SPM App: Dashboard

The My Company Dashboard in the Security Performance Management application [ Dashboard] is a configurable dashboard that highlights recent changes to your organization’s Bitsight Security Ratings, the Latest Updates panel, and supporting data (e.g., ratings, new findings, and infrastructure changes).

• Quickly identify areas that require focus.
• The cards can be used as a starting point for exploring specific areas of interest.
• Faster risk reduction (less time sorting issues).
• Unique to each user and can be personalized based on their areas of responsibility; Highly customizable and can be tailored to specific areas of responsibility, e.g., by risk vector or a particular subsidiary.
• By highlighting things that have changed recently, the dashboard serves as a summary of those changes across the companies within your organization (My Company and SPM Subsidiaries).

Cards

• Default
• Company Details
• External Attack Surface Management (EASM)
• Risk Vectors

Default

Account Recommendations

Consult our recommendations for managing your Bitsight account and for further guidance on managing your organization’s performance.

Actions & Configuration Options

Once completed, this can be removed from your dashboard [ Edit Dashboard ➔ Remove].

Alerts

Automatically detect changes in your security posture with alerts.

Actions & Configuration Options

Select View Alerts to see your generated alerts.

Collaboration Inbox

View and address your invitations to collaborate via the Client/Vendor Access Program.

Subscriptions

See subscription usage.

Actions & Configuration Options

Save as Image = Download a PNG of this card.

Vendor Discovery

Summarizes unmonitored discovered vendor risk and monitored discovered vendors. The card displays unsubscribed vendors with the highest relevance.

Actions & Configuration Options

• Quickly subscribe to and monitor up to 5 discovered vendors.
• Get an overview of the discovered vendors in the Vendor Discovery page within the Continuous Monitoring application.
• Save as Image = Download a PNG of this card.

Company Details

Get a comprehensive dashboard for managing company details, monitoring Bitsight Security Ratings, benchmarking against peers, and tracking.

Benchmarking

Benchmark your company against your peers.

Actions & Configuration Options

See changes in your peer group’s ratings from 7, 30, or 90 days.

Bitsight Security Rating

The company’s rating gauge, their rating category, and any rating designations.

Actions & Configuration Options

See the changes in your security rating from 7, 30, or 90 days.

My Rating Changes

Observe the rating changes within your organization.

Actions & Configuration Options

• Pinned Companies: Observe the top five companies within your organization that have had the most significant rating changes or pin specific companies in your organization to the card.
• Date Range: See the changes among your organization from 7, 30, or 90 days.

Rating Overview

Check your company’s performance for each risk vector.

Actions & Configuration Options

Configure the card:

• Change the card title.
• Select the company.

Security Ratings Changes

Monitor fluctuations in your cyber security posture. The Security Ratings Changes & Highlights panel details the factors behind rating changes over the past year. It includes significant rating drops (10 or more points), adjustments from rating algorithm updates, and historical changes like network remaps.

Actions & Configuration Options

• Save as image.
• Download data.
• Configure the card:
  • Change the card title.
  • Select the company.

External Attack Surface Management (EASM)

Explore and manage your external attack surface with enhanced clarity and control. Use dynamic visualizations that bring critical security insights into focus, which empowers you to effectively prioritize and address vulnerabilities.

❖ Available with External Attack Surface Enhanced.

Attack Surface Exposure❖

Identify confirmed or suspected vulnerabilities on your infrastructure.

Actions & Configuration Options

• See only confirmed or all vulnerabilities.
• Select a bubble to see more details about the vulnerability.
• Select the vulnerability name to see more details and generate the Vulnerability Detection report.
• Select the asset name to get more context in the Assets page.
• Select the asset name to get more context in the Assets page.
• Select the findings count to see finding details for findings in the corresponding asset.
• Configure the card:
  • Change the card title.
  • Select the company.
• Download the data.

