The Security Performance Management Application is optimized for Security Performance Management (SPM) workflows.
- The context switcher dropdown, located in the top actions bar, allows you to select from your subscribed subsidiaries in your Rating Tree or your most recently viewed companies.
- The data on the functional pages is synced for that selected company.
- A subset of pages are available for Total Risk Monitoring or Risk Monitoring subscriptions.
- The context switcher may be blank if the page data is not driven off of a specific company's data.
Navigation Menu
Menu Section | Description | |
---|---|---|
Dashboard | Highlights recent changes to your organization’s Bitsight Security Ratings and supporting data (e.g., ratings, new findings, and infrastructure changes). | |
Organization | View your ratings tree, access rating details of entities in your organization, and tools that showcase the rating. | |
Company Details | The selected company’s security rating overview and company information. | |
Rating Details | A breakdown of the selected company’s risk, drilling into the individual risk vectors. | |
Ratings Tree | A depiction of your organization’s company hierarchy within the Bitsight platform. | |
My Company List | View any subscribed entity within My Company. | |
Subsidiaries | Access Enterprise Analytics, which allows you to better understand your Ratings Tree. | |
Assessments | Automatically assess your organization’s risk vector grades against control frameworks. | |
Bitsight Badge | Share your My Company’s or primary’s Bitsight Security Rating with your customers, prospects, and stakeholders. Proactively sharing your rating increases transparency and showcases the strength of your cybersecurity performance program. | |
Findings | Prioritize, manage, and monitor risks in your external attack surface, including findings that affect the rating. | |
Findings Table | Findings, which are the culmination of observed internet traffic and configurations, and their details. This provides a single place to sort, filter, analyze, comment on, track remediation efforts, and export Bitsight findings. | |
Issue Tracking | A remediation dashboard that provides an overview of the current state of your issue tracking process for one of your companies. | |
Vulnerability Detection | See vulnerabilities affecting your My Company and your My Subsidiaries. | |
Attack Surface | Details on your assets and their attribution to your company. | |
Infrastructure |
|
|
Attack Surface Analytics | Insight into your organization’s external digital footprint. | |
Work From Home | Search for findings that might introduce risk to your organization via IP addresses. | |
Cloud Infrastructure Sync | Automatically update your cloud IP footprint daily. | |
Action Plans |
Keep track of actions you are taking:
|
|
Risk Remediation | Manage risk remediation plans (RRP). A plan lists and prioritizes findings that can be fixed to improve certain risk vector grades. Plans are designed to identify and remediate high-impact findings with the goal of reaching an A grade. | |
Forecasting | Generate a forecast to improve the rating. | |
Subsidiary Improvement | A guideline for prioritizing your remediation efforts, providing the magnitude of impact that the subsidiary/risk vector has on the parent rating. | |
Control Insights | Identify gaps in security controls. Control Insights uses automatic, intelligent analysis of the already collected externally observable telemetry to generate insights on whether your security controls appear to be performing effectively or ineffectively. | |
Financial Quantification | Measure your organization’s financial exposure across various cyber events and impact scenarios. | |
Peer Comparison | Compare the currently selected subsidiary against companies you’ve chosen for benchmarking or for comparison against risk vectors. | |
Peer Analytics | Your Peer Analytics dashboard, which provides an objective, data-driven comparison between companies and peer groups. | |
Benchmarking | Benchmark a specific group of companies against your organization, or if you have a My Subsidiary subscription, you can benchmark your subsidiaries. | |
Risk Vectors | A detailed Peer Analytics comparison of risk vector performance. | |
Collaboration | Address collaboration invitations from third parties via the Client/Vendor Access Program. See details of your access, collaboration history, and the reasoning for the request to collaborate. | |
Alerts | Ease your workload with automated and customized notifications. Get alerted on specific security performance changes in your extended organization so you can take immediate action on ratings changes, infections, or vulnerabilities impacting your company or subsidiary. | |
Configured Alerts | Review previously-defined SPM alerts and define new ones. | |
Alert Logs | Review triggered alerts. It includes a table that displays details about each alert, including any findings associated with it. | |
Infections | Get alerted on Botnet Infection events that occur within your company’s infrastructure. Identify infections as they occur, maintain business continuity, and better prioritize threats. | |
Subsidiaries (Legacy) | This page is being replaced by Configured Alerts and Alert Logs. Monitor rating changes in your Ratings Tree. | |
Reports | Summarized security program status and trends for distribution to your board, team, key stakeholders, and subsidiaries. |
- October 28, 2024: Updated the menu sorting. See change details.
- October 21, 2024: More info about the context switcher.
Feedback
0 comments
Please sign in to leave a comment.