Skip to main content
Security Performance Management
Continuous Monitoring
Vendor Risk Management
Trust Management Hub
Cyber Insurance
National Cybersecurity

Release Notes

Ingrid

This article is updated on a regular basis. Select the Follow button at the top-right of the page to be notified of changes to this article via email. You can also follow any of the What's New sections to be notified of newly published articles in those sections.

13-JUN-2025
User RolesNone role.
29-MAY-2025

[SPM] Subsidiaries page

  • Show or hide unsubscribed subsidiaries.
  • More streamlined subsidiary data export.
  • Reflects rating impacting and non-impacting risk vectors.
06-MAY-2025
Latest Updates – Features Bitsight Pulse Market Level Threat Intelligence in addition to Emerging Security Events.
05-MAY-2025
Archer Integrations – Integration with Bitsight Vendor Risk Management data and Connector V1.0.
24-APR-2025
Tag Inheritance – Enable or disable tag inheritance from the Account Preferences tab.
23-APR-2025
  • Guest Network Exclusion – Remove guest networks from the rating with no loss of attack surface visibility. The exclusion lasts for a renewable 1-year period.
  • Rescanned Findings – As part of the Dynamic Remediation initiative, the Rescanned Findings card in the My Company Dashboard shows the number of findings per status and the total number of findings that had a rescan requested.
14-APR-2025
Ratings Change Alert Category – Toggle between points or percentage. Be alerted when security ratings decrease or increase by a set percentage or number of points. This is useful for monitoring general fluctuations in a company or country's cyber security posture.
08-APR-2025
Ratings Preview – Prepare for the 2025 Ratings Algorithm Update (RAU).
07-APR-2025

Issue Tracking:

03-APR-2025
Emerging Security Events Card – Includes Dynamic Vulnerability Exploit (DVE) information.
25-MAR-2025
Identity Intelligence Preview Card – Detects and provides, on average, more credentials than the standard Exposed Credentials data. Identity Intelligence also supports password policy filtering, email exclusions, and correlation with identity providers (IdP).
14-MAR-2025
  • Internal Documents – Drag and drop to bulk upload documents.
  • Vendors – Monitor vendors flagged during assessments and use Continuous Monitoring subscriptions while adding vendors.
10-MAR-2025

Connections – Revoke connections without restriction and have full control of your data. Revoke connections from:

