Rating Designations

Ratings are displayed in various parts of the Bitsight Security Ratings Platform to indicate that a rating is designated, including:

• Where the rating or rating gauge is displayed.
• Company search results.
• The ratings tree.
• Data tables with indicators for the rating types.

Icon	Designation	Description
	Bulk Email Sender	The company offers a bulk email-sending service. It is excluded from the Spam Propagation risk vector.
	Companies with Delegated Security Controls	In the normal course of business and as a natural consequence of their business model, a company may delegate the control of the devices connected to their network to other parties, generally customers or the public. These companies may provide internet access or network resources-as-a-service, conduct internet scanning or threat research, or perform other business activities that place some aspects of cyber security beyond the companies’ control.
	Low Confidence	The signal we have on their infrastructure is limited. We were unable to discover, attribute, and verify enough assets during the network mapping process.
	Primary	The self-published rating is highlighted by the company to indicate that this segment of their network infrastructure better reflects their security posture.
	Automated Ratings	Unlike a fully mapped Bitsight curated rating, automated ratings are of companies that have not yet been fully mapped.
	Self-published	The company’s rating consists of data from CIDR blocks, IP addresses, and domains that are specifically selected by the company itself, rather than curated by Bitsight.
	Self-published (private)	The self-published rating is privately published. It is created by the company for internal use and is not available for other organizations to monitor.
	Service Provider	The company provides a type of service, which indicates they own and operate an infrastructure that’s controlled or are used by their customers.