Client Risk: Findings Ingrid The Findings page [ Client Risk ➔ Findings] in the Cyber Insurance application presents a selected client's findings, which are the culmination of observed internet traffic and configurations. They are recorded as events and records. Findings are presented in a table view that provides a single place to sort, filter, analyze, comment on, track your client’s remediation efforts, and export findings. Bitsight API: GET /v1/companies/entity_guid/findings Actions Fields Finding Details Sheet Risk Vector Fields Filters Bitsight Filter Sets Actions Add a Client to a Folder Instructions: Select Actions ➔ Add to Folder at the top-right of the Findings page. Add/View Company Notes Add/view notes. Instructions: Select Actions ➔ Add/View Notes at the top-right of the Findings page. Comment on a Finding Comment on a finding (finding comments). Instructions: Select the Comment option at the right of the finding in the table. Customize the Data Customize the data in the table. Instructions: Use the Customize columns button at the top-right of the table. Download the Data Download the findings table (.csv). Instructions: Use the Download button at the top-right. If the .csv contains 9000 or fewer rows of data, the download begins immediately. If the .csv contains greater than 9000 and less than 100,000 rows of data, the download runs asynchronously. When the download is ready, the user who requested it is notified with an email and a notification. Filter the Data Instructions: Select the Filter button to expand or collapse the filters and then use a filter set or any of the available filters. Use the Impacts RV Grade filter to see only findings that impact the risk vector grade. See omitted findings. Generate Reports and Assessments Reports and assessments: Executive Report Download Company Report Company Preview Report Underwriting Guidelines Report NIST CSF Report ISO/IEC 27001 Report Instructions: Select Reports and Assessments at the top-right of the Findings page. Invite a Client to Collaborate Invite the client to collaborate via the Client/Vendor Access Program. Instructions: Select the Client Access ➔ Enable Client Access dropdown button at the top-right of the Findings page. Search Findings Instructions: Do a text search using the search bar at the top-right. Text with matches are highlighted. See search fields. View the Finding Details Sheet Instructions: Select a finding from the table in the Findings page. View Collaboration See prior collaboration efforts via the Client/Vendor Access Program. Instructions: Select the Client Access ➔ Prior Requests (#) dropdown button at the top-right of the Findings page. View the Service Providers Sheet Instructions: Select Actions ➔ Service Providers at the top-right of the Findings page. View the Products Sheet Instructions: Select Actions ➔ Products at the top-right of the Findings page. Unsubscribe from a Client Instructions: Select Actions ➔ Unsubscribe at the top-right of the Findings page. Fields [Date] First Seen The date when this finding was first observed. [Date] Last Seen The date when this finding was last observed. Finding Identifier The asset (e.g., IP, domain, host, application, port) and its status (e.g. online/offline, version, support status) that identifies the finding. Refer to the Certificate Serial Number to identify TLS/SSL Certificate findings. Risk Vector The Bitsight risk vector. Finding Details Sheet The Details tab in the Finding Details sheet may contain the following sections: An overview of common fields: [Date] First Seen = The date when this finding was first observed. [Date] Last Seen = The date when this finding was last observed. Finding Grade = The current grade assigned to this finding. Finding Identifier = The asset (e.g., IP, domain, host, application, port) and its status (e.g. online/offline, version, support status) that identifies the finding. Impacts Risk Vector Grade = Indicates if the finding impacts the risk vector grade. Lifetime = Every finding has a lifetime that indicates how long it impacts the risk vector grade, depending on the particular risk vector. This is defined by the number of days a finding will impact the risk vector grade. Rolled Up ID = A stable and randomized identifier for findings. It is assigned to a finding when one or more observations with largely similar key properties occur in close succession. Details: Details about the finding. Remediations: Finding details and remediation tips. Assets: Asset details. See how assets are attributed to findings. Comments: Finding comments. Risk Vector Fields The finding details in the table vary depending on the risk vector. See details for: Compromised Systems Findings Botnet Infections Spam Propagation Malware Servers Unsolicited Communications Potentially Exploited Diligence SPF Domains DKIM Records TLS/SSL Certificates TLS/SSL Configurations Open Ports Web Application Headers Patching Cadence Insecure Systems Server Software Desktop Software Mobile Software DNSSEC Mobile Application Security Web Application Security Domain Squatting File Sharing (User Behavior Forensics) Public Disclosures Filters Asset Importance Filter by asset importance. Values: Critical High Medium Low None Applicable risk vectors: All Date: First Seen Include findings that were first seen in the past. Values: 7 Days 1 Month 3 Months Custom Applicable risk vectors: All Date: Last Seen Include findings that were last seen in the past. Values: 7 Days 1 Month 3 Months Custom Applicable risk vectors: All Duration Values: Minimum # of days to maximum # of days. See lifetime by risk vector. Applicable risk vectors: All File Sharing Category Filter by file sharing category. Applicable risk vectors: File Sharing Finding Severity Filter by finding severity. Values: Severe Material Moderate Minor Applicable risk vectors: Compromised Systems, Diligence (except Mobile Application Security), and File Sharing risk vectors. Grade Filter by finding grade. Values: Good Fair Warn Bad Neutral N/A Applicable risk vectors: Diligence Risk Vectors Impacts RV Grade Indicates if the finding influences the risk vector grade. See values. Applicable risk vectors: All Infection Family Filter by malware family. Applicable risk vectors: Compromised Systems risk vectors. Lifetime Values: Lifetime range (# days). See lifetime by risk vector. Pass / Fail Test Filter by mobile application analysis results (testing results). Values: Pass Fail Applicable risk vectors: Mobile Application Security Patching Cadence: Remediated? Values: Yes No Applicable risk vectors: Patching Cadence Risk Vector Values: Select all risk vectors in a risk category or individual risk vectors. Applicable risk vectors: All Tag Values: Public Private Selected tags Applicable risk vectors: All Vulnerability Values: Vulnerability classification: Confirmed Potential Selected vulnerabilities Applicable risk vectors: Patching Cadence Vulnerability Severity Filter by Bitsight severity Values: CVSS score. Applicable risk vectors: Patching Cadence Web App Sec Tests Filter by assessment categories. Applicable risk vectors: Web Application Security Bitsight Filter Sets Bad and Warn findings Get bad and warn findings. Grade Warn Bad Impacts Risk Vector Grade Yes Impacts Bitsight Rating Get findings that impact the grade. Risk Vectors All Compromised Systems risk vectors Diligence: SPF Domains DKIM Records TLS/SSL Certificates TLS/SSL Configurations Open Ports Web Application Headers Patching Cadence Insecure Systems Server Software Desktop Software Mobile Software User Behavior: File Sharing Impacts Risk Vector Grade Yes Impacts RV Grade Only Get only the findings that impact the risk vector grade. Impacts Risk Vector Grade Yes New Findings Get newly observed findings. First Seen 2d (2 days) Impacts Risk Vector Grade Yes Severe and Material Findings Get severe and material severity findings. Finding Severity Material Severe Impacts Risk Vector Grade Yes February 6, 2025: Listed available Bitsight filter sets (migrated from Filter Sets), including the new Severe and Material Findings filter set. January 16, 2025: New "common fields" in Details tab – Rolled up ID, Impacts RV Grade, Lifetime. May 29, 2024: Certificate Serial Number replaces Finding Identifier as the TLS/SSL Certificates finding identifier. Related articles Vulnerability Severity: Bitsight Severity & CVSS GET: Finding Details Botnet Infection Findings Compromised System Findings Peer Comparison: Benchmarking Feedback 0 comments Please sign in to leave a comment.