The Findings page [ Client Risk ➔ Findings] in the Cyber Insurance application presents a selected client's findings, which are the culmination of observed internet traffic and configurations. They are recorded as events and records.
Findings are presented in a table view that provides a single place to sort, filter, analyze, comment on, track your client’s remediation efforts, and export findings.
Actions
Add a Client to a Folder
Instructions: Select Actions ➔ Add to Folder at the top-right of the Findings page.
Add/View Company Notes
Add/view notes.
Instructions: Select Actions ➔ Add/View Notes at the top-right of the Findings page.
Comment on a Finding
Comment on a finding (finding comments).
Instructions: Select the
Comment option at the right of the finding in the table.
Customize the Data
Customize the data in the table.
Instructions: Use the
Customize columns button at the top-right of the table.
Download the Data
Download the findings table (.csv).
Instructions: Use the
Download button at the top-right.
- If the .csv contains 9000 or fewer rows of data, the download begins immediately.
- If the .csv contains greater than 9000 and less than 100,000 rows of data, the download runs asynchronously. When the download is ready, the user who requested it is notified with an email and a notification.
Filter the Data
Instructions:
Select the
Filter button to expand or collapse the filters and then use a filter set or any of the available filters.
Use the Impacts RV Grade filter to see only findings that impact the risk vector grade. See omitted findings.
Generate Reports and Assessments
Reports and assessments:
- Executive Report
- Download Company Report
- Company Preview Report
- Underwriting Guidelines Report
- NIST CSF Report
- ISO/IEC 27001 Report
Instructions: Select
Reports and Assessments at the top-right of the Findings page.
Invite a Client to Collaborate
Invite the client to collaborate via the Client/Vendor Access Program.
Instructions: Select the Client Access ➔ Enable Client Access dropdown button at the top-right of the Findings page.
Search Findings
Instructions: Do a text search using the search bar at the top-right. Text with matches are highlighted. See search fields.
View the Finding Details Sheet
Instructions: Select a finding from the table in the Findings page.
View Collaboration
See prior collaboration efforts via the Client/Vendor Access Program.
Instructions: Select the Client Access ➔ Prior Requests (
#) dropdown button at the top-right of the Findings page.
View the Service Providers Sheet
Instructions: Select Actions ➔ Service Providers at the top-right of the Findings page.
View the Products Sheet
Instructions: Select Actions ➔ Products at the top-right of the Findings page.
Unsubscribe from a Client
Instructions: Select Actions ➔ Unsubscribe at the top-right of the Findings page.
Fields
- [Date] First Seen
- The date when this finding was first observed.
- [Date] Last Seen
- The date when this finding was last observed.
- Finding Identifier
-
The asset (e.g., IP, domain, host, application, port) and its status (e.g. online/offline, version, support status) that identifies the finding.
Refer to the Certificate Serial Number to identify TLS/SSL Certificate findings.
- Risk Vector
- The Bitsight risk vector.
Finding Details Sheet
The Details tab in the Finding Details sheet may contain the following sections:
- An overview of common fields:
- [Date]
First Seen= The date when this finding was first observed. - [Date]
Last Seen= The date when this finding was last observed. -
Finding Grade= The current grade assigned to this finding. -
Finding Identifier= The asset (e.g., IP, domain, host, application, port) and its status (e.g. online/offline, version, support status) that identifies the finding. -
Impacts Risk Vector Grade= Indicates if the finding impacts the risk vector grade. -
Lifetime= Every finding has a lifetime that indicates how long it impacts the risk vector grade, depending on the particular risk vector. This is defined by the number of days a finding will impact the risk vector grade. -
Rolled Up ID= A stable and randomized identifier for findings. It is assigned to a finding when one or more observations with largely similar key properties occur in close succession.
- [Date]
- Details: Details about the finding.
- Remediations: Finding details and remediation tips.
- Assets: Asset details. See how assets are attributed to findings.
- Comments: Finding comments.
