Not all risk types are returned by the Bitsight API. Access is controlled on a per-organization level (i.e., an organization must have the right subscriptions) and depends on the endpoint.
Bitsight risk types are grouped in the following manner:
Compromised Systems
The Compromised Systems risk category indicates the presence of malware or unwanted software, which is evidence of security controls failing to prevent malicious or unwanted software from running within an organization.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | category |
Compromised Systems |
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | category |
Compromised Systems |
Botnet Infections
The Botnet Infections risk vector indicates that devices on a company’s network are participating in a botnet (combination of “robot” and “network”), either as bots or as a command and control (C&C or C2) server.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | name |
Botnet Infections |
Object (Slug Name) | botnet_infections |
||
/v1/companies/company_guid/observations
|
GET: Detailed Company Observations | risk_types |
botnet_infections |
/v1/companies/company_guid/findings
|
GET: Finding Details | risk_vector |
botnet_infections |
/v1/companies/company_guid/industries/statistics
|
GET: Industry Statistics | Object (Slug Name) | botnet_infections |
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | name |
Botnet Infections |
slug |
botnet_infections |
||
/v1/findings/wfh |
GET: Work From Home Findings | risk_types |
botnet_infections |
/v1/insights/rating_changes |
GET: Rating Change Explanations | risk_vector |
botnet |
/v1/portfolio/statistics |
GET: Portfolio Statistics | risk_vector |
Botnet Infections |
risk_vector_id |
botnet |
||
/v1/remediations |
GET: Remediation Tracking POST: Track the Remediation of a Finding |
risk_vector |
botnet_infections |
/sovereign/observations |
GET: National Cybersecurity Observation Details by Risk Type | risk_types |
botnet_infections |
/v1/tiers/thresholds |
GET: Tier Threshold Alerts | risk_category |
Botnet Infections |
Spam Propagation
The Spam Propagation risk vector is composed of spambots, where a device on a company’s network is unsolicitedly sending commercial or bulk email (spam). If spam originates from email addresses or devices within a company’s network, this is an indication of an infection.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | name |
Spam Propagation |
Object (Slug Name) | spam_propagation |
||
/v1/companies/company_guid/observations
|
GET: Detailed Company Observations | risk_types |
spam_propagation |
/v1/companies/company_guid/findings
|
GET: Finding Details | risk_vector |
spam_propagation |
/v1/companies/company_guid/industries/statistics
|
GET: Industry Statistics | Object (Slug Name) | spam_propagation |
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | name |
Spam Propagation |
slug |
spam_propagation |
||
/v1/findings/wfh |
GET: Work From Home Findings | risk_types |
spam_propagation |
/v1/insights/rating_changes |
GET: Rating Change Explanations | risk_vector |
spam |
/v1/portfolio/statistics |
GET: Portfolio Statistics | risk_vector |
Spam Propagation |
risk_vector_id |
spam |
||
/sovereign/observations |
GET: National Cybersecurity Observation Details by Risk Type | risk_types |
spam_propagation |
/v1/tiers/thresholds |
GET: Tier Threshold Alerts | risk_category |
Spam Propagation |
Malware Servers
The Malware Servers risk vector is an indication that a system is engaging in malicious activity, such as phishing, fraud, or scams. A company’s network is hosting malware that is meant to lure visitors to a website or send a file that injects malicious code or viruses.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | name |
Malware Servers |
Object (Slug Name) | malware_servers |
||
/v1/companies/company_guid/observations
|
GET: Detailed Company Observations | risk_types |
malware_servers |
/v1/companies/company_guid/findings
|
GET: Finding Details | risk_vector |
malware_servers |
/v1/companies/company_guid/industries/statistics
|
GET: Industry Statistics | Object (Slug Name) | malware_servers |
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | name |
Malware Servers |
slug |
malware_servers |
||
/v1/findings/wfh |
GET: Work From Home Findings | risk_types |
malware_servers |
/v1/insights/rating_changes |
GET: Rating Change Explanations | risk_vector |
mal_server |
/v1/portfolio/statistics |
GET: Portfolio Statistics | risk_vector |
Malware Servers |
risk_vector_id |
mal_server |
||
/sovereign/observations |
GET: National Cybersecurity Observation Details by Risk Type | risk_types |
malware_servers |
/v1/tiers/thresholds |
