https://api.bitsighttech.com/ratings/v1/defaults
Get static Bitsight data, such as:
- Rating category ranges.
- Bitsight risk vectors.
- The Bitsight platform color schemes.
Example Request
curl https://api.bitsighttech.com/ratings/v1/defaults -u api_token:
Example Response
{ "subscription_types":[ { "duration":30, "api_key_name":"vendor-selection", "display_name":"Vendor Selection", "name":"vendor_selection_30_days" } […] ], "vendor_access_request_reasons":[ { "description":"Provides general awareness of Bitsight and Bitsight Security Ratings.", "slug":"informational", "name":"Informational" } […] ], "filter_order":[ […] ], "risk_vectors":{ "color_by_grade":{ "A":"#239563" […] }, "details_by_name":{ "Web Application Headers":{ "category":"Diligence", "impact":"medium", "slug":"application_security", "order":11, "beta":false, "refreshable":true, "id":"http_headers" } […] } }, "relationship_types":[ { "api_key_name":"vendor", "display_name":"Vendor" } […] ], "public_disclosure_categories":[ { "subcategories":[ "Fraud" ], "slug":"other", "name":"Other Disclosure" } […] ], "vendor_action_plan_names":{ "3":[ "escalate" ] […] }, "rating_ranges":{ "basic":{ "color":"#c23024", "max":640, "min":250, "name":"Basic", "description":"Companies with Bitsight Security Ratings in the Basic Rating category have lower Security Ratings, and thus an increased likelihood of data breach. Organizations in this category typically have not implemented best practice IT security policies and procedures, demonstrate evidence of compromised systems on their network, and provide the greatest risk. Basic companies are, on average, 2 - 3x more likely to get breached than Intermediate companies, and companies with a rating of 400 or lower were 5x more likely to experience a publicly disclosed data breach than companies with a security rating of 700 or higher." } […] }, "roles":[ { "presentation":"Portfolio Manager", "slug":"customer_portfolio_manager" } […] ], "risk_categories":[ "Compromised Systems" […] ], "nist_categories":[ { "function":"Detect", "name":"Security Continuous Monitoring", "nist_category_code":"DE.CM", "order":8, "guid":"ac71bb98-bb81-4587-8963-c6e69ebbe32e", "id":"security-continuous-monitoring" } […] ] }
Response Attributes
Field | Description | |||
---|---|---|---|---|
subscription_types Array |
Supported subscriptions. | |||
Object | A subscription’s details. | |||
duration Integer [ |
If the subscription is time-limited, this is the active duration. | |||
api_key_name String |
The slug name of the subscription. | |||
display_name String |
The name of the subscription, as displayed in the Bitsight platform. | |||
name String |
The internal Bitsight name of the subscription. | |||
vendor_access_request_reasons Array |
Reasons for collaboration via the Client/Vendor Access Program. | |||
Object | A collaboration reason’s details. | |||
description String |
A description of the collaboration reason. | |||
slug String |
The slug name of the collaboration reason. | |||
name String |
The name of the collaboration reason, as displayed in the Bitsight platform. | |||
filter_order Array |
The ordered list of portfolio filters, as displayed in the Bitsight platform. | |||
risk_vectors Object |
Non-informational risk vectors. | |||
color_by_grade Object |
Letter grade colors, as displayed in the Bitsight platform. | |||
Letter Grade String |
The color hex code for this letter grade. | |||
details_by_name Object |
Defaults by risk vector. | |||
Risk Vector Object |
Defaults for this risk vector. | |||
category String |
The risk category of this risk vector. | |||
impact String |
The impact of this risk vector on the rating, as conveyed by the Peer Analytics Risk Vector Gap Analysis. | |||
slug String |
The slug name of this risk vector. | |||
order Integer |
The order of this risk vector among all risk vectors, as displayed in the Bitsight platform. | |||
beta Boolean |
true = This risk vector is currently in beta. Therefore, it does not impact the rating. |
|||
refreshable Boolean |
true = Findings for this risk vector can be refreshed. |
|||
id String |
The unique string ID of this risk vector. | |||
relationship_types Array |
Company relationship details. | |||
Object | A company relationship’s details. | |||
api_key_name String |
The API key name of this relationship type. | |||
display_name String |
The name of this company relationship. | |||
public_disclosure_categories Array |
Public Disclosure incident category details. See: |
|||
Object | An incident category’s details. | |||
subcategories Array |
Incident types within this incident category. | |||
slug String |
The slug name of this incident category. | |||
name String |
The name of this incident category. | |||
vendor_action_plan_names Object |
The slug name of each action plan. | |||
Integer Array |
Distinct and configured action plans. | |||
rating_ranges Object |
Rating category details. | |||
Rating Category Object |
Details of this rating category. | |||
color String |
The color hex code of this rating category, as depicted in the Bitsight platform. | |||
max Integer |
The maximum rating range of this rating category (<). | |||
min Integer |
The minimum rating range of this rating category (≥). | |||
name String |
The name of this rating category. | |||
description String |
Why companies are in this rating category. | |||
roles Array |
User role details. | |||
Object | A user role’s details. | |||
presentation String |
The name of this user role. | |||
slug String |
The API key name of this user role. | |||
risk_categories Array |
Risk categories. | |||
nist_categories Array |
Bitsight NIST CyberSecurity Frame Report (NIST CSF report) details. | |||
Object | A NIST category’s details. | |||
function String |
The high-level function of this NIST category, which is supported by Bitsight risk vectors. | |||
name String |
The name of this NIST category. | |||
nist_category_code String |
The subcategory code. | |||
order Integer |
The order of this NIST category within the report. | |||
guid String [ |
The unique identifier of this NIST category. | |||
id String |
Category identification. |
-
April 1, 2021: Added
name
anddescription
fields forrating_ranges
. - March 8, 2021: Published.
Feedback
0 comments
Please sign in to leave a comment.