Risk Vector Fields
The finding details in the table vary depending on the risk vector. See details for:
- Compromised Systems Findings
- Diligence
- File Sharing (User Behavior Forensics)
- Public Disclosures
Filters
- Asset Importance
-
Filter by asset importance.
Values:
- Critical
- High
- Medium
- Low
- None
Applicable risk vectors: All
- Date: First Seen
-
Include findings that were first seen in the past.
Values:
- 7 Days
- 1 Month
- 3 Months
- Custom
Applicable risk vectors: All
- Date: Last Seen
-
Include findings that were last seen in the past.
Values:
- 7 Days
- 1 Month
- 3 Months
- Custom
Applicable risk vectors: All
- Duration
-
Values: Minimum
#of days to maximum#of days. See lifetime by risk vector.Applicable risk vectors: All
- File Sharing Category
-
Filter by file sharing category.
Applicable risk vectors: File Sharing
- Finding Severity
-
Filter by finding severity.
Values:
- Severe
- Material
- Moderate
- Minor
Applicable risk vectors: Compromised Systems, Diligence (except Mobile Application Security), and File Sharing risk vectors.
- Grade
-
Filter by finding grade.
Values:
- Good
- Fair
- Warn
- Bad
- Neutral
- N/A
Applicable risk vectors: Diligence Risk Vectors
- Impacts RV Grade
-
Indicates if the finding influences the risk vector grade. See values.
Applicable risk vectors: All
- Infection Family
-
Filter by malware family.
Applicable risk vectors: Compromised Systems risk vectors.
- Lifetime
-
Values: Lifetime range (
#days). See lifetime by risk vector. - Pass / Fail Test
-
Filter by mobile application analysis results (testing results).
Values:
- Pass
- Fail
Applicable risk vectors: Mobile Application Security
- Patching Cadence: Remediated?
-
Values:
- Yes
- No
Applicable risk vectors: Patching Cadence
- Risk Vector
-
Values: Select all risk vectors in a risk category or individual risk vectors.
Applicable risk vectors: All
- Tag
-
Values:
- Public
- Private
- Selected tags
Applicable risk vectors: All
- Vulnerability
-
Values:
- Vulnerability classification:
- Confirmed
- Potential
- Selected vulnerabilities
Applicable risk vectors: Patching Cadence
- Vulnerability classification:
- Vulnerability Severity
-
Filter by Bitsight severity
Values: CVSS score.
Applicable risk vectors: Patching Cadence
- Web App Sec Tests
-
Filter by assessment categories.
Applicable risk vectors: Web Application Security
Bitsight Filter Sets
Bad and Warn findings
Get bad and warn findings.
- Grade
- Warn
- Bad
- Impacts Risk Vector Grade
- Yes
Impacts Bitsight Rating
Get findings that impact the grade.
- Risk Vectors
- All Compromised Systems risk vectors
- Diligence:
- SPF Domains
- DKIM Records
- TLS/SSL Certificates
- TLS/SSL Configurations
- Open Ports
- Web Application Headers
- Patching Cadence
- Insecure Systems
- Server Software
- Desktop Software
- Mobile Software
- User Behavior:
- File Sharing
- Impacts Risk Vector Grade
- Yes
Impacts RV Grade Only
Get only the findings that impact the risk vector grade.
New Findings
Get newly observed findings.
- First Seen
- 2d (2 days)
- Impacts Risk Vector Grade
- Yes
Severe and Material Findings
Get severe and material severity findings.
- Finding Severity
- Material
- Severe
- Impacts Risk Vector Grade
- Yes
- February 6, 2025: Listed available Bitsight filter sets (migrated from Filter Sets), including the new Severe and Material Findings filter set.
- January 16, 2025: New "common fields" in Details tab – Rolled up ID, Impacts RV Grade, Lifetime.
- May 29, 2024: Certificate Serial Number replaces Finding Identifier as the TLS/SSL Certificates finding identifier.
Feedback
0 comments
Please sign in to leave a comment.