File Sharing contributes to how the User Behavior risk category is calculated. It assesses file sharing activity based on the unique file appearances across unique IP addresses and vice versa:
- The number of unique torrents in the company’s infrastructure.
- The number of unique IP addresses that are associated with File Sharing findings.
- The duration of the finding, measured in days.
- The File Sharing category, which considers application findings to be more high-risk than all other File Sharing categories (non-application findings).
Each finding represents activity for a unique torrent shared through a unique IP address during 1 day.
Examples
1 file is counted as 1 finding, regardless of how many times it was observed from an IP address on a given day.
Activity Counts (on a given day): 1 File
Number of Findings: 1 Finding
1 file across 4 IP addresses are counted as 4 findings; 1 finding per IP address.
Activity Counts (on a given day): 1 File, 4 IP Addresses
Number of Findings: 4 Findings
4 files in 1 IP address counts as 4 findings: 1 finding per unique file.
Activity Counts (on a given day): 4 Files, 1 IP Address
Number of Findings: 4 Findings
Torrents can be marked as approved applications upon request. Send the torrent hash you wish to mark to Bitsight Support.
The overall letter grade is based on the number of times illegitimate files are shared within a company’s infrastructure, compared to all companies in the Bitsight inventory. The higher the volume of file sharing activity, the lower the grade. The grade is then normalized to account for company size.
Concepts
Finding Details
Use the following pages to see and review File Sharing findings:
- Findings Table
- Forensics for File Sharing
- Rating Details
Finding Grades
Finding grades are not applicable to File Sharing. This is displayed as N/A in the Findings Table. The findings still have an impact on the rating.
Insufficient Data
A default risk vector grade is assigned if there is insufficient or no data.
Behavior: The rating is positively impacted if there are no File Sharing findings.
Lifetime
Lifetime is the number of days a finding impacts the risk vector grade, assuming nothing changes in the future and the finding is not updated with new information. This is defined by the number of days a finding will impact the risk vector grade. Learn why findings have a decay and lifetime period.
Duration: 60 Days
Weight
The File Sharing risk vector contributes to the weight of the User Behavior risk category, which aggregates the weights of all risk vectors in the category to 2.5% towards Bitsight Security Ratings.
Weight: 2.5%
- January 15, 2025: N/A clarification.
- March 25, 2024: “No findings/low findings” changed to “insufficient data.”
- December 4, 2023: Linked to Finding Lifetime section.
Feedback
0 comments
Please sign in to leave a comment.