Skip to main content

Desktop Software Risk Vector

Feedback

6 comments

  • KyleP

    Where is this information collected? Are these devices discovered to be associated with the vendor/company or is this noting that the vendor/company simply allows connections from unsupported versions?

    0
  • Ingrid

    Hello KyleP. Our data partners provide us with the user-agent string from endpoint clients that are loading the content, which includes information about the operating system, the device name (for mobile), browser information (IP address and cookie data). You can learn more here: How are the Desktop Software and Mobile Software Risk Vectors Observed?

    0
  • Jose Magrinho

    Please, can we have a monthly update of " endpoint OS-browser versions list." ?

    0
  • Ingrid

    Hello José. The OS-browser versions list is new as of February 2024. We are still working out the cycle on when and how often to update this. In the meantime, I will check on if there's a newer version available at the moment.

    0
  • Sharoon Reyes

    Ingrid, if the issue gets remediated, what would the process be for updating the information on BitSight? Are you able to provide more information? 

    0
  • Ingrid

    Sharoon Reyes I think you may be referring to finding refresh, which is when the Bitsight platform checks for new observations and then update the findings as these observations change, e.g., newly observed Diligence findings or an existing finding was remediated.

    For the Desktop Software risk vector, we check our internal records on data received from our partners on a weekly basis.

    0

Please sign in to leave a comment.