This article is updated on a regular basis. Select the Follow button at the top-right of the page to be notified of changes to this article via email. You can also follow any of the What's New sections to be notified of newly published articles in those sections.
- 13-JUN-2025
-
User Roles –
None
role. - 29-MAY-2025
-
- Show or hide unsubscribed subsidiaries.
- More streamlined subsidiary data export.
- Reflects rating impacting and non-impacting risk vectors.
- 06-MAY-2025
- Latest Updates – Features Bitsight Pulse Market Level Threat Intelligence in addition to Emerging Security Events.
- 05-MAY-2025
- Archer Integrations – Integration with Bitsight Vendor Risk Management data and Connector V1.0.
- 24-APR-2025
- Tag Inheritance – Enable or disable tag inheritance from the Account Preferences tab.
- 23-APR-2025
-
- Guest Network Exclusion – Remove guest networks from the rating with no loss of attack surface visibility. The exclusion lasts for a renewable 1-year period.
- Rescanned Findings – As part of the Dynamic Remediation initiative, the Rescanned Findings card in the My Company Dashboard shows the number of findings per status and the total number of findings that had a rescan requested.
- 14-APR-2025
- Ratings Change Alert Category – Toggle between points or percentage. Be alerted when security ratings decrease or increase by a set percentage or number of points. This is useful for monitoring general fluctuations in a company or country's cyber security posture.
- 08-APR-2025
- Ratings Preview – Prepare for the 2025 Ratings Algorithm Update (RAU).
- 07-APR-2025
-
- Remediation status, users assigned to remediate findings, and finding comments with the same rolled up ID can now propagate throughout the same ratings tree.
- Enable automatic finding rescans when findings are resolved (Remediation Status = Resolved).
- 03-APR-2025
- Emerging Security Events Card – Includes Dynamic Vulnerability Exploit (DVE) information.
- 25-MAR-2025
- Identity Intelligence Preview Card – Detects and provides, on average, more credentials than the standard Exposed Credentials data. Identity Intelligence also supports password policy filtering, email exclusions, and correlation with identity providers (IdP).
- 14-MAR-2025
-
- Internal Documents – Drag and drop to bulk upload documents.
- Vendors – Monitor vendors flagged during assessments and use Continuous Monitoring subscriptions while adding vendors.
- 10-MAR-2025
-
Connections – Revoke connections without restriction and have full control of your data. Revoke connections from:
VRM App: Vendors
TMH App: Connections
- 07-MAR-2025
- Portfolio Risk Matrix – Stoplight (green, yellow, red) color theme.
- 03-MAR-2025
- Products by CPE Report – The Products by CPE report provides fourth party data. Use this to search for vendors, products, and versions by Common Platform Enumeration (CPE).
- 28-FEB-2025
- Internal Information – Internal information about a vendor.
- 20-FEB-2025
- Company-provided infrastructure now has a 60-day grace period before it impacts your rating.
- 06-FEB-2025
- Unsubscribe from the company search and Companies tab of the Access Control page.
- 04-FEB-2025
-
- Severe and Material Findings Bitsight filter set. Available for SPM, CM, and Insurance findings.
- Vulnerability Evidence – Available in Third Party Assets in the Security Performance Management application and in Critical Assets in the Continuous Monitoring application.
- Portfolio Dashboard – Critical Assets Exposure card.
- 28-JAN-2025
-
- New TLS/SSL Certificate Finding Fields – Added All Sources and My Company's Sources fields.
- Security Ratings Timeline – Rating increases are included in the timeline.
- TMH/VRM User Roles – Vulnerability Response Outreach user role, which allows you to send questionnaires from the Continuous Monitoring application.
- 10-JAN-2025
- Help Menu – Access help content (Knowledge Base and Bitsight Academy), specified by the opened application.
- 19-DEC-2024
-
- Trust Score Adjustment – Increase or decrease the calculated Trust Score based on relevant information.
- Instant Insights – Generative AI to extract a document's contents, analyze, and then summarize the contents into deep and actionable insights.
- 10-DEC-2024
- Jira Integration – Allows users to integrate the SPM application and Jira, creating Jira tickets directly from the Findings Table.
- 27-NOV-2024
-
- Operational Technology Exposure Intelligence – Highlights operational technology (OT) risk and provides global visibility of exposed industrial control system (ICS) devices across supported protocols.
- TLS/SSL Certificates & TLS/SSL Configuration Findings – Details on TLS/SSL Certificates and TLS/SSL Configurations findings.