GET: Tier Threshold Alerts | risk_category |
Malware Servers |
Unsolicited Communications
The Unsolicited Communications risk vector indicates a host is trying to contact a service on another host. It might be attempting to communicate with a server that is not providing or advertising any useful services, the attempt may be unexpected, or the service is unsupported. This also accounts for hosts that might be scanning darknets.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | name |
Unsolicited Communications |
Object (Slug Name) | unsolicited_comm |
||
/v1/companies/company_guid/observations
|
GET: Detailed Company Observations | risk_types |
unsolicited_comm |
/v1/companies/company_guid/findings
|
GET: Finding Details | risk_vector |
unsolicited_comm |
/v1/companies/company_guid/industries/statistics
|
GET: Industry Statistics | Object (Slug Name) | unsolicited_comm |
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | name |
Unsolicited Communications |
slug |
unsolicited_comm |
||
/v1/findings/wfh |
GET: Work From Home Findings | risk_types |
unsolicited_comm |
/v1/insights/rating_changes |
GET: Rating Change Explanations | risk_vector |
unexp_comm |
/v1/portfolio/statistics |
GET: Portfolio Statistics | risk_vector |
Unsolicited Communications |
risk_vector_id |
unexp_comm |
||
/v1/tiers/thresholds |
GET: Tier Threshold Alerts | risk_category |
Unsolicited Communications |
Potentially Exploited
The Potentially Exploited risk vector indicates that a device on a company’s network is running a potentially unwanted program (PUP) or potentially unwanted application (PUA).
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | name |
Potentially Exploited |
Object (Slug Name) | potentially_exploited |
||
/v1/companies/company_guid/observations
|
GET: Detailed Company Observations | risk_types |
potentially_exploited |
/v1/companies/company_guid/findings
|
GET: Finding Details | risk_vector |
potentially_exploited |
/v1/companies/company_guid/industries/statistics
|
GET: Industry Statistics | Object (Slug Name) | potentially_exploited |
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | name |
Potentially Exploited |
slug |
potentially_exploited |
||
/v1/findings/wfh |
GET: Work From Home Findings | risk_types |
potentially_exploited |
/v1/insights/rating_changes |
GET: Rating Change Explanations | risk_vector |
pot_exploited |
/v1/portfolio/statistics |
GET: Portfolio Statistics | risk_vector |
Potentially Exploited |
risk_vector_id |
pot_exploited |
||
/v1/remediations |
GET: Remediation Tracking POST: Track the Remediation of a Finding |
risk_vector |
potentially_exploited |
/sovereign/observations |
GET: National Cybersecurity Observation Details by Risk Type | risk_types |
potentially_exploited |
/v1/tiers/thresholds |
GET: Tier Threshold Alerts | risk_category |
Potentially Exploited |
Diligence
The Diligence risk category assesses the steps a company has taken to prevent attacks, their best practice implementation, and risk mitigation (e.g., server configurations) to determine if the security practices of an organization are on par with industry-wide best practices.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | category |
Diligence |
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | category |
Diligence |
SPF Domains
The SPF Domains risk vector assesses the effectiveness of Sender Policy Framework (SPF) records, which are DNS records that identify mail servers permitted to send email on behalf of a domain. Properly configured SPF records ensure that only authorized hosts can send email on behalf of a company by providing receiving mail servers the information they need to reject mail sent by unauthorized hosts.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | name |
SPF |
Object (Slug Name) | spf |
||
/v1/companies/company_guid/observations
|
GET: Detailed Company Observations | risk_types |
spf |
/v1/companies/company_guid/findings
|
GET: Finding Details | risk_vector |
spf |
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | name |
SPF |
slug |
spf |
||
/v1/insights/rating_changes |
GET: Rating Change Explanations | risk_vector |
spf |
/v1/portfolio/statistics |
GET: Portfolio Statistics | risk_vector |
SPF |
risk_vector_id |
spf |
||
/v1/remediations |
GET: Remediation Tracking POST: Track the Remediation of a Finding |
risk_vector |
spf |
/v1/tiers/thresholds |
GET: Tier Threshold Alerts | risk_category |
SPF |
DKIM Records
The DKIM Records risk vector assesses the effectiveness of DomainKeys Identified Mail (DKIM) records, which is a countermeasure against adversaries that are attempting to send fake email by using a company’s email domain. Properly configured DKIM records can ensure that only authorized hosts can send email on behalf of a company.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | name |