Confirmed Vulnerabilities❖

Streamline threat management by filtering and exporting confirmed vulnerability exposures based on severity and current exposure.

Actions & Configuration Options

• Select a severity count bar to see vulnerability details for the corresponding severity.
• Download data.
• Configure the card:
  • Change the card title.
  • Select the company.
• Filter by Bitsight severity.
• Filter by evidence certainty.
• Filter by exposure detection.

Deprecated Technology❖

Detect and prioritize assets with unsupported products for targeted security enhancements.

Actions & Configuration Options

• Select the product count to see assets that currently have unsupported products.
• Download data.
• Configure the card:
  • Change the card title.
  • Select the company.
• Filter by asset importance.

Evolution of Findings over time❖

Track and analyze the progression of findings over time.

Actions & Configuration Options

• Hover over the findings line to see the numbers of first seen and last seen findings.
• Select the findings line to see finding details for that month.
• Download data.
• Configure the card:
  • Change the card title.
  • Select the company.
  • Select included risk vectors.
  • Filter by finding severity.
  • Filter by asset importance.

Findings Backlog Evolution❖

Monitor and track the evolution of the findings backlog, including resolved and unresolved issues. Use the remediation statuses to take the most advantage out of this card.

Actions & Configuration Options

• Hover over findings count line or bar to see the number of findings for the corresponding classification during each month.
• Select the findings count line or bar to see details about those specific findings for that specific month.
• Download data.
• Configure the card:
  • Change the card title.
  • Select the company.
  • Select include risk vectors.
  • Filter by finding severity.
  • Filter by asset importance.

Infrastructure Changes

Track the changes in your infrastructure and identify the source of those changes. This includes infrastructure changes of any company in your organization.

Actions & Configuration Options

• Title
• SPM Companies
• Date Range (7, 30, or 90 days)

New High-Priority Findings

Assess the newest findings, as prioritized by the Asset Risk Matrix.

Actions & Configuration Options

• Title
• SPM Companies
• Date Range (7, 30, or 90 days)
• Finding Severity
• Asset Importance

New Material/Severe Findings

Investigate new findings using the available filters (company, risk vector, finding severity, finding grade).

Actions & Configuration Options

• Title
• SPM Companies
• Risk Vectors
• First Seen (7, 30, or 90 days)
• Grade (Finding Grades)
• Finding Severity
• Asset Importance

Remediation Status

Determine when to take action and get an overview of your remediation activities.

Actions & Configuration Options

• Title
• Date Range = Filter the time period for the middle Work in Progress bar.
  • ↻ 7 Days
  • 30 Days
  • 90 days
• Risk Vectors (Default: ↻ All)
• Assigned Users (Default: ↻ All)
• SPM Companies (Default: ↻ My Company)

Rescanned Findings

Shows the number of findings per status and the total number of findings that had a rescan requested.

Actions & Configuration Options

• Configure the card:
  • Change the card title.
  • Filter by date range.
  • Filter by risk vectors.
• Save as Image = Download a PNG of this card.

Risk Vectors

Manage and prioritize security risks effectively. Track and address specific vulnerabilities within your organization to enhance your overall security posture.

Compromised Systems

Identify evidence of the presence of malware or unwanted software. See more details about Compromised Systems.

Actions & Configuration Options

Configure the card:

• Change the card title.
• Select the company.

Remediation Strategy

Remediation Strategy identifies high-impact findings so you can remediate them and improve risk vector grades.

Actions & Configuration Options

Configure the card:

• Change the card title.
• Select the company.
• Filter by date range.
• Filter by risk vectors.
• Filter by assigned users.

Unresolved Findings by Severity❖

See the number of unresolved findings impacting the risk vector.

Actions & Configuration Options

• Select the severity count bar to see finding details for the corresponding severity.
• Configure the card:
  • Change the card title.
  • Select the company.
  • Filter by date range.
  • Filter by risk vectors.
  • Filter by finding severity.
  • Filter by asset importance.