- 30-OCT-2024
- Data Residency – Specify your operational region for storing, processing, and managing your Vendor Risk Management and Trust Management Hub data.
- 29-OCT-2024
-
- Risk Remediation – Use the Risk Remediation forecast to create a forecast using your RRPs.
- Findings – Most findings are no longer sampled. Companies with over 10 million findings still have sampled findings.
- 28-OCT-2024
- Security Performance Management application – Re-organized the menu.
- 24-OCT-2024
- Anecdotes.ai – Manage compliance programs by automating evidence collection, providing real-time insights, and allowing easy customization of frameworks and controls.
- 23-OCT-2024
- Company Overview & Executive reports localized into Japanese [ja].
- 16-OCT-2024
- Company Overview & Executive reports localized into German [de] and Spanish [es].
- 15-OCT-2024
- Executive Summary – A detailed, cumulative report that provides a holistic view of the vendor portfolio.
- 01-OCT-2024
- Public Disclosures Risk Category – DNS incidents are now separated into incidents and findings based on how they're detected.
- 24-SEP-2024
- Financial Quantification – New Results Comparison view. Results delivery is now automated.
- 17-SEP-2024
- SPM Alerts – New SPM alerts experience, including multiple new alert types.
- 09-SEP-2024
-
- Assessments – Assessments are now available in the Security Performance Management application.
- Vulnerability Detection – Incorporated Exploit Prediction Scoring System (EPSS), which estimates the likelihood that a software will be exploited. The higher the percentage the more likely it is to be exploited.
- TMH App: Documents – Share documents (share all & selective sharing).
- 06-SEP-2024
- Findings – Infrastructure tags are displayed in its own column instead of being below each finding.
- 19-AUG-2024
- Peer Analytics – Compare Patching Cadence performance with your peer group.
- 05-AUG-2024
-
- Artifacts – 'NATF Energy Sector Supply Chain Risk' added to questionnaires.
- Assessments Overview – A comprehensive view of your assessments, providing insights into the top 5 results for upcoming, ongoing, and completed assessments.
- 10-JUL-2024
- Forecasting – Forecast Patching Cadence findings.
- 01-JUL-2024
- My Company Dashboard – Exposure metrics.
- 20-JUN-2024
- Email Preferences – Be notified when a company you're monitoring is deactivated.
- 19-JUN-2024
- Artifacts – ISO 27001:2022 questionnaire available as an artifact.
- 04-JUN-2024
- Email Preferences – New Vulnerability Notifications available for all subscription types.
- 29-MAY-2024
- Portfolio Dashboard – Vendor Discovery card added.
- 08-MAY-2024
- My Company Dashboard – Vendor Discovery card added.
- 30-APR-2024
- Requirements – Add [Assessment Setup ➔ Requirements] and view [Vendor Profile ➔ Requirements] alternate requirements in the Vendor Risk Management application.
- 23-APR-2024
- Underwriting Guidelines – Include exposure data (vulnerabilities & vulnerability groups).
- 22-APR-2024
- Data Vault – Get underlying data behind Bitsight Security Ratings without the Cyber Insurance application.
- 11-APR-2024
-
- Subsidiary Improvement – Patching Cadence risk vector added to Subsidiary Improvement plan.
- Risk Analytics – New color them option added to the Risk Analytics page.
- 08-APR-2024
- Vendor Risk Management Application – Internal Questionnaires page.
- 12-MAR-2024
-
- class="app-cm"Continuous Monitoring Findings – Filter by multiple assets.
- Multi-select the assets you want and care about from the Assets page [Infrastructure ➔ Assets] and open them in the Findings page as filters.
- Use filter sets to save your selection from the Findings page, so you can open this filter with the same assets whenever you return to the Findings page.
- Filter Sets – You can now create filter sets for multiple assets in the CM and SPM apps.
- class="app-cm"Continuous Monitoring Findings – Filter by multiple assets.
- 06-MAR-2024
- Provisional Ratings – Once mapped, auto-subscribing is a 1-step process down from 2, just like Bitsight curated ratings.
- MAR-2024
-
Emerging Security Events card:
- The card stays hidden: Now, when you click “hide” on a card, it stays hidden even if you leave the page and come back.
- Save space: Hidden cards mean more room for other important info on the dashboard.
- New events still visible: Don’t worry, you won’t miss new threats. The hidden card shows the number of new events, and they’ll still automatically expand for everyone when new info appears (like a new vulnerability).
- 29-FEB-2024
- Connections – Add vendors in bulk.
- 08-FEB-2024
-
Infrastructure data quality & collection improvements:
- Increased asset discovery capability.