DKIM |
Object (Slug Name) | dkim |
||
/v1/companies/company_guid/observations
|
GET: Detailed Company Observations | risk_types |
dkim |
/v1/companies/company_guid/findings
|
GET: Finding Details | risk_vector |
dkim |
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | name |
DKIM |
slug |
dkim |
||
/v1/insights/rating_changes |
GET: Rating Change Explanations | risk_vector |
dkim |
/v1/portfolio/statistics |
GET: Portfolio Statistics | risk_vector |
DKIM |
risk_vector_id |
dkim |
||
/v1/tiers/thresholds |
GET: Tier Threshold Alerts | risk_category |
DKIM |
TLS/SSL Certificates
The TLS/SSL Certificates risk vector evaluates the strength and effectiveness of the cryptographic keys within TLS and SSL certificates, which are used to encrypt internet traffic. Certificates are responsible for verifying the authenticity of company servers to associates, clients, and guests, and also serves as the basis for establishing cryptographic trust.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | name |
SSL Certificates |
Object (Slug Name) | ssl_certificates |
||
/v1/companies/company_guid/observations
|
GET: Detailed Company Observations | risk_types |
ssl_certificates |
/v1/companies/company_guid/findings
|
GET: Finding Details | risk_vector |
ssl_certificates |
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | name |
SSL Certificates |
slug |
ssl_certificates |
||
/v1/insights/rating_changes |
GET: Rating Change Explanations | risk_vector |
certificate |
/v1/portfolio/statistics |
GET: Portfolio Statistics | risk_vector |
SSL Certificates |
risk_vector_id |
certificate |
||
/v1/remediations |
GET: Remediation Tracking POST: Track the Remediation of a Finding |
risk_vector |
ssl_certificates |
/sovereign/observations |
GET: National Cybersecurity Observation Details by Risk Type | risk_types |
ssl_certificates |
/v1/tiers/thresholds |
GET: Tier Threshold Alerts | risk_category |
SSL Certificates |
TLS/SSL Configurations
The TLS/SSL Configurations risk vector determines if the used security protocol libraries support strong encryption standards when making connections to other machines. TLS/SSL is a widely used method of securing communications over the Internet.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | name |
SSL Configurations |
Object (Slug Name) | ssl_configurations |
||
/v1/companies/company_guid/observations
|
GET: Detailed Company Observations | risk_types |
ssl_configuration |
/v1/companies/company_guid/findings
|
GET: Finding Details | risk_vector |
ssl_configurations |
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | name |
SSL Configurations |
slug |
ssl_configurations |
||
/v1/insights/rating_changes |
GET: Rating Change Explanations | risk_vector |
ssl |
/v1/portfolio/statistics |
GET: Portfolio Statistics | risk_vector |
SSL Configurations |
risk_vector_id |
ssl |
||
/v1/remediations |
risk_vector |
ssl_configurations |
|
/sovereign/observations |
GET: National Cybersecurity Observation Details by Risk Type | risk_types |
ssl_configuration |
/v1/tiers/thresholds |
GET: Tier Threshold Alerts | risk_category |
SSL Configurations |
Open Ports
The Open Ports risk vector observes ports that are exposed to the Internet, known as “open ports.” While certain ports must be open to support normal business functions and few companies will actually have no ports open, the fewer ports that are exposed to the Internet, the fewer openings there are for attack.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | name |
Open Ports |
Object (Slug Name) | open_ports |
||
/v1/companies/company_guid/observations
|
GET: Detailed Company Observations | risk_types |
open_ports |
/v1/companies/company_guid/findings
|
GET: Finding Details | risk_vector |
open_ports |
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | name |
Open Ports |
slug |
open_ports |
||
/v1/findings/wfh |
GET: Work From Home Findings | risk_types |
open_ports |
/v1/insights/rating_changes |
GET: Rating Change Explanations | risk_vector |
open_port |
/v1/portfolio/statistics |
GET: Portfolio Statistics | risk_vector |
Open Ports |
risk_vector_id |
open_port |
||
/v1/remediations |
GET: Remediation Tracking POST: Track the Remediation of a Finding |
risk_vector |
open_ports |
/sovereign/observations |
GET: National Cybersecurity Observation Details by Risk Type | risk_types |
open_ports |
/v1/tiers/thresholds |
GET: Tier Threshold Alerts | risk_category |
Open Ports |
Web Application Headers
