How is the File Sharing Risk Vector Assessed? Ingrid File Sharing contributes to how the User Behavior risk category is calculated. It assesses file sharing activity based on the unique file appearances across unique IP addresses and vice versa: The number of unique torrents in the company’s infrastructure. The number of unique IP addresses that are associated with File Sharing findings. The duration of the finding, measured in days. The File Sharing category, which considers application findings to be more high-risk than all other File Sharing categories (non-application findings). Each finding represents activity for a unique torrent shared through a unique IP address during 1 day. Examples 1 file is counted as 1 finding, regardless of how many times it was observed from an IP address on a given day. Activity Counts (on a given day): 1 File Number of Findings: 1 Finding 1 file across 4 IP addresses are counted as 4 findings; 1 finding per IP address. Activity Counts (on a given day): 1 File, 4 IP Addresses Number of Findings: 4 Findings 4 files in 1 IP address counts as 4 findings: 1 finding per unique file. Activity Counts (on a given day): 4 Files, 1 IP Address Number of Findings: 4 Findings Torrents can be marked as approved applications upon request. Send the torrent hash you wish to mark to Bitsight Support. The overall letter grade is based on the number of times illegitimate files are shared within a company’s infrastructure, compared to all companies in the Bitsight inventory. The higher the volume of file sharing activity, the lower the grade. The grade is then normalized to account for company size. Concepts Finding Details Use the following pages to see and review File Sharing findings: Findings Table SPM App CM App Insurance App Forensics for File Sharing Rating Details SPM App CM and Insurance App Finding Grades Finding grades are not applicable to File Sharing. This is displayed as N/A in the Findings Table. The findings still have an impact on the rating. Insufficient Data A default risk vector grade is assigned if there is insufficient or no data. Behavior: The rating is positively impacted if there are no File Sharing findings. Default Grade: Lifetime Lifetime is the number of days a finding impacts the risk vector grade, assuming nothing changes in the future and the finding is not updated with new information. This is defined by the number of days a finding will impact the risk vector grade. Learn why findings have a decay and lifetime period. Duration: 60 Days Weight The File Sharing risk vector contributes to the weight of the User Behavior risk category, which aggregates the weights of all risk vectors in the category to 2.5% towards Bitsight Security Ratings. Weight: 2.5% January 15, 2025: N/A clarification. March 25, 2024: “No findings/low findings” changed to “insufficient data.” December 4, 2023: Linked to Finding Lifetime section. Related articles GET: National Cybersecurity Observation Details by Risk Type File Sharing Risk Vector File Sharing Categories How is the Security Incidents Risk Vector Assessed? Finding Behavior Feedback 0 comments Please sign in to leave a comment.