Skip to main content
Security Performance Management
Continuous Monitoring
Vendor Risk Management
Trust Management Hub
Cyber Insurance
National Cybersecurity

Continuous Monitoring Application

Ingrid

The Continuous Monitoring application is optimized for third party risk management (TPRM) workflows. It provides an overview of your portfolio and in-depth analysis tools that gives your organization deeper insights to its portfolio quality across industries, folders, tiers, and rating categories.

  • Use the app-switcher.png App Switcher, located at the top of the left navigation menu, to toggle between applications.
  • The context switcher dropdown, located in the top actions bar, allows you to select from one of your subscribed companies or your most recently viewed companies. The data on the functional pages is synced to the selected company.

Use the collapse.png toggle, on the bottom left, to expand or collapse the menu at any time to get a wider view of the data.

Prioritize your third-party remediation strategy for a particular company.

Dashboard

Menu Icon: menu-dashboard.png Dashboard

The Portfolio Dashboard surfaces the most important information regarding your portfolio and serves as the launching pad for third-party risk management workflows and to other parts of the Bitsight platform.

Risk Analytics

Menu Icon: menu-risk-analytics.png Risk Analytics

Risk Analytics connects risk data into risk insights through the Marsh McLennan likelihood of breach and the Bitsight, “Bitsight Security Ratings' Correlation to Ransomware” studies.

Portfolio Risk

Menu Icon: menu-portfolio-risk.png Portfolio Risk

The Portfolio Risk menu provides views specific to the overall portfolio of companies that you are monitoring in Bitsight.

[Portfolio Risk] Companies List

Get an overview of your subscribed companies.

[Portfolio Risk] Assessments (FI)

[Portfolio Risk] Critical Assets

Get comprehensive visibility into digital asset intersections with vendors.

[Portfolio Risk] Risk Analytics

[Portfolio Risk] Compare Companies

Select individual companies to compare ratings with companies in your portfolio and see their progress over time.

[Portfolio Risk] Vendor Discovery

[Portfolio Risk] Expired Subscriptions

View companies that you were previously subscribed to and monitoring in Bitsight.

Vendor Risk

Menu Icon: menu-vendor-risk.png Vendor Risk

The Vendor Risk menu provides views specific to an individual company that you are monitoring within Bitsight.

[Vendor Risk] Overview

Shows the selected company’s security rating overview and company information.

[Vendor Risk] Framework Intelligence

Upload vendor documentation (e.g., SOC 2 reports, Cyber Assurance Policies) and receive a compliance assessment mapped to frameworks like SIG LITE 2025. It leverages generative AI to surface control gaps, summarize evidence, and support faster, more scalable third-party assessments.

[Vendor Risk] Assessments

Quickly identify red flags for cyber risk with objective data aligned to standard and custom questionnaires.

[Vendor Risk] Rating Details

Provides a breakdown of the selected company’s risk, drilling into the individual risk vectors.

[Vendor Risk] Findings

Findings are the culmination of observed internet traffic and configurations, providing a single place to sort, filter, analyze, comment on, track remediation efforts, and export findings.

[Vendor Risk] Ratings Tree

Depicts the selected organization’s company hierarchy within the Bitsight platform.

[Vendor Risk] Infrastructure

Infrastructure is externally-facing IP addresses and CIDR blocks that are attributed to the selected company.

[Vendor Risk] Remediation

Prioritize your third-party remediation strategy for the selected company.

Vulnerability Detection

Menu Icon: menu-vulnerability-detection.png Vulnerability Detection

Access and manage vulnerabilities and exposures - including major security events - to find and remediate threats more quickly within their vendor portfolio.

Fourth Party Risk

Menu Icon: menu-4th-party-risk.png Fourth Party Risk

Manage your fourth parties by identifying the areas of concentrated cyber risk. Automatically pinpoint connections between any organization, its business partners, and potentially risky fourth parties, and then determine if the relationship fits into your business and information security strategy.

[Fourth Party Risk] Overview

Get an overview of your fourth party ecosystem.

  • See the most common fourth party service providers to your third parties and what risks they might introduce.
  • Determine which fourth party products are the most important, based on the number and importance of the third party domains that they support.

[Fourth Party Risk] Service Providers

View products provided by service providers across your fourth party ecosystem.

[Fourth Party Risk] Products

Determine which fourth party company to subscribe to or view the companies that are dependent on a particular service provider or product.

Alerts

Menu Icon: menu-alerts.png Alerts

Alerts allow you to take immediate action on ratings changes, infections, or vulnerabilities impacting companies in your portfolio.

[Alerts] Portfolio Alerts

Set up alerts for your Total Risk Monitoring or Risk Monitoring portfolio.

[Alerts] Fourth Party Alerts

Set up alerts for your fourth party portfolio.

Reports

Menu Icon: menu-reports.png Reports

Reporting on the data of companies in your portfolio, which can be used to discuss critical third party risks and also help drive business decisions with senior executives and an organization’s Board of Directors. Reports ease the burden of having to manually gather aggregate cyber security risk data and it