- Improved data quality.
- 05-Feb-2024
- Vendor Risk: Overview – Collaboration panel replaced with Asset Geolocation panel.
- 31-JAN-2024
- Vulnerability Groups – classifies vulnerabilities in Vulnerability Detection based on common frameworks and events, to make zeroing in on the correct exposures easier and provides a more acute way of prioritizing which vulnerabilities to prioritize remediation or outreach on.
- 29-JAN-2024
-
Knowledge Base:
- Leave comments at the bottom of an article to provide feedback on our knowledge base content.
- Get a count of matches (grouped by category) when doing a text search.
- Small changes to the visual design.
- 18-JAN-2024
- Findings – Tag assets from the Findings Table.
- 16-JAN-2024
- Financial Quantification – Major update adds frequency, annualized risk, and peer comparison capabilities.
- 09-JAN-2024
- Risk Analytics: Risk Vectors Overview – Get a breakdown of the 13 risk vectors with cybersecurity incident data from the Marsh McLennan study.
- 06-DEC-2023
-
- Benchmark Groups – Group companies for benchmarking. They have the same metrics and are interchangeable with peer groups.
- Risk Analytics – Filter by tiers or folders.
- 05-DEC-2023
- Web Application Security Risk Vector – TLS Errors on Page Resource Fetch assessment deprecated.
- 04-DEC-2023
- Vendor Discovery – automatically surface your vendors in the Continuous Monitoring application.
- 28-NOV-2023
- Risk Analytics – An industry-first portfolio view into third-party vendor risk. Contextualize and prioritize risk insights from a third-party ecosystem.
- 24-OCT-2023
-
Filter Sets – Bitsight filter sets.
- Bad and warn findings
- Findings that impact the grade
- New findings
- 17-OCT-2023
- Findings – Download up to 100,000 rows of findings data.
- 13-OCT-2023
-
- Assets – Directly tag individual assets from the Assets page.
- Findings – The Impacts Risk Vector Grade field indicates whether or not a finding currently impacts a risk vector grade. Filter findings that currently impact or no longer impact risk vector grades.
- 11-OCT-2023
- Microsoft Azure Sentinel Integration – Bring Bitsight data and tools into existing security program workflows in Sentinel.
- 12-SEP-2023
- Client/Vendor Access Program – Cyber Insurance clients can register for the Client/Vendor Program.
- 08-SEP-2023
- Vendor Risk: Overview – Released.
- 30-Aug-2023
-
- Vulnerability Catalog – No longer available. Users should now use the Vulnerability Catalog report.
- Infrastructure: Attribution & Assets – No longer available. All data is available on the Infrastructure page.
- Infrastructure – Released.
- Findings – Use rolled up ID as a finding identifier.
- 28-AUG-2023
-
- Ratings Tree – Filtering within the SPM app.
- Exposed Credential Data – The Domains field no longer include expired domains. It includes only the currently active and owned domains.
- 24-AUG-2023
- Risk Remediation Plan – Available for Patching Cadence.
- 11-AUG-2023
- Add Assets – Available for Group Admins.
- 08-AUG-2023
- Cloud Infrastructure for AWS – Navigation available in Attack Surface menu.
- 04-AUG-2023
- Attack Surface Analytics – Exposure insights.
- 02-AUG-2023
- Emerging Security Events – Card available in the Latest Updates panel in the My Company Dashboard.
- 27-JUL-2023
-
- “TPRM” renamed to “Continuous Monitoring.”
- Design updates:
- App switcher moved to the top of the menu on the left.
- Expand/collapse the menu using the toggle on the bottom left.
- 16-JUL-2023
- Infrastructure Tags – Tags are inherited by a child asset from its parent asset.
- 12-JUL-2023
- Vulnerability Catalog Report – Replacing Vulnerability Catalog page, use this report to get all vulnerabilities that are tracked in the Bitsight platform.
- 07-JUL-2023
- Cloud Infrastructure for AWS – Set up AWS Orgs.
- 26-JUN-2023
- Risk Remediation Plan – Each supported risk vector shows their weight in the rating so you can strategize on which risk vectors to focus on.
- 15-JUN-2023
-
-
Power BI – SPM updates, including:
- Findings columns added to help you visualize and manage findings.
- Bug fixes:
-
attributed.guid
andattributed.name
now refer to the right entity in a company’s tree. - Character encoding now work for French characters.
- Column name display.
-
- Ratings Tree – See subscription type.
-
Power BI – SPM updates, including:
Feedback
0 comments
Please sign in to leave a comment.