Skip to main content
Security Performance Management
Continuous Monitoring
Vendor Risk Management
Trust Management Hub
Cyber Insurance
National Cybersecurity

Continuous Monitoring Application

Ingrid

The Continuous Monitoring application is optimized for third party risk management (TPRM) workflows. It provides an overview of your portfolio and in-depth analysis tools that gives your organization deeper insights to its portfolio quality across industries, folders, tiers, and rating categories.

  • Use the app-switcher.png App Switcher, located at the top of the left navigation menu, to toggle between applications.
  • The context switcher dropdown, located in the top actions bar, allows you to select from one of your subscribed companies or your most recently viewed companies. The data on the functional pages is synced to the selected company.

Navigation Overview

Use the collapse.png toggle, on the bottom left, to expand or collapse the menu at any time to get a wider view of the data.

Prioritize your third-party remediation strategy for a particular company.

Dashboard

Menu Icon: menu-dashboard.png Dashboard

The Portfolio Dashboard surfaces the most important information regarding your portfolio and serves as the launching pad for third-party risk management workflows and to other parts of the Bitsight platform.

Risk Analytics

Menu Icon: menu-risk-analytics.png Risk Analytics

Risk Analytics connects risk data into risk insights through the Marsh McLennan likelihood of breach and the Bitsight, “Bitsight Security Ratings' Correlation to Ransomware” studies.

Risk Program Setup

Menu Icon: menu-risk-program-setup.png Risk Program Setup

The Risk Program Setup contains functionality to set up Bitsight to create a clear picture of cyber risk aligned to your organization’s risk tolerance.

Alert Settings

Use Alert Settings to ease your workload with automated and customized notifications. Set up and manage alert settings to best meet the needs of your risk tolerance for when to be notified on changes in risk.

Folder Management

Folders can be used to organize your portfolio to better understand the security performance of certain groups of companies, such as IT vendors and companies in your organization. Folder Management is where you set up and manage your folders.

Tier Settings

Tiering is one of the first steps in the TPRM process and it sets the stage for everything that follows. Tiers are used in the Portfolio Risk Matrix to prioritize companies in your portfolio based on their criticality to your organization and their security risk. Tier Settings is where you set up and manage your tiers.

Vendor Access Links is where you generate access links to distribute to vendors.

Portfolio Risk

Menu Icon: menu-portfolio-risk.png Portfolio Risk

The Portfolio Risk menu provides views specific to the overall portfolio of companies that you are monitoring in Bitsight.

Companies List

Companies List provides an overview of your subscribed companies.

Critical Assets

Critical Assets provides a comprehensive visibility into digital asset intersections with vendors.

Compare Companies

Compare Companies allows you to select individual companies to compare ratings with companies in your portfolio and see their progress over time.

Expired Subscriptions

Use Expired Subscriptions to view companies that you were previously subscribed to and monitoring in Bitsight.

Vendor Risk

Menu Icon: menu-vendor-risk.png Vendor Risk

The Vendor Risk menu provides views specific to an individual company that you are monitoring within Bitsight.

[Vendor Risk] Overview

The Overview page in the Vendor Risk menu shows the selected company’s security rating overview and company information.

Ratings Tree

The Ratings Tree depicts the selected organization’s company hierarchy within the Bitsight platform.

Assessments

Use Assessments to quickly identify red flags for cyber risk with objective data aligned to standard and custom questionnaires.

Rating Details

Rating Details provides a breakdown of the selected company’s risk, drilling into the individual risk vectors.

Findings

Findings are the culmination of observed internet traffic and configurations, providing a single place to sort, filter, analyze, comment on, track remediation efforts, and export findings.

Assets

Assets are hostnames/domains and IP addresses that are attributed to the selected company.

Remediation

Use the Remediation page to prioritize your third-party remediation strategy for the selected company.

Infrastructure

Infrastructure is externally-facing IP addresses and CIDR blocks that are attributed to the selected company.

4th Party Risk

Menu Icon: menu-4th-party-risk.png 4th Party Risk

Manage your fourth parties by identifying the areas of concentrated cyber risk. Automatically pinpoint connections between any organization, its business partners, and potentially risky fourth parties, and then determine if the relationship fits into your business and information security strategy.

[4th Party Risk] Overview

Use the Overview page in the 4th Party Risk menu to get an overview of your fourth party ecosystem.

  • See the most common fourth party service providers to your third parties and what risks they might introduce.
  • Determine which fourth party products are the most important, based on the number and importance of the third party domains that they support.

Service Providers

Use the Service Providers page to view products provided by service providers across your fourth party ecosystem.

Products

Use the Products page to determine which fourth party company to subscribe to or view the companies that are dependent on a particular service provider or product.

Vulnerability Detection

Menu Icon: menu-vulnerability-detection.png Vulnerability Detection

Access and manage vulnerabilities and exposures - including major security events - to find and remediate threats more quickly within their vendor portfolio.

Collaboration

Menu Icon: menu-collaboration.png Collaboration

Track vendor outreach requests made by you or your colleagues and see where your vendor or clients are in the collaboration process.

Alerts

Menu Icon: menu-alerts.png Alerts

Alerts allow you to take immediate action on ratings changes, infections, or vulnerabilities impacting companies in your portfolio.

Portfolio Alerts

Use the Portfolio Alerts page to set up alerts for your Total Risk Monitoring or Risk Monitoring portfolio.

4th Party Alerts

Use the 4th Party Alerts page to set up alerts for your fourth party portfolio.

Reports

Menu Icon: menu-reports.png Reports

Reporting on the data of companies in your portfolio, which can be used to discuss critical third party risks and also help drive business decisions with senior executives and an organization’s Board of Directors. Reports ease the burden of having to manually gather aggregate cyber security risk data and it translates complex security topics into actionable business metrics.

  • February 4, 2025: Critical Assets page.
  • January 27, 2025: Added Vendor Access Links page.
  • December 20, 2023: Risk Analytics page.

Related articles

Feedback

0 comments

Please sign in to leave a comment.