Use the Risk Vectors & Risk Categories directory to learn about Bitsight risk vectors; including what they are and how they are assessed. Risk vectors are introduced in beta status. They are evaluated for a period before being factored into Bitsight Security Ratings.
This article is updated on a regular basis. Entries older than 2 years are removed.
Select the Follow button at the top-right of the page to be notified of changes to this article via email. You can also follow any of the Notices to be notified of newly published articles in those sections: Platform Updates, Bitsight Data Changes, Integration Updates, and Cybersecurity News.
- 11-APR-2025
- Exposed Credentials – Additional ‘sensitive’ breaches, underlying service upgrades, and minor UI updates.
- 17-MAR-2025
-
- 2.303 released.
- 2.302 EOL.
- 07-MAR-2025
- TeamCity 2024.12.3 released.
- 05-MAR-2025
-
- 2.302 released.
- 2.301 EOL.
- 16-FEB-2025
-
- 2.301 released.
- 2.300 EOL.
- 14-FEB-2025
-
- 2.300 released.
- 2.202 EOL.
- 11-FEB-2025
-
- 6.7.2 released.
- 6.7.1 EOL.
- 03-FEB-2025
- TeamCity 2024.12.2 released.
- 23-JAN-2025
-
- 2.4.63 released.
- 2.4.62 end-of-life.
- 17-JAN-2025
- TeamCity 2024.12.1 released.
- 31-DEC-2024
- OpenSuse 15.5 end-of-life.
- 12-DEC-2024
- Web Application Security – Assessment weights and finding grades. See evaluation for details.
- 05-DEC-2024
-
- 2024.12 released.
- 2024.03.3 end-of-life.
- 2024.03.2 end-of-life.
- 2024.03.1 end-of-life.
- 2024.03 end-of-life.
- 23-NOV-2024
- Fedora 39 end-of-life.
- 21-NOV-2024
-
- 6.7 EOL.
- 6.7.1 released.
- 12-NOV-2024
- WordPress 6.7 released.
- 01-NOV-2024
- Windows – Server 2025 released.
- 29-OCT-2024
- Fedora 41 released.
- 22-OCT-2024
- ServiceNow – Xanadu supported.
- 15-OCT-2024
- TLS/SSL Certificates – Certain Entrust-signed certificates no longer trusted by Google and Mozilla.
- 10-OCT-2024
- Ubuntu 24.10 released.
- 01-OCT-2024
- TeamCity 2024.07.3 released.
- 11-SEP-2024
- Data Feeds and Historical Analytics – Expanded available data.
- 29-AUG-2024
- TeamCity 2024.07.2 released.
- 12-AUG-2024
-
- 2.202 released.
- 2.201 EOL.
- 06-AUG-2024
- TeamCity 2024.07.1 released.
- 19-SEP-2024
-
- 9.9 released.
- 9.8 EOL.
- 25-JUL-2024
- Groma Target Hostname List Expansion (v2)
- 23-JUL-2024
-
- 2.201 released.
- 2.200 EOL.
- 6.6.1 released.
- 6.6 EOL.
- 21-JUL-2024
-
- 2.200 released.
- 2.111 EOL.
- 18-JUL-2024
-
- 2024.07 released.
- 2023.11 to 2023.11.4 EOL.
- 17-JUL-2024
-
- 2.4.62 released.
- 2.4.61 EOL.
- 16-JUL-2024
- WordPress 6.6 released.
- 10-JUL-2024
- Ratings Algorithm Update – The Patching Cadence lifetime is decreased from 300 to 90 days.
- 03-JUL-2024
-
- 2.4.61 released.
- 2.4.60 EOL.
- 01-JUL-2024
-
Apache 2.4.59 EOL.
- 9.7 EOL.
- 9.8 released.
- 27-JUN-2024
- TeamCity 2024.03.3 released.
- 26-JUN-2024
- SUSE Linux Enterprise Server 15 SP6 released.
- 24-JUN-2024
-
- 6.5.5 released.
- 6.5.4 EOL.
- 6.4.5 released.
- 6.4.4 EOL.
- 6.3.5 released.
- 6.3.4 EOL.
- 6.2.6 released.
- 6.2.5 EOL.
- 6.1.7 released.
- 6.1.6 EOL.
- 6.0.9 released.
- 6.0.8 EOL.
- 5.9.10 released.
- 5.9.9 EOL.
- 5.8.10 released.
- 5.8.9 EOL.
- 5.7.12 released.
- 5.7.11 EOL.
- 5.6.14 released.
- 5.6.13 EOL 24-JUN-2024
- 5.5.15 released.
- 5.5.14 EOL 24-JUN-2024
- 5.4.16 released.
- 5.4.15 EOL.
- 5.3.18 released.
- 5.3.17 EOL 24-JUN-2024
- 5.2.21 released.
- 5.2.20 EOL.
- 5.1.19 released.
- 5.1.18 EOL.
- 5.0.22 released.
- 5.0.21 EOL.
- 4.9.25 released.
- 4.9.26 EOL.
- 4.8.25 released.
- 4.8.24 EOL.
- 4.7.29 released.
- 4.7.28 EOL.
- 4.6.29 released.
- 4.6.28 EOL.
- 4.5.32 released.
- 4.5.31 EOL.
- 4.4.33 released.
- 4.4.32 EOL.
- 4.3.34 released.
- 4.3.33 EOL.
- 4.2.38 released.
- 4.2.37 EOL.
- 4.1.41 released.
- 4.1.40 EOL.
- 10-JUN-2024
- OpenSUSE 15.6 released.
- 07-JUN-2024
- ServiceNow – Washington supported.
- 05-JUN-2024
-
- 6.5.3 EOL.
- 6.5.4 released.
