Insurance App: Vulnerability Detection Ingrid The Vulnerability Detection page in the Cyber Insurance application provides a workflow for underwriters to access and manage clients’ vulnerabilities and exposures - including major security events. What is Vulnerability Response This includes Vulnerability Response, which allows users to send questionnaires for vulnerabilities. Bitsight API: GET: Portfolio Threats [/v2/threats/] Vulnerability Detection Actions Breakdown Fields Filters Evidence Available Vulnerability Details Actions Breakdown Fields Filters Vulnerability Detection Vulnerability Detection: Actions Vulnerability Detection Breakdown Expand or collapse the Vulnerability Detection breakdown. Instructions: Select View full breakdown to expand the breakdown. Select Hide breakdown to collapse the breakdown. Export Vulnerability Detection Data (.csv) Instructions: Select Download CSV at the top-right of the table. Filter Vulnerability Detection Instructions: Use the available filters or filter sets from the filter options. Search Vulnerability Detection Instructions: Use the search field at the top-right of the table to search by vulnerability name. View Vulnerability Detection Details See vulnerability details. Instructions: Select a vulnerability from the table. Vulnerability Detection: Breakdown The breakdown in Vulnerability Detection contains the following information: Vulnerabilities detected in Portfolio A chart showing confirmed vulnerabilities detected in your portfolio out of all Bitsight-supported vulnerabilities. Exposure 14 day Trend The number of trending vulnerabilities during the past 14 days. Recently Supported Vulnerabilities Vulnerabilities that were most recently added to the Bitsight platform. Vulnerability Detection: Fields CTI Attributes Cyber Threat Intel (CTI) attributes are used to calculate the DVE score. [Date] First Seen The date when this vulnerability was first detected in your portfolio. DVE Score Dynamic Vulnerability Exploit (DVE) is a scoring system to prioritize vulnerabilities. EPSS The Exploit Prediction Scoring System (EPSS) percentage, which estimates the likelihood that a software will be exploited. The higher the percentage the more likely it is to be exploited. Evidence Certainty Evidence certainty indicates how conclusively the evidence shows that a company is exposed to or has mitigated a vulnerability. Exposure Detected Companies exposed to this vulnerability in the past 60 days. Exposure Trend The trend in the number of companies in your portfolio that are exposed to this vulnerability compared to 14 days ago. Mitigation Detected Companies that have evidence of mitigation or do not have evidence of exposure in the past 60 days. Severity Details The CVSS score of this vulnerability. For vulnerability groups, the highest CVSS affecting your portfolio is displayed for that group. Learn more about the CVSS scoring model. Vulnerability The name of this vulnerability. Filters Category Filter by threats. Values: vulnerabilities or vulnerability groups. Companies Exposed Filter by the number of companies that are currently exposed to a vulnerability. Values: A number range of companies (minumum & maximum). Companies Mitigated Filter by the number of companies that have mitigated the vulnerability. Values: The number range of companies (minumum & maximum). CTI Attributes Filter by CTI attributes. See attributes. [Date] First Seen Filter vulnerabilities by when they were first seen. Values: A date range within the last… 7d (days) 1m (month) 3m (months) Custom DVE Score Filter by a range in DVE scores. EPSS Filter by a range in EPSS %, which estimates the likelihood that a software will be exploited. The higher the percentage the more likely it is to be exploited. Values: The EPSS % range (minimum & maximum). Evidence Certainty Filter by evidence certainty. Exposure Trend Filter by exposure trend. Values: Increasing Flat Decreasing Folder Filter by folder. Values: Folder name. Severity Details Filter by severity. Values: 0-10 CVSS v3 score. Vulnerability Detected Include only detected vulnerabilities. Vulnerability Filter by a specific vulnerability. Values: Vulnerability name or CVE ID. Evidence Available Various types of evidence correlating to a company's state of exposure are detected in Vulnerability Detection. A company can have one or more types of evidence. Values Long time since last detection Indicates that the vulnerable software or configuration was previously observed, but has not been detected for 60 days. This may suggest that the affected system is no longer active, has been patched, or is less exposed. However, because Bitsight data relies on external observations, the absence of recent detections does not guarantee remediation. Mitigation applied Indicates that while a vulnerable product or version was detected, Bitsight has observed evidence suggesting compensating controls or configurations are in