2024 Ratings Algorithm Update – March 26, 2024 Ingrid The 2024 Ratings Algorithm Update (RAU) is set to take place on July 10, 2024. It includes a single change to the lifetime of remediated findings for the Patching Cadence risk vector. The Patching Cadence lifetime is decreased from 300 days to 90 days and stops impacting the rating 210 days sooner than it would have under the current algorithm. The Patching Cadence risk vector will remain otherwise unchanged and continue to constitute a 20% weight (out of the 70.5% Diligence risk category weight) towards the overall Bitsight rating. We will provide a ratings preview 90 days before the update, allowing users to compare how the current and updated algorithms impact ratings. Refer to the 2024 RAU frequently asked questions to learn why we update our ratings algorithm and how these changes might affect you. About the Patching Cadence Lifetime Patching Cadence measures how long, on average, known vulnerabilities remain unpatched. Once a vulnerability is detected to be patched, it begins to decay and lose its impact on the risk vector and overall rating over a period of time. The period after a Patching Cadence finding has been identified as remediated, but still impacts the rating, is called its “lifetime.” March 26, 2024: Rescheduled release. January 31, 2024: Published. Related articles Diligence Risk Category Lifetime by Risk Vector Finding Behavior Remediation Verification: Missing Intermediate Certificates or Untrusted Root Anchor TLS/SSL Finding Remediation & Remediation Verification Feedback 0 comments Please sign in to leave a comment.