VRM App: Vendors

TMH App: Connections

07-MAR-2025
Portfolio Risk Matrix – Stoplight (green, yellow, red) color theme.
03-MAR-2025
Products by CPE Report – The Products by CPE report provides fourth party data. Use this to search for vendors, products, and versions by Common Platform Enumeration (CPE).
28-FEB-2025
Internal Information – Internal information about a vendor.
20-FEB-2025
Company-provided infrastructure now has a 60-day grace period before it impacts your rating.
06-FEB-2025
Unsubscribe from the company search and Companies tab of the Access Control page.
04-FEB-2025
28-JAN-2025
10-JAN-2025
Help Menu – Access help content (Knowledge Base and Bitsight Academy), specified by the opened application.
19-DEC-2024
  • Trust Score Adjustment – Increase or decrease the calculated Trust Score based on relevant information.
  • Instant Insights – Generative AI to extract a document's contents, analyze, and then summarize the contents into deep and actionable insights.
10-DEC-2024
Jira Integration – Allows users to integrate the SPM application and Jira, creating Jira tickets directly from the Findings Table.
27-NOV-2024
30-OCT-2024
Data Residency – Specify your operational region for storing, processing, and managing your Vendor Risk Management and Trust Management Hub data.
29-OCT-2024
  • Risk Remediation – Use the Risk Remediation forecast to create a forecast using your RRPs.
  • Findings – Most findings are no longer sampled. Companies with over 10 million findings still have sampled findings.
28-OCT-2024
Security Performance Management application – Re-organized the menu.
24-OCT-2024
Anecdotes.ai – Manage compliance programs by automating evidence collection, providing real-time insights, and allowing easy customization of frameworks and controls.
23-OCT-2024
Company Overview & Executive reports localized into Japanese [ja].
16-OCT-2024
Company Overview & Executive reports localized into German [de] and Spanish [es].
15-OCT-2024
Executive Summary – A detailed, cumulative report that provides a holistic view of the vendor portfolio.
01-OCT-2024
Public Disclosures Risk Category – DNS incidents are now separated into incidents and findings based on how they're detected.
24-SEP-2024
Financial Quantification – New Results Comparison view. Results delivery is now automated.
17-SEP-2024
SPM Alerts – New SPM alerts experience, including multiple new alert types.
09-SEP-2024
  • Assessments – Assessments are now available in the Security Performance Management application.
  • Vulnerability Detection – Incorporated Exploit Prediction Scoring System (EPSS), which estimates the likelihood that a software will be exploited. The higher the percentage the more likely it is to be exploited.
  • TMH App: Documents – Share documents (share all & selective sharing).
06-SEP-2024
Findings – Infrastructure tags are displayed in its own column instead of being below each finding.
19-AUG-2024
Peer Analytics – Compare Patching Cadence performance with your peer group.
05-AUG-2024
  • Artifacts – 'NATF Energy Sector Supply Chain Risk' added to questionnaires.
  • Assessments Overview – A comprehensive view of your assessments, providing insights into the top 5 results for upcoming, ongoing, and completed assessments.
10-JUL-2024
Forecasting – Forecast Patching Cadence findings.
01-JUL-2024
My Company Dashboard – Exposure metrics.
20-JUN-2024
Email Preferences – Be notified when a company you're monitoring is deactivated.
19-JUN-2024
Artifacts – ISO 27001:2022 questionnaire available as an artifact.
04-JUN-2024
Email Preferences – New Vulnerability Notifications available for all subscription types.
29-MAY-2024
Portfolio DashboardVendor Discovery card added.
08-MAY-2024
My Company DashboardVendor Discovery card added.
30-APR-2024
Requirements – Add [Assessment Setup ➔ Requirements] and view [Vendor Profile ➔ Requirements] alternate requirements in the Vendor Risk Management application.
23-APR-2024
Underwriting Guidelines – Include exposure data (vulnerabilities & vulnerability groups).
22-APR-2024
Data Vault – Get underlying data behind Bitsight Security Ratings without the Cyber Insurance application.
11-APR-2024
08-APR-2024
Vendor Risk Management ApplicationInternal Questionnaires page.
12-MAR-2024
  • class="app-cm"Continuous Monitoring Findings – Filter by multiple assets.
    • Multi-select the assets you want and care about from the Assets page [Infrastructure ➔ Assets] and open them in the Findings page as filters.
    • Use filter sets to save your selection from the Findings page, so you can open this filter with the same assets whenever you return to the Findings page.
  • Filter Sets – You can now create filter sets for multiple assets in the CM and SPM apps.
06-MAR-2024
Provisional Ratings – Once mapped, auto-subscribing is a 1-step process down from 2, just like Bitsight curated ratings.
MAR-2024

Emerging Security Events card:

  • The card stays hidden: Now, when you click “hide” on a card, it stays hidden even if you leave the page and come back.
  • Save space: Hidden cards mean more room for other important info on the dashboard.
  • New events still visible: Don’t worry, you won’t miss new threats. The hidden card shows the number of new events, and they’ll still automatically expand for everyone when new info appears (like a new vulnerability).
29-FEB-2024
Connections – Add vendors in bulk.
08-FEB-2024

Infrastructure data quality & collection improvements:

