Security Performance Management
Continuous Monitoring
Cyber Insurance
National Cybersecurity

Articles in this section

See more

Continuous Monitoring Application

Avatar
Ingrid
Follow
  • July 27, 2023: “TPRM” renamed to “Continuous Monitoring”; Design update.
  • November 15, 2022: Vulnerability Detection now available.
  • October 12, 2022: Infrastructure page now available.

The Continuous Monitoring application is optimized for third party risk management (TPRM) workflows. It provides an overview of your portfolio and in-depth analysis tools that gives your organization deeper insights to its portfolio quality across industries, folders, tiers, and rating categories.

  • Use the App Switcher, located at the top of the left navigation menu, to toggle between applications.
  • The Context Switcher dropdown, located in the top actions bar, allows you to select from one of your subscribed companies or your most recently viewed companies. The data on the functional pages is synced to the selected company.

Navigation Overview

Navigation Menu

Use the toggle, on the bottom left, to expand or collapse the menu at any time to get a wider view of the data.

Prioritize your third-party remediation strategy for a particular company.

Menu Section Description
Dashboard The Portfolio Dashboard surfaces the most important information regarding your portfolio and serves as the launching pad for third-party risk management workflows and to other parts of the Bitsight platform.
Risk Program Setup Set up Bitsight to create a clear picture of cyber risk aligned to your organization’s risk tolerance.
  Alert Settings Ease your workload with automated and customized notifications. Set up and manage alert settings to best meet the needs of your risk tolerance for when to be notified on changes in risk.
Folder Management Folders can be used to organize your portfolio to better understand the security performance of certain groups of companies, such as IT vendors and companies in your organization. Folder Management is where you set up and manage your folders.
Tier Settings Tiering is one of the first steps in the TPRM process and it sets the stage for everything that follows. Tiers are used in the Portfolio Risk Matrix to prioritize companies in your portfolio based on their criticality to your organization and their security risk. Tier Settings is where you set up and manage your tiers. NOTE: This page is only available for Admins, Group Admins, and Portfolio Managers.
Portfolio Risk Provides views specific to the overall portfolio of companies that you are monitoring in Bitsight.
  Companies List Provides an overview of your subscribed companies.
Compare Companies Allows you to select individual companies to compare ratings with companies in your portfolio and see their progress over time.
Expired Subscriptions View companies that you were previously subscribed to and monitoring in Bitsight.
Vendor Risk Provides views specific to an individual company that you are monitoring within Bitsight.
  Overview The selected company’s security rating overview and company information.
Ratings Tree A depiction of the selected organization’s company hierarchy within the Bitsight platform.
Assessments Quickly identify red flags for cyber risk with objective data aligned to standard and custom questionnaires.
Rating Details A breakdown of the selected company’s risk, drilling into the individual risk vectors.
Findings The culmination of observed internet traffic and configurations, providing a single place to sort, filter, analyze, comment on, track remediation efforts, and export findings.
Assets Hostnames/domains and IP addresses that are attributed to the selected company.
Remediation Prioritize your third-party remediation strategy for the selected company.
Infrastructure Externally-facing IP addresses and CIDR blocks that are attributed to the selected company.
4th Party Risk Manage your fourth parties by identifying the areas of concentrated cyber risk. Automatically pinpoint connections between any organization, its business partners, and potentially risky fourth parties, and then determine if the relationship fits into your business and information security strategy.
  Overview Get an overview of your fourth party ecosystem.
  • See the most common fourth party service providers to your third parties and what risks they might introduce.
  • Determine which fourth party products are the most important, based on the number and importance of the third party domains that they support.
Service Providers View products provided by service providers across your fourth party ecosystem.
Products Determine which fourth party company to subscribe to or view the companies that are dependent on a particular service provider or product.
Vulnerability Detection Access and manage vulnerabilities and exposures - including major security events - to find and remediate threats more quickly within their vendor portfolio.
Collaboration Track vendor outreach requests made by you or your colleagues and see where your vendor or clients are in the collaboration process.
Alerts Alerts allow you to take immediate action on ratings changes, infections, or vulnerabilities impacting companies in your portfolio.
  Portfolio Alerts Set up alerts for your Total Risk Monitoring or Risk Monitoring portfolio.
4th Party Alerts Set up alerts for your fourth party portfolio.
Reports Reporting on the data of companies in your portfolio, which can be used to discuss critical third party risks and also help drive business decisions with senior executives and an organization’s Board of Directors. Reports ease the burden of having to manually gather aggregate cyber security risk data and it translates complex security topics into actionable business metrics.

Related articles