place. This can include protective measures such as web application firewalls, updated dependencies, or secured configurations that reduce or neutralize the vulnerability’s impact. Vulnerabilities marked with this evidence type may not contribute to confirmed exposure but still indicate prior detection and monitoring value. Vulnerable software or configuration in use Indicates that Bitsight has observed a product, technology, or configuration known to be associated with CVEs, but without sufficient version or mitigation details to confirm exposure. This corresponds to a Possible or Likely certainty level. The organization may or may not be vulnerable, depending on patch status and internal controls that cannot be externally verified. Vulnerable software version in use Indicates that Bitsight has observed both the product and version that explicitly match known vulnerable releases listed in CVE disclosures. No evidence of mitigation or protective controls was found, leading to a high likelihood or confirmation of exposure. This evidence type contributes directly to confirmed findings that impact the company's risk vector grades and overall Bitsight rating. Vulnerability Details The Vulnerability Details sheet provides details on a selected vulnerability. Vulnerability Details: Actions Expand or Collapse the Vulnerability Breakdown Expand or collapse the Vulnerability Details breakdown. Instructions: Select View full breakdown to expand the breakdown. Select Hide breakdown to collapse the breakdown. Export Vulnerability Details (.csv) Instructions: Select Download at the top-right of the table. Filter Vulnerability Details Filter the table data by exposure status. Instructions: Select the tab at the top of the table. Available tabs… Currently exposed Previously exposed Total exposed Download the Vulnerability Detection Report (.pdf) Instructions: Select Download Overview at the top-right of the Vulnerability Details page. Filter Vulnerability Details Instructions: Use the available filters or filter sets from the filter options. Search Related Clients Search for a client relating to the vulnerability. Instructions: Use the search bar at the top-right of the table to search by company name. Send Questionnaire Send a questionnaire for Vulnerability Response. Instructions: Select a vulnerability or vulnerability group. Check up to 60 clients from the table. Select the Send Questionnaire button at the top of the table. View a Client’s Evidence Details View a client’s evidence details sheet. The details include: First seen & last seen dates. A summary of the exposure. Evidence records pertaining to this company. A workflow for inviting a vendor to collaborate via the Client/Vendor Access Program. A downloadable report for quick-sharing. Instructions: Select a company from the table. Vulnerability Details: Breakdown The Breakdown in the Vulnerability Details page contains the following information: Vulnerability Details Vulnerability ID or Name Description Severity Remediation Current Exposure The number of clients that may be exposed to this vulnerability. Questionnaires Sent The number of questionnaires sent to clients and their completion rate for Vulnerability Response. Vulnerability Details: Fields Company Name The name of this company. [Date] First Seen The date when this vulnerability was first detected for this company. [Date] Last Seen The date when this vulnerability was last detected for this company. Evidence Certainty How conclusively Bitsight's evidence shows that a company is exposed to or has mitigated this vulnerability. Number of Vulnerabilities Indicates the number of vulnerabilities from the vulnerability group are present in this company. Filters [Date]First Seen Filter by first seen date. Values: First seen in the past… 7d (days) 1m (month) 3m (months) Custom Last Seen Filter by last seen date. Values: Last seen in the past… 7d (days) 1m (month) 3m (months) Custom Evidence Certainty Filter by the level of certainty that a company is exposed to or has mitigated a vulnerability. Values: Certainty level. Folder Filter by folder. Values: Folder name. June 9, 2025: Added DVE Score and CTI Attributes fields and filters; Removed Category field; Renamed Vulnerability Number filter to Vulnerability; Added Evidence Certainty filter; Defined Vulnerability Response. September 9, 2024: Currently Exposed field changed to Exposure Detected; Added EPSS field and filter; Added Evidence Certainty field; Previously Exposed field changed to Mitigation Detected; Added Companies Mitigated filter. January 31, 2024: Listed available actions; Vulnerability groups – Category filter & Number of Vulnerabilities field; Incorporated Vulnerability Response workflows. Related articles Exposure Detection & Evidence Certainty Findings: Vulnerability Detection Finding Behavior GET: Portfolio Threats [v2] Sovereign API Endpoint Feedback 0 comments Please sign in to leave a comment.