- 29-MAY-2024
-
-
TLS/SSL Certificates – Use the
Certificate Serial Number
as the finding identifier. - TeamCity 2024.03.2 released.
-
TLS/SSL Certificates – Use the
- 07-MAY-2024
-
- 6.5.3 released.
- 6.5.2 EOL.
- 09-APR-2024
-
- 6.4.4 released.
- 6.4.3 EOL.
- 6.3.4 released.
- 6.3.3 EOL.
- 6.2.5 released.
- 6.2.4 EOL.
- 6.1.6 released.
- 6.1.5 EOL.
- 6.0.8 released.
- 6.0.7 EOL.
- 27-MAR-2024
-
- 2024.01 released.
- 2023.05 EOL.
- 11-MAR-2024
-
- 9.7 released.
- 9.6 EOL.
- 09-MAR-2024
- TeamCity 2023.11.4 released.
- 08-FEB-2024
-
Infrastructure Data Quality & Collection:
- Increased asset discovery capability. We believe that our expanded ability to discover hostnames and IPs would be a contributing factor to a steady increase in findings.
- Improved data quality: ul
- Improved internet scanning techniques to support not only the Web Application Header and TLS/SSL Configuration risk vectors, but also the rest of the Diligence risk vectors, including the Open Ports, Server Software, TLS/SSL Certificates, and Patching Cadence.
- TLS/SSL Configuration - Support for different certificate versions and ciphers.
- 31-JAN-2024
- SUSE Linux Enterprise Server 15 SP1 EOL.
- 30-JAN-2024
- TeamCity 2023.11.3 released.
- 29-JAN-2024
- Groma Target Hostname List Expansion (v1)
- 25-JAN-2024
- Ubuntu 23.04 "Lunar Lobster" EOL.
- 18-JAN-2024
- TeamCity 2023.11.2 released.
- 31-DEC-2023
- OpenSUSE 15.4 EOL.
- 18-DEC-2023
-
- 9.6 released.
- 9.5 EOL.
- 12-DEC-2023
- ServiceNow – Vancouver supported.
- 28-NOV-2023
-
- 2023.11 released.
- 2022.10.3 EOL.
- 2022.10.2 EOL.
- 2022.10.1 EOL.
- 2022.10 EOL.
- 21-NOV-2023
-
- Findings in assets that are owned by the organization but are partially or fully controlled by their customers are excluded from the organization’s Bitsight rating.
- Findings in assets identified as not having delegated controls (i.e., assets for which the company has full responsibility over security controls) will keep impacting the corresponding risk vector grade.
- 09-NOV-2023
-
- 6.4.1 released.
- 6.4 EOL.
- 08-NOV-2023
-
- 2.105 released.
- 2.104 EOL.
- 07-NOV-2023
-
Fedora 39 released.
- 6.4 released.
- 6.3.2 EOL.
- 01-NOV-2023
-
- Appweb 9 released.
- Appweb 8 EOL.
- 31-OCT-2023
- Mobile Application Analysis – Android and iOS tests, version 2023.
- 30-OCT-2023
- Vulnerability Intelligence – A Bitsight cybersecurity data solutions product. Data is delivered (.csv) via a Bitsight-developed tool that automatically delivers files according to each configuration and purchased product.
- 19-OCT-2023
-
- 2.4.58 released.
- 2.4.57 EOL.
- 16-OCT-2023
-
- 2.104 released.
- 2.103 EOL.
- 12-OCT-2023
-
Ubuntu 23.10 “Mantic Minotaur” released.
- 6.3.2 released.
- 6.3.1 EOL.
- 08-OCT-2023
-
- 2.103 released.
- 2.102 EOL.
- 04-OCT-2023
-
- 9.5 released.
- 9.4 EOL.
- 18-SEP-2023
- TeamCity 2023.05.4 released.
- 07-SEP-2023
-
- OpenSSH 9.4 released.
- Web Application Security – Released.
- 29-AUG-2023
-
- 6.3.1 released.
- 6.3 end-of-life.
- 24-AUG-2023
- 10-AUG-2023
- OpenSSH 9.3 end-of-life.
- 08-AUG-2023
-
Webmin 2.100 end-of-life.
- 6.3 released.
- 6.2.2 end-of-life.
- 07-AUG-2023
- Webmin 2.101 released.
- 25-JUL-2023
- TeamCity 2023.05.2 released.
- 23-JUL-2023
-
- 2.102 released.
- 2.021 end-of-life.
- 20-JUL-2023
- Supported Operating Systems: Ubuntu 22.10 end-of-life.
- 11-JUL-2023
- TeamCity 2023.05.1 released.
- 30-JUN-2023
- SUSE Linux Enterprise Server 12 SP4 EOL.
- 20-JUN-2023
- SUSE Linux Enterprise Server 15 SP5 released.
- 10-JUN-2023
- Debian 12.0 (“Bookworm”) released.
- 06-JUN-2023
- openSUSE Leap 15.5 released.
- 31-MAY-2023
- Ubuntu 18.04 EOL.
- 26-MAY-2023
-
- 2023.05 released.
- 2022.04.4 EOL.
- 2022.04.3 EOL.
- 2022.04.2 EOL.
- 2022.04 EOL.
- 20-MAY-2023
-
- 6.2.2 released
- 6.2.1 EOL
- 16-MAY-2023
-
Fedora 36 EOL.
- 6.2.1 released.
- 6.2 EOL.
- 6.1.1 EOL.
- 6.1.2 released.
- 20-APR-2023
- Ubuntu 23.04 (“Lunar Lobster”) released.
- 19-APR-2023
- 2023 Ratings Algorithm Update
- 17-APR-2023
- Fedora 38 released.
Feedback
0 comments
Please sign in to leave a comment.