The Web Application Headers risk vector analyzes security-related fields in the header section of communications between users and an application. They contain information about the messages, determine how to receive messages, and how recipients should respond to a message.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | name |
Web Application Headers |
Object (Slug Name) | application_security |
||
/v1/companies/company_guid/observations
|
GET: Detailed Company Observations | risk_types |
application_security |
/v1/companies/company_guid/findings
|
GET: Finding Details | risk_vector |
application_security |
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | name |
Web Application Headers |
slug |
application_security |
||
/v1/insights/rating_changes |
GET: Rating Change Explanations | risk_vector |
http_headers |
/v1/portfolio/statistics |
GET: Portfolio Statistics | risk_vector |
Web Application Headers |
risk_vector_id |
http_headers |
||
/v1/remediations |
risk_vector |
application_security |
|
/sovereign/observations |
GET: National Cybersecurity Observation Details by Risk Type | risk_types |
application_security |
/v1/tiers/thresholds |
GET: Tier Threshold Alerts | risk_category |
Web Application Headers |
Patching Cadence
The Patching Cadence risk vector evaluates systems that are affected by software vulnerabilities (holes or bugs in software, hardware, or encryption methods that can be used by attackers to gain unauthorized access to systems and their data) and how quickly any issues are fixed.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | name |
Patching Cadence |
Object (Slug Name) | patching_cadence |
||
/v1/companies/company_guid/observations
|
GET: Detailed Company Observations | risk_types |
patching_cadence |
/v1/companies/company_guid/findings
|
GET: Finding Details | risk_vector |
patching_cadence |
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | name |
Patching Cadence |
slug |
patching_cadence |
||
/v1/insights/rating_changes |
GET: Rating Change Explanations | risk_vector |
pc |
/v1/portfolio/statistics |
GET: Portfolio Statistics | risk_vector |
Patching Cadence |
risk_vector_id |
pc |
||
/v1/remediations |
GET: Remediation Tracking POST: Track the Remediation of a Finding |
risk_vector |
patching_cadence |
/v1/tiers/thresholds |
GET: Tier Threshold Alerts | risk_category |
Patching Cadence |
Insecure Systems
The Insecure Systems risk vector assesses endpoints (which can be any computer, server, device, system, or appliance with internet access) that are communicating with an unintended destination. The software of these endpoints may be outdated, tampered, or misconfigured. A system is classified as “insecure” when these endpoints try to communicate with a web domain that doesn’t yet exist or isn’t registered to anyone.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | name |
Insecure Systems |
Object (Slug Name) | insecure_systems |
||
/v1/companies/company_guid/observations
|
GET: Detailed Company Observations | risk_types |
insecure_systems |
/v1/companies/company_guid/findings
|
GET: Finding Details | risk_vector |
insecure_systems |
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | name |
Insecure Systems |
slug |
insecure_systems |
||
/v1/insights/rating_changes |
GET: Rating Change Explanations | risk_vector |
insecure_sys |
/v1/portfolio/statistics |
GET: Portfolio Statistics | risk_vector |
Insecure Systems |
risk_vector_id |
insecure_sys |
||
/v1/remediations |
GET: Remediation Tracking POST: Track the Remediation of a Finding |
risk_vector |
insecure_systems |
/sovereign/observations |
GET: National Cybersecurity Observation Details by Risk Type | risk_types |
insecure_systems |
/v1/tiers/thresholds |
GET: Tier Threshold Alerts | risk_category |
Insecure Systems |
Server Software
The Server Software risk vector helps track security problems introduced by server software that is no longer supported. Supported software versions receive attention from the software development team and vendor when bugs or vulnerabilities are discovered.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | name |
Server Software |
Object (Slug Name) | server_software |
||
/v1/companies/company_guid/observations
|
GET: Detailed Company Observations | risk_types |
server_software |
/v1/companies/company_guid/findings
|
GET: Finding Details | risk_vector |
server_software |
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | name |
Server Software |
slug |
server_software |
||
/v1/insights/rating_changes |
GET: Rating Change Explanations | risk_vector |
server_software |
/v1/portfolio/statistics |
GET: Portfolio Statistics | risk_vector |
Server Software |
risk_vector_id |
server_software |
||
/v1/remediations |
