The Bitsight Power BI Connector enables users to integrate security and vendor risk data from the Bitsight API directly into Power BI for robust reporting and visualization. Version 4.1.0 extends support for Continuous Monitoring (CM) and introduces new access to Vendor Risk Management (VRM) data via the Bitsight API.

Key Benefits

Data Coverage

Combines data from Bitsight Security Ratings and Vendor Risk Management APIs. Includes access to:

• Portfolio ratings and risk vectors.
• Internal and external vendor assessments.
• Security findings, questionnaires, and lifecycle metadata.

User-Centric Navigation

• The connector includes a navigation screen with user-friendly table names and previews.
• Enables selection of tables for import via a guided interface.

Backward Compatibility

• Refactored folder structure ensures compatibility with dashboards built on v3.9.0.
• Prevents broken data paths for users upgrading from earlier versions.

Performance

• Batch pagination for the Requirements Progress table (in groups of 50 vendor IDs).
• Prevents timeout or URL length issues during large queries.

Integration Capabilities

The connector supports a wide set of Power BI entities. Included areas and example entities:

My Company

Ratings, Alerts, Findings

Portfolio

Risk Vectors, Breaches, Ratings History

Infrastructure

IP and Domain Reports

VRM

Vendor Info, Contacts, Questionnaires, Lifecycle, Requirements

Each entity is schema-mapped and dynamically retrieved via a GetEntity function, ensuring correct parsing and transformation for reporting purposes.

Manual Installation

If the connector is not available through the Microsoft certified list, download the manual installation steps and refer to the following instructions:

1. Enable custom connectors [Power BI Desktop ➔ Options & Settings ➔ Security ➔ Enable “Load extensions without validation”].
2. Download the connector file (.mez).
3. Place the file in:
   • C:\Users\<YourUsername>\Documents\Power BI Desktop\Custom Connectors\ (User scope)
   • C:\Program Files\Microsoft Power BI Desktop\Custom Connectors\ (Admin scope)
4. Restart Power BI Desktop and access it via the Bitsight Connector [Get Data ➔ Other ➔ Bitsight Connector].

Prerequisites

To use the connector:

• Power BI Desktop (latest version recommended).
• Bitsight account with an API token.
• To generate your API token, log in to your Bitsight account and visit the Account page [ Settings ➔ Account]. Scroll to the API Token section and generate a new token.

• Performance Considerations

  • High-complexity tables (e.g., Vendor Questionnaires) make multiple chained API calls and may experience long load times.
  • We recommend importing only the required tables.
  • Pagination mitigates the risks of API limits, especially in VRM requirements progress.

  Documentation and Connector Files

  Documentation and connector files for download:

  • Microsoft PowerBI Connector Installation Manual
  • Microsoft PowerBI Connector Files
  • Connector Certification Process Documentation

  Support

  For assistance with setup, API access, or troubleshooting, see the Microsoft PowerBI connector manual installation guide or contact Bitsight Support.

  Appendix

  Endpoints

  The following API endpoints are supported for Continuous Monitoring (CM):

  GET: Folder Details – Get your folders and their details.

  Path: /v1/folders

  GET: Rating Change Explanations – See rating change explanations (RCE) highlighted in the Security Ratings Changes chart. Typically, only negative changes have an associated event.

  Path: /v1/insights/rating_changes

  GET: Public Disclosures in Portfolio – Get Public Disclosures that impact organizations in your portfolio.

  Path: /v1/portfolio/breaches

  GET, POST: Security Rating Details of Companies in Your Portfolio – Get 1 year of monthly ratings of organizations in your portfolio.

  Path: /v1/portfolio/ratings

  GET: Portfolio Risk Vector Grades

  • Set the period parameter to monthly (?period=monthly) to get 1 year of monthly history of risk vector grades from the first day of each month.
  • Set the period parameter to latest (?period=latest) to get the most recent risk vector grades.

  Path: /v1/portfolio/risk-vectors/grades

  GET: Portfolio Details – Get the following information about organizations in your portfolio:

  • Company name
  • Domain
  • Industry
  • Life cycle stage
  • Rating
  • Relationship type

  Path: /v2/portfolio

  GET: Tiers – Get your tiers and their details.

  Path: /v1/tiers

  • July 1, 2025: Added content and files for v 4.10 update (CM and VRM).
  • September 27, 2023: Published.