Organization: Rating Details Ingrid The Rating Details page [ Organization ➔ Rating Details] in the Security Posture Management application breaks down your My Company’s or a selected subsidiary’s risk by risk type. It provides detailed summary charts for particular risk vectors. Go to a risk vector section to either get more information about the risk vector in the Knowledge Base or to the entity’s Findings Table, filtered for that risk vector. Select the More Information option for a summary of the kind of information observed by each risk vector, including how they are assessed, how the data for that risk vector is collected, the associated risks, and the recommended remediation for that risk vector. Components Actions Reports ComponentsCompromised SystemsIndicates the presence of malware or unwanted software, which is evidence of security controls failing to prevent malicious or unwanted software from running within an organization.The comparison of Compromised System rates to industry categories.DiligenceThe Diligence chart shows: The overall trend and progress of finding grades by Diligence risk vector. A count of historic Diligence risk vector findings by finding grade. The direction of the trend, highlighting if remediation efforts are making a difference, before the rating or risk vector letter grade changes. User BehaviorShows employee activity, such as file sharing and credentials exposed in breaches or other types of leaks that may be at risk. Exposed Credentials [standard] – View and download Exposed Credentials data. Identity Intelligence Preview – The Identity Intelligence Preview card detects and provides, on average, more credentials than the standard Exposed Credentials data. Identity Intelligence also supports password policy filtering, email exclusions, and correlation with identity providers (IdP). Public DisclosuresPossible incidents of undesirable access to a company’s data, including breaches, general security incidents, and other disclosures.Actions Download Exposed Email Addresses Download exposed email addresses (Exposed Credentials data) for your My Company and My Subsidiary. Only Admin and Group Admin can download Exposed Credentials data. See permissions. Instructions: Select Download Credentials at the top-right of the Exposed Credentials section. Select the observation time period to include for the download. Include credentials that were observed to be exposed (Observation Date/observation_date) within the last: 1 month 3 months 6 months 12 months Confirm by selecting Download. Download Progress Over Time Download a CSV of your progress on remediating Diligence findings. Instructions: Select Download Progress Over Time CSV at the top-right of the Diligence section. Identity Intelligence Preview View the Identity Intelligence Preview card. Only Admin and Group Admin can access the Identity Intelligence Preview card. See permissions. Instructions: Go to the Exposed Credentials section within the User Behavior risk category. Learn More About the Risk Vector Instructions: Select the More Information button below the risk vector description. View Findings Select the View Findings button below the risk vector description. ReportsSelect the Reports button at the top-right for the following reporting actions: Export Page PDF Download Rating Details as a PDF file. Download Company Report Get an overview of a company’s security performance, a summary of the findings, and comparisons to industry averages. Company Preview Report A synopsis of a company’s performance compared to its industry peers. Available for all subscriptions except Risk Monitoring. Download Risk Summary Report Highlights the worst performing, critical areas for this company relative to Bitsight-recommended peers, which are composed of 100 of the most similar peers based on industry, description, and size. NIST CSF Report A high-level summary of an organization's compliance with the US National Institute of Standards and Technology's cybersecurity Framework using Bitsight data as evidence. ISO/IEC 27001 Report A high-level summary of the selected company’s compliance with ISO/IEC 27001:2013 using Bitsight data as supporting evidence for compliance. March 19, 2026: Security Posture Management rebrand. March 25, 2025: Identity Intelligence Preview card. February 10, 2025: Added available actions. October 29, 2024: Published. Related articles Color Themes Organization: Company Details Rating Details Organization: Assessments Attack Surface: Infrastructure Feedback 0 comments Please sign in to leave a comment.