Skip to main content
Security Performance Management
Continuous Monitoring
Vendor Risk Management
Trust Management Hub
Cyber Insurance
National Cybersecurity

Continuous Coverage Expansion - December 2025 Update

Erin Conry

Enhancements to Bitsight’s asset discovery will deliver greater visibility into Bitsight customers’ attack surface, improve exposure detection and risk reduction.

For new domain assets resulting from the continuous coverage expansion the grace period allows time to:

  • Analyze: Prioritize the new findings, identify owners, and actions.
  • Remediate: Fix new negative findings during the incubation period to prevent similar future issues from affecting the rating

This Continuous Coverage Expansion release covers the following features:

  • New GIA domain attribution (with daily refresh):
  • With the upcoming improvements in automated attribution, the domain asset coverage will increase 10% - arriving with a ninety day Grace Period.
  • Faster refresh cycles: We’ll cover key Bitsight entity inventory with a 1-day cycle of attribution, contributing to accuracy and reduced staleness. For now, WHOIS Domains, Certificate and DNS IP attribution is included. 
  • Enhance current attribution rules: With the full GIA migration near completion, we’ll have a fully new attribution engine where we can solve for problems at scale, focusing redaction and false negatives.
  • Upcoming new automations: Redirect based automation, more use of HTML content and more domain and IP discoverability capabilities will be introduced in the next months.

Any updates arriving from GIA under “Continuous Coverage Expansion” are global for all customers.

 

Frequently Asked Questions

Will these WHOIS domains appear differently in attribution on Portals? 
→ No. It’s the same source (WHOIS), only in Grace Period.

When is the grace period over and Rating impact starts happening? 
→ All net new domains found through GIA will have a grace period end date of 12th of April 26, regardless of the date they’re found

What will happen to the current WHOIS domains that are attributed?
→ They will stay at first and then will be removed. We’re launching GIA based automation while keeping the legacy automation also running in order to reduce impact in attribution and ratings from switching one for the other
→ When we phase off the old automation in the upcoming months the previously attributed WHOIS domains will be removed but we’ll ensure that there’s a >90% overlap with the GIA WHOIS domains
→ This also means we’re benefiting from getting new Domains faster but we're not discontinuing the potentially stale ones fast enough because the old automation is still a source of truth.

Was this article helpful?
1 out of 1 found this helpful
Return to top

Related articles

Feedback

0 comments

Please sign in to leave a comment.