How are the Desktop Software and Mobile Software Risk Vectors Observed? Ingrid To collect data for the Desktop Software and Mobile Software risk vectors (endpoint data), we partner with large content providers that serve content in websites across the Internet. Browser fingerprinting information is gathered from a large, global network of ads on websites. A fingerprint is generated for the system when a browser connects to a website in our partner network. Data is identified by IP address, and not specific users. The estimated number of users is based on the number of distinct browser fingerprints with a unique pair of browser and operating system versions. Software support status is based on the latest known published versions. Internal records are updated on a weekly basis. Collected Data The following data are used to estimate the number of distinct users seen using a given browser and operating system pair and identify the system: Data Description Browser Fingerprint Used for de-duplication. IP Address Traffic source IP address. These are associated with individual organizations within the Bitsight platform. User-agent Identifies the company network where the traffic originates from. Includes: The browser and operating system versions. The number of seen users. This is used by web servers to determine what they should send for the browser to properly display the webpage. It contains the client's browser and operating system (OS) information. The OS/browser information is then used to create the Desktop Software and Mobile Software risk vectors. August 2, 2024: Cookies no longer used for collecting Desktop Software and Mobile Software data. April 29, 2024: Updated wording to include browser fingerprinting. February 24, 2020: Published. Related articles Desktop Software Risk Vector Mobile Software Risk Vector How is the Desktop Software Risk Vector Assessed? TLS/SSL Finding Remediation & Remediation Verification Setting a DMARC Policy Feedback 0 comments Please sign in to leave a comment.