- July 28, 2023: “TPRM” app renamed to “Continuous Monitoring.”
- March 10, 2023: Specified app.
- April 13, 2022: Filter sets now available.
The Companies List (which contains folders, subscriptions, and tiers) allows you to:
- Get deep insights into portfolio quality.
- Organize companies into folders or tiers.
- Share your folders with colleagues.
- Search for companies affected by vulnerabilities or particular infections.
- Download portfolio reports, industry ratings, or company ratings.
- View any company in your portfolio.
- Identify third party risk that requires review or action with the Action Plan.
Navigation Options
CM App: Portfolio Risk ➔ Companies List.
Select the Download button at the top-right to download your Companies List (.csv).
Search
Refine your Companies List by using:
- The context switcher at the top actions bar filter by your portfolio.
- The search bar at the top-right of the table to search for a company by their name or domain.
- Apply filters to filter the data in the table.
If a company is not yet listed, submit a request to add that company to the Bitsight inventory (company request).
Fields
❖ Select the Customize Columns button to customize fields that are included in the table.
| Field | Description |
|---|---|
| Actions |
Use the
This column cannot be removed. |
| Company | The name of the organization. |
| Industry❖ | The primary industry sector of the company. |
| Life Cycle | The life cycle stage. |
| Primary Domain❖ | The main website associated with the organization. |
| Relationship | The company relationship. |
| Security Rating | A number from 250 - 900 indicating the organization’s security performance.
The upper and lower edges of this range are currently reserved for future use. The current achievable range is 300-820.
|
| Sub-Industry❖ | The more granular industry of the company. |
| Subscription Type | How your organization is subscribed to the company. Subscription types dictate the length of access and level of detail. |
| Tier | Companies in Tiers, prioritized by inherent risk. |
| Trend | A visual representation of the company’s Bitsight Security Ratings during the last year. |
Filters
Use the following filters or select a filter set to refine your search.
| Filter | Description | Values |
|---|---|---|
| Folder | Companies in folders, categorized by the importance of the company. | Folder name. |
| Tier | Prioritize portfolio companies based on their criticality to your organization and their security risk. |
|
| Subscription Type | Filter by subscription type. | Subscription name. |
| Vendor Action Plan | The level of action to take. | Action plan. |
| Relationship | The type of relationship between your organization and a particular company. | Relationship type. |
| Life Cycle | Stages of a portfolio company’s life cycle in your TPRM program’s operational workflows. | Life cycle stage. |
| Security Rating | A number between 250 to 900 representing a company’s cybersecurity posture. | Security ratings range. |
| Industry | The company’s industry. | Industry name. |
| Country | Companies with at least 1 IP address that geolocates to the selected country. | Country name. |
| Rating Type | The type of Bitsight Security Rating Report. |
|
| Risk Vector Grade | How a company is performing in particular risk type. | Letter grades A through F. |
| Infections | Companies affected by selected infections. | Malware name. |
| Vulnerabilities | Companies that are affected by a particular flaw or weakness in a system’s design, implementation, or operation and management that could be exploited to violate the system’s security policy. | Vulnerability name or Common Vulnerabilities and Exposures (CVE) identifier. |
| Open Ports | Ports that are exposed to the Internet. |
|
| Public Disclosures | Possible incidents of undesirable access to a company’s data. | Incident category: |
| Software | Find third parties that are using unsupported software (out-of-date, missing latest vendor updates). They are open to certain security risks until they update. |
|
| Service Provider | Companies that handle or deliver services for other companies, such as web hosting, certificate signing, cloud infrastructure services, and email hosting. | Service provider name. |
| Service Provider | Companies that handle or deliver services for other companies, such as web hosting, certificate signing, cloud infrastructure services, and email hosting. | Service provider name. |
| Product | Products provided by a service provider. | Product name. |
| Product Type | The category of the service provided by the service provider’s product. | Product type. |