  • Increased asset discovery capability.
  • Improved data quality.
05-Feb-2024
Vendor Risk: Overview – Collaboration panel replaced with Asset Geolocation panel.
31-JAN-2024
Vulnerability Groups – classifies vulnerabilities in Vulnerability Detection based on common frameworks and events, to make zeroing in on the correct exposures easier and provides a more acute way of prioritizing which vulnerabilities to prioritize remediation or outreach on.
29-JAN-2024

Knowledge Base:

  • Leave comments at the bottom of an article to provide feedback on our knowledge base content.
  • Get a count of matches (grouped by category) when doing a text search.
  • Small changes to the visual design.
18-JAN-2024
Findings – Tag assets from the Findings Table.
16-JAN-2024
Financial Quantification – Major update adds frequency, annualized risk, and peer comparison capabilities.
09-JAN-2024
Risk Analytics: Risk Vectors Overview – Get a breakdown of the 13 risk vectors with cybersecurity incident data from the Marsh McLennan study.
06-DEC-2023
  • Benchmark Groups – Group companies for benchmarking. They have the same metrics and are interchangeable with peer groups.
  • Risk Analytics – Filter by tiers or folders.
05-DEC-2023
Web Application Security Risk Vector – TLS Errors on Page Resource Fetch assessment deprecated.
04-DEC-2023
Vendor Discovery – automatically surface your vendors in the Continuous Monitoring application.
28-NOV-2023
Risk Analytics – An industry-first portfolio view into third-party vendor risk. Contextualize and prioritize risk insights from a third-party ecosystem.
24-OCT-2023

Filter Sets – Bitsight filter sets.

  • Bad and warn findings
  • Findings that impact the grade
  • New findings
17-OCT-2023
Findings – Download up to 100,000 rows of findings data.
13-OCT-2023
  • Assets – Directly tag individual assets from the Assets page.
  • Findings – The Impacts Risk Vector Grade field indicates whether or not a finding currently impacts a risk vector grade. Filter findings that currently impact or no longer impact risk vector grades.
11-OCT-2023
Microsoft Azure Sentinel Integration – Bring Bitsight data and tools into existing security program workflows in Sentinel.
12-SEP-2023
Client/Vendor Access Program – Cyber Insurance clients can register for the Client/Vendor Program.
08-SEP-2023
Vendor Risk: Overview – Released.
30-Aug-2023
28-AUG-2023
  • Ratings Tree – Filtering within the SPM app.
  • Exposed Credential Data – The Domains field no longer include expired domains. It includes only the currently active and owned domains.
24-AUG-2023
Risk Remediation Plan – Available for Patching Cadence.
11-AUG-2023
Add Assets – Available for Group Admins.
08-AUG-2023
Cloud Infrastructure for AWS – Navigation available in Attack Surface menu.
04-AUG-2023
Attack Surface Analytics – Exposure insights.
02-AUG-2023
Emerging Security Events – Card available in the Latest Updates panel in the My Company Dashboard.
27-JUL-2023
  • “TPRM” renamed to “Continuous Monitoring.”
  • Design updates:
    • App switcher moved to the top of the menu on the left.
    • Expand/collapse the menu using the toggle on the bottom left.
16-JUL-2023
Infrastructure Tags – Tags are inherited by a child asset from its parent asset.
12-JUL-2023
Vulnerability Catalog Report – Replacing Vulnerability Catalog page, use this report to get all vulnerabilities that are tracked in the Bitsight platform.
07-JUL-2023
Cloud Infrastructure for AWS – Set up AWS Orgs.
26-JUN-2023
Risk Remediation Plan – Each supported risk vector shows their weight in the rating so you can strategize on which risk vectors to focus on.
15-JUN-2023
  • Power BI – SPM updates, including:
    • Findings columns added to help you visualize and manage findings.
    • Bug fixes:
      • attributed.guid and attributed.name now refer to the right entity in a company’s tree.
      • Character encoding now work for French characters.
      • Column name display.
  • Ratings Tree – See subscription type.

Related articles

Feedback

0 comments

Please sign in to leave a comment.