Vulnerability Details

Instructions: Use the available filters or filter sets from the filters.png filter options.

Search Related Clients

Search for a client relating to the vulnerability.

Instructions: Use the search bar at the top-right of the table to search by company name.

Send Questionnaire

Send a questionnaire for Vulnerability Response.

Instructions:

  1. Select a vulnerability or vulnerability group.
  2. checkbox.png Check up to 60 clients from the table.
  3. Select the Send Questionnaire button at the top of the table.

View a Client’s Evidence Details

View a client’s evidence details sheet. The details include:

  • First seen & last seen dates.
  • A summary of the exposure.
  • Evidence records pertaining to this company.
  • A workflow for inviting a vendor to collaborate via the Client/Vendor Access Program.
  • A downloadable report for quick-sharing.

Instructions: Select a company from the table.

Vulnerability Details: Breakdown

The Breakdown in the Vulnerability Details page contains the following information:

Vulnerability Details
  • Vulnerability ID or Name
  • Description
  • Severity
  • Remediation
Current Exposure
The number of clients that may be exposed to this vulnerability.
Questionnaires Sent
The number of questionnaires sent to clients and their completion rate for Vulnerability Response.

Vulnerability Details: Fields

Company Name
The name of this company.
[Date] First Seen
The date when this vulnerability was first detected for this company.
[Date] Last Seen
The date when this vulnerability was last detected for this company.
Evidence Certainty
How conclusively Bitsight's evidence shows that a company is exposed to or has mitigated this vulnerability.
Number of Vulnerabilities
Indicates the number of vulnerabilities from the vulnerability group are present in this company.

Filters

[Date]First Seen

Filter by first seen date.

Values: First seen in the past…

  • 7d (days)
  • 1m (month)
  • 3m (months)
  • Custom
Last Seen

Filter by last seen date.

Values: Last seen in the past…

  • 7d (days)
  • 1m (month)
  • 3m (months)
  • Custom
Evidence Certainty

Filter by the level of certainty that a company is exposed to or has mitigated a vulnerability.

Values: Certainty level.

Folder

Filter by folder.

Values: Folder name.

  • June 9, 2025: Added DVE Score and CTI Attributes fields and filters; Removed Category field; Renamed Vulnerability Number filter to Vulnerability; Added Evidence Certainty filter; Defined Vulnerability Response.
  • September 9, 2024: Currently Exposed field changed to Exposure Detected; Added EPSS field and filter; Added Evidence Certainty field; Previously Exposed field changed to Mitigation Detected; Added Companies Mitigated filter.
  • January 31, 2024: Listed available actions; Vulnerability groups – Category filter & Number of Vulnerabilities field; Incorporated Vulnerability Response workflows.
Was this article helpful?
0 out of 0 found this helpful
Return to top

Related articles

Feedback

0 comments

Please sign in to leave a comment.