Vendor Risk: Findings Ingrid The Findings page [ Vendor Risk ➔ Findings] in the Continuous Monitoring application presents a selected vendor's findings, which are the culmination of observed internet traffic and configurations. They are recorded as events and records. Findings are presented in a table view that provides a single place to sort, filter, analyze, comment on, track your remediation efforts, and export the findings. Findings are reported in Coordinated Universal Time (UTC). Bitsight API: GET /v1/companies/entity_guid/findings Actions Default Fields Risk Vector Fields ActionsBelow is a list of all the actions that a user can perform on the Findings page. Add a Vendor to a Folder Add the current company to a folder. Instructions: Select Actions ➔ Add to Folder at the top-right of the table. Company Notes Add or view notes. Instructions: Select Actions ➔ Add/View Notes at the top-right of the table. Company Comparison Compare the current company to other companies in your portfolio. Instructions: Select Actions ➔ Compare at the top-right of the table. This opens the Compare Companies page with the current company already selected. Customize the Data Customize the data in the table. Instructions: Use the Customize columns button at the top-right. This allows you to select the fields that are displayed in the Findings Table. Download the Data Download the table data (.csv). Instructions: Use the Download button at the top-right. If the .csv contains 9000 or fewer rows of data, the download begins immediately. If the .csv contains greater than 9000 and less than 100,000 rows of data, the download runs asynchronously. When the download is ready, the user who requested it is notified with an email and a notification. Edit the Tier Edit the tier of the current company. Instructions: Select Actions ➔ Edit Tier at the top-right of the table. Filter the Table Instructions: Select the Filter button to expand or collapse the filters and then use a filter set or any of the available filters. See Findings filters. Generate Reports and Assessments Instructions: Select Reports and Assessments at the top-right of the Findings Table. Search Findings Instructions: Do a text search using the search bar at the top-right. Text with matches is highlighted. See search fields. View the Service Providers Sheet Instructions: Select Actions ➔ Service Providers at the top-right of the Findings page. View the Products Sheet Instructions: Select Actions ➔ Products at the top-right of the Findings page. View the Finding Details Sheet See the Finding Details sheet. Instructions: Select a finding from the table. Unsubscribe from the Vendor Instructions: Select Actions ➔ Unsubscribe at the top-right of the table. Collaboration Enable Vendor Access. Invite the vendor to collaborate in the Client/Vendor Access Program. Instructions: Select Actions ➔ Enable Vendor Access at the top-right of the table. Select the checkboxes next to a number of findings in the table, then select the Vendor Access button. Default FieldsThe following fields appear in the table by default. You can customize the table to include fields with finding details for specific risk vectors. Asset Importance The asset importance assigned to the asset associated with the finding. Assets The assets associated with the finding. An asset can be an IP Address, CIDR block, domain, or application. Comments Comments left on the finding. Country The country where the asset associated with the finding is located. [Date] First Seen The date when the finding was first observed. [Date] Last Seen The date when the finding was last observed. Details Details about the finding. Select the text for a more detailed explanation. Finding Identifier The asset (e.g., IP, domain, host, application, port) and its status (e.g. online/offline, version, support status) that identifies the finding. Refer to the Certificate Serial Number to identify TLS/SSL Certificate findings. Finding Severity The severity of the finding. Grace Period End Date The date the grace period for the infrastructure ends. Grade The current finding grade. Impacts Risk Vector Grade Indicates whether a finding impacts the associated risk vector grade. Remaining Lifetime The remaining finding lifetime in days. Risk Vector The Bitsight risk vector. Tags Infrastructure tags assigned to this company. Threat Insights Indicates whether a finding has Threat Insights data available. Yes – The finding is associated with one or more TTPs and/or threat groups No – No threat intelligence is currently available for that finding Web App Security Test The Web App Security test associated with the finding, if applicable. Risk Vector FieldsThe finding details in the table vary depending on the risk vector. See details for: Compromised Systems Findings Botnet Infections Spam Propagation Malware Servers Unsolicited Communications Potentially Exploited Diligence SPF Domains DKIM Records TLS/SSL Certificates TLS/SSL Configurations Open Ports Web Application Headers Patching Cadence Insecure Systems Server Software Desktop Software Mobile Software DNSSEC Mobile Application Security Web Application Security Domain Squatting File Sharing (User Behavior Forensics) Public Disclosures December 5, 2024: Separated Finding Details sheet and filters to new articles. May 29, 2024: Certificate Serial Number replaces Finding Identifier as the TLS/SSL Certificates finding identifier. January 18, 2024: New Findings page overview specific to the Continuous Monitoring app. Related articles CM App: Companies List Continuous Monitoring Application What is a Finding Lifetime? Risk Summaries Finding Behavior Feedback 0 comments Please sign in to leave a comment.