Security Performance Management
Continuous Monitoring
Cyber Insurance
National Cybersecurity

Articles in this section

Security Performance Management Application

Avatar
Ingrid
Follow
  • August 24, 2023: Added My Company List & Cloud Infrastructure Sync pages.
  • May 16, 2023: Peer Analytics relocated from Dashboards to the Peer Comparison.
  • November 15, 2022: Vulnerability Detection now available.

The Security Performance Management Application is optimized for Security Performance Management (SPM) workflows.

  • Use the App Switcher, located at the top of the left navigation menu, to toggle between applications.
  • The Context Switcher dropdown, located in the top actions bar, allows you to select from your subscribed subsidiaries in your Rating Tree or your most recently viewed companies. The data on the functional pages is synced for that selected company.

SPM Navigation Overview

Navigation Menu

Use the toggle, on the bottom left, to expand or collapse the menu at any time to get a wider view of the data.

Menu Section Description
Dashboards Insights about a company’s security posture.
  Overview Your My Company dashboard, which highlights recent changes to your organization’s Bitsight Security Ratings and supporting data (e.g., ratings, new findings, and infrastructure changes).
Company Details The selected company’s security rating overview and company information.
Issue Tracking A Remediation dashboard that provides an overview of the current state of your issue tracking process for one of your companies.
Financial Quantification Measure your organization’s financial exposure across various cyber events and impact scenarios.
Organization If your company has multiple subsidiaries, this provides quicker access to your Ratings Tree.
  Subsidiaries Access Enterprise Analytics, which allows you to better understand your Ratings Tree.
Ratings Tree A depiction of your organization’s company hierarchy within the Bitsight platform.
My Company List View any subscribed entity within My Company.
Attack Surface Details on your assets and their attribution to your company.
  Attack Surface Analytics Insight into your organization’s external digital footprint.
Infrastructure
  • See externally-facing infrastructure (Assets that are attributed to the organization).
  • Report missing infrastructure.
  • Set an end date for the association.
Assets Hostnames/domains and IP addresses that are attributed to your organization.
Attribution See how the infrastructure is attributed to your organization and manage your infrastructure.
Work From Home Search for findings that might introduce risk to your organization via IP addresses.
Cloud Infrastructure Sync Automatically update your cloud IP footprint daily.
Risks Details on your security rating, findings data, and the Vulnerability Catalog.
  Rating Details A breakdown of the selected company’s risk, drilling into the individual risk vectors.
Findings The culmination of observed internet traffic and configurations, providing a single place to sort, filter, analyze, comment on, track remediation efforts, and export Bitsight findings.
Vulnerability Detection See vulnerabilities affecting your My Company and your SPM Subsidiaries.
Peer Comparison Compare the currently selected subsidiary against companies you’ve chosen for benchmarking or for comparison against risk vectors.
  Peer Analytics Your Peer Analytics dashboard, which provides an objective, data-driven comparison between companies and peer groups.
Risk Vectors A comparison of risk vector performance.
Benchmarking Benchmark your organization, or if you have a SPM Subsidiary subscription, you can benchmark your subsidiaries.
Action Plans Keep track of actions you are taking:
  • Forecast how the rating for your company or subsidiary might change over time.
  • See remediation steps that will have the greatest impact on your overall rating.
  • Access your Collaboration Inbox.
  Rating Improvement Generate a Rating Improvement forecast.
Risk Remediation A prioritized list of findings that can be fixed to improve certain risk vector grades. A plan is designed to identify and remediate high-impact findings to reach an A grade.
Control Insights Identify gaps in security controls. Control Insights uses automatic, intelligent analysis of the already collected externally observable telemetry to generate insights on whether your security controls appear to be performing effectively or ineffectively.
Subsidiary Improvement A guideline for prioritizing your remediation efforts, providing the magnitude of impact that the subsidiary/risk vector has on the parent rating.
Collaboration Inbox Address contextual findings from collaboration via the Enable Access Program. See details of your access, collaboration history, and the reasoning for the request to collaborate.
Alerts Ease your workload with automated and customized notifications. Get alerted on specific security performance changes in your extended organization so you can take immediate action on ratings changes, infections, or vulnerabilities impacting your company or subsidiary.
  Subsidiaries Monitor rating changes in your Ratings Tree.
Infections Get alerted on Botnet Infection events that occur within your company’s infrastructure. Identify infections as they occur, maintain business continuity, and better prioritize threats.
Reports Summarized security program status and trends for distribution to your board, team, key stakeholders, and subsidiaries.
Bitsight Badge Share your My Company’s or primary’s Bitsight Security Rating with your customers, prospects, and stakeholders. Proactively sharing your rating increases transparency and showcases the strength of your cybersecurity performance program.

Related articles