https://api.bitsighttech.com/ratings/v1/defaults
Get static Bitsight data, such as:
- Rating category ranges.
- Bitsight risk vectors.
- The Bitsight platform color schemes.
Example Request
curl https://api.bitsighttech.com/ratings/v1/defaults -u api_token:
Example Response
{ "subscription_types":[ { "duration":30, "api_key_name":"vendor-selection", "display_name":"Vendor Selection", "name":"vendor_selection_30_days" } […] ], "vendor_access_request_reasons":[ { "description":"Provides general awareness of Bitsight and Bitsight Security Ratings.", "slug":"informational", "name":"Informational" } […] ], "filter_order":[ […] ], "risk_vectors":{ "color_by_grade":{ "A":"#2c4d7f" […] }, "details_by_name":{ "Web Application Headers":{ "category":"Diligence", "impact":"medium", "slug":"application_security", "order":11, "beta":false, "refreshable":true, "id":"http_headers" } […] } }, "relationship_types":[ { "api_key_name":"vendor", "display_name":"Vendor" } […] ], "public_disclosure_categories":[ { "subcategories":[ "Fraud" ], "slug":"other", "name":"Other Disclosure" } […] ], "vendor_action_plan_names":{ "3":[ "escalate" ] […] }, "rating_ranges":{ "basic":{ "color":"#b24053", "max":640, "min":250, "name":"Basic", "description":"Companies with Bitsight Security Ratings in the Basic Rating category have lower Security Ratings, and thus an increased likelihood of data breach. Organizations in this category typically have not implemented best practice IT security policies and procedures, demonstrate evidence of compromised systems on their network, and provide the greatest risk. Basic companies are, on average, 2 - 3x more likely to get breached than Intermediate companies, and companies with a rating of 400 or lower were 5x more likely to experience a publicly disclosed data breach than companies with a security rating of 700 or higher." } […] }, "roles":[ { "presentation":"Portfolio Manager", "slug":"customer_portfolio_manager" } […] ], "risk_categories":[ "Compromised Systems" […] ], "nist_categories":[ { "function":"Detect", "name":"Security Continuous Monitoring", "nist_category_code":"DE.CM", "order":8, "guid":"ac71bb98-bb81-4587-8963-c6e69ebbe32e", "id":"security-continuous-monitoring" } […] ] }
Response Attributes
Field | Description | |||
---|---|---|---|---|
subscription_typesArray |
Supported subscriptions. | |||
Object | A subscription’s details. | |||
durationInteger [ days ] |
If the subscription is time-limited, this is the active duration. | |||
api_key_nameString |
The slug name of the subscription. | |||
display_nameString |
The name of the subscription, as displayed in the Bitsight platform. | |||
nameString |
The internal Bitsight name of the subscription. | |||
vendor_access_request_reasonsArray |
Reasons for collaboration via the Client/Vendor Access Program. | |||
Object | A collaboration reason’s details. | |||
descriptionString |
A description of the collaboration reason. | |||
slugString |
The slug name of the collaboration reason. | |||
nameString |
The name of the collaboration reason, as displayed in the Bitsight platform. | |||
filter_orderArray |
The ordered list of portfolio filters, as displayed in the Bitsight platform. | |||
risk_vectorsObject |
Non-informational risk vectors. | |||
color_by_gradeObject |
Letter grade colors, as displayed in the Bitsight platform. | |||
Letter Grade String |
The color hex code for this letter grade. | |||
details_by_nameObject |
Defaults by risk vector. | |||
Risk Vector Object |
Defaults for this risk vector. | |||
categoryString |
The risk category of this risk vector. | |||
impactString |
The impact of this risk vector on the rating, as conveyed by the Peer Analytics Risk Vector Gap Analysis. | |||
slugString |
The slug name of this risk vector. | |||
orderInteger |
The order of this risk vector among all risk vectors, as displayed in the Bitsight platform. | |||
betaBoolean |
true = This risk vector is currently in beta. Therefore, it does not impact the rating. |
|||
refreshableBoolean |
true = Findings for this risk vector can be refreshed. |
|||
idString |
The unique string ID of this risk vector. | |||
relationship_typesArray |
Company relationship details. | |||
Object | A company relationship’s details. | |||
api_key_nameString |
The API key name of this relationship type. | |||
display_nameString |
The name of this company relationship. | |||
public_disclosure_categoriesArray |
Public Disclosure incident category details. See: | |||
Object | An incident category’s details. | |||
subcategoriesArray |
Incident types within this incident category. | |||
slugString |
The slug name of this incident category. | |||
nameString |
The name of this incident category. | |||
vendor_action_plan_namesObject |
The slug name of each action plan. | |||
Integer Array |
Distinct and configured action plans. | |||
rating_rangesObject |
Rating category details. | |||
Rating Category Object |
Details of this rating category. | |||
colorString |
The color hex code of this rating category, as depicted in the Bitsight platform. | |||
maxInteger |
The maximum rating range of this rating category (<). | |||
minInteger |
The minimum rating range of this rating category (≥). | |||
nameString |
The name of this rating category. | |||
descriptionString |
Why companies are in this rating category. | |||
rolesArray |
User role details. | |||
Object | A user role’s details. | |||
presentationString |
The name of this user role. | |||
slugString |
The API key name of this user role. | |||
risk_categoriesArray |
Risk categories. | |||
nist_categoriesArray |
Bitsight NIST CyberSecurity Frame Report (NIST CSF report) details. | |||
Object | A NIST category’s details. | |||
functionString |
The high-level function of this NIST category, which is supported by Bitsight risk vectors. | |||
nameString |
The name of this NIST category. | |||
nist_category_codeString |
The subcategory code. | |||
orderInteger |
The order of this NIST category within the report. | |||
guidString [ NIST_guid ] |
The unique identifier of this NIST category. | |||
idString |
Category identification. |
- April 1, 2021: Added
name
anddescription
fields forrating_ranges
. - March 8, 2021: Published.
Feedback
0 comments
Please sign in to leave a comment.