GET: Remediation Tracking POST: Track the Remediation of a Finding |
risk_vector |
server_software |
/sovereign/observations |
GET: National Cybersecurity Observation Details by Risk Type | risk_types |
server_software |
/v1/tiers/thresholds |
GET: Tier Threshold Alerts | risk_category |
Server Software |
Desktop Software
The Desktop Software risk vector compares the version information of laptop and desktop software with the latest and currently available software versions to determine if the device software is supported or out-of-date.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | name |
Desktop Software |
Object (Slug Name) | desktop_software |
||
/v1/companies/company_guid/observations
|
GET: Detailed Company Observations | risk_types |
endpoint_pc |
/v1/companies/company_guid/findings
|
GET: Finding Details | risk_vector |
desktop_software |
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | name |
Desktop Software |
slug |
desktop_software |
||
/v1/insights/rating_changes |
GET: Rating Change Explanations | risk_vector |
endpoint_pc |
/v1/portfolio/statistics |
GET: Portfolio Statistics | risk_vector |
Desktop Software |
risk_vector_id |
endpoint_pc |
||
/v1/tiers/thresholds |
GET: Tier Threshold Alerts | risk_category |
Desktop Software |
Mobile Software
The Mobile Software risk vector compares the version information of mobile device operating systems and browsers with the latest and currently available software versions to determine if the device software is supported or out-of-date.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | name |
Mobile Software |
Object (Slug Name) | mobile_software |
||
/v1/companies/company_guid/observations
|
GET: Detailed Company Observations | risk_types |
endpoint_mobile |
/v1/companies/company_guid/findings
|
GET: Finding Details | risk_vector |
mobile_software |
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | name |
Mobile Software |
slug |
mobile_software |
||
/v1/insights/rating_changes |
GET: Rating Change Explanations | risk_vector |
endpoint_mobile |
/v1/portfolio/statistics |
GET: Portfolio Statistics | risk_vector |
Mobile Software |
risk_vector_id |
endpoint_mobile |
||
/v1/remediations |
risk_vector |
mobile_software |
|
/v1/tiers/thresholds |
GET: Tier Threshold Alerts | risk_category |
Mobile Software |
DNSSEC Records
The DNSSEC Records risk vector determines if a company is using the DNSSEC protocol, which is a public key encryption that authenticates DNS servers, and then assesses the effectiveness of its configuration. The DNSSEC protocol protects against DNS spoofing, which involves diverting traffic to an attacker’s computer, creating an opportunity for loss of confidentiality, data theft, etc.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | name |
DNSSEC |
Object (Slug Name) | dnssec |
||
/v1/companies/company_guid/observations
|
GET: Detailed Company Observations | risk_types |
dnssec |
/v1/companies/company_guid/findings
|
GET: Finding Details | risk_vector |
dnssec |
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | name |
DNSSEC |
slug |
dnssec |
||
/v1/insights/rating_changes |
GET: Rating Change Explanations | risk_vector |
dnssec |
/v1/portfolio/statistics |
GET: Portfolio Statistics | risk_vector |
DNSSEC |
risk_vector_id |
dnssec |
||
/v1/tiers/thresholds |
GET: Tier Threshold Alerts | risk_category |
DNSSEC |
Mobile Application Security
The Mobile Application Security risk vector analyzes the security aspects of an organization’s mobile application offerings that are publicly available in official marketplaces, such as the Apple App Store and Google Play.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | name |
Mobile Application Security |
Object (Slug Name) | mobile_application_security |
||
/v1/companies/company_guid/observations
|
GET: Detailed Company Observations | risk_types |
mobile_application_security |
/v1/companies/company_guid/findings
|
GET: Finding Details | risk_vector |
mobile_application_security |
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | name |
Mobile Application Security |
slug |
mobile_application_security |
||
/v1/insights/rating_changes |
GET: Rating Change Explanations | risk_vector |
mobile_appsec |
/v1/portfolio/statistics |
GET: Portfolio Statistics | risk_vector |
Mobile Application Security |
risk_vector_id |
mobile_appsec |
||
/v1/tiers/thresholds |
GET: Tier Threshold Alerts | risk_category |
Mobile Application Security |
Domain Squatting
The Domain Squatting risk vector detects the presence of domains named similarly to those that are owned and trademarked by an organization. Detection for these types of domains is based on information provided by DNS queries.
User Behavior
The User Behavior risk category assesses employee activity, such as file sharing and password re-use.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | category |
User Behavior |
File Sharing
The File Sharing risk vector tracks the sharing of files, such as books, music, movies, TV shows, and applications. This includes files shared over the BitTorrent protocol or when observed on company infrastructure.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | name |
File Sharing |
Object (Slug Name) | file_sharing |
||
/v1/companies/company_guid/observations
|
GET: Detailed Company Observations | risk_types |
file_sharing |
/v1/companies/company_guid/findings
|
GET: Finding Details | risk_vector |
file_sharing |
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | name |
File Sharing |
slug |
file_sharing |
||
/v1/insights/rating_changes |
GET: Rating Change Explanations | risk_vector |
torrent |
/v1/portfolio/statistics |
GET: Portfolio Statistics | risk_vector |
File Sharing |
risk_vector_id |
torrent |
||
/sovereign/observations |
GET: National Cybersecurity Observation Details by Risk Type | risk_types |
file_sharing |
/v1/tiers/thresholds |
GET: Tier Threshold Alerts | info_category |
Exposed Credentials |
risk_category |
File Sharing |
Exposed Credentials
The Exposed Credentials risk vector looks at verified breaches to indicate if the employees of a company had their information publicly disclosed and posted online as a result of a successful cyber attack on their company’s third parties.
Public Disclosures
The Public Disclosures risk category provides information related to possible incidents of undesirable access to a company’s data, including breaches, general security incidents, and other disclosures. Information is collected from verifiable news sources, both domestic and international, and by filing Freedom of Information Act (FOIA) requests.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | category |
Public Disclosures |
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | category |
Public Disclosures |
Security Incidents
The Security Incidents risk vector involves a broad range of events related to the undesirable access of a company’s data or resources, including personal health information, personally identifiable information, trade secrets, and intellectual property. They’re grouped into Breach Security Incidents and General Security Incidents.
Path | Purpose | Associated Field | Values |
---|---|---|---|
/v1/companies/company_guid
|
GET: Company Details | name |
Security Incidents |
Object (Slug Name) | data_breaches |
||
/v1/companies/company_guid/reports/company-preview
|
GET, POST: Preview Report with Industry Comparison | name |
Security Incidents |
slug |
data_breaches | ||
/v1/insights/rating_changes |
GET: Rating Change Explanations | risk_vector |
breach |
/v2/portfolio |
GET: Portfolio Details | security_incident_categories |
|
/v1/portfolio/statistics |
GET: Portfolio Statistics | risk_vector |
Security Incidents |
risk_vector_id |
breach |
||
/v1/tiers/thresholds |
GET: Tier Threshold Alerts | public_disclosure_category |
|
risk_category |
Security Incidents |
Other Disclosures
The Other Disclosures risk vector includes other kinds of publicly disclosed events. It’s considered to be the least severe among the Public Disclosures risk vectors.
Path | Purpose | Associated Field | Value |
---|---|---|---|
/v2/portfolio |
GET: Portfolio Details | security_incident_categories |
other |
Vulnerability
Path | Purpose | Associated Field | Value |
---|---|---|---|
/sovereign/observations |
GET: National Cybersecurity Observation Details by Risk Type | risk_types |
vulnerability |
- August 31, 2022: Added
/v1/insights/rating_changes
as a related path. - July 8, 2021: Added
/sovereign/observations
as a related path. - December 2, 2020: Added “GET: Tier Threshold Alerts” (
/v1/tiers/thresholds
).
Feedback
0 comments
Please sign in to leave a comment.