- December 12, 2023: Linked to no findings definition.
- December 4, 2023: Finding lifetime definition link changed to Finding Lifetime section.
- September 11, 2023: Separated finding messages.
The Insecure Systems risk vector assessment is based on the supported/unsupported status and the level of risk that has been introduced to an organization.
|Details & Values
|How findings behave, depending on the action taken.
|New findings immediately impact the grade.
|The number of days a finding will impact the risk vector grade, assuming nothing changes in the future and the finding is not updated with new information. Learn why findings have a decay and lifetime period.
|There are no findings for this risk vector or we are temporarily unable to collect data. A default risk vector grade is assigned.
The rating is positively impacted if there are no findings for this risk vector.
|The Bitsight platform regularly checks for new observations. Bitsight findings are updated as these observations change, e.g., newly observed Diligence findings or an existing finding was remediated.
|Automated Scan Duration
|The duration of a regularly scheduled finding refresh, as the Bitsight platform checks for new observations.
|User-Requested Refresh Duration
|The duration of a user-requested refresh, which initiates a refresh of eligible findings upon request. This is recommended when a change in the finding is expected, such as when a finding has been remediated.
|Out of 70.5% in Diligence.
Insecure Systems findings are evaluated as WARN, BAD, or NEUTRAL. An overall letter grade is calculated, using the evaluations of individual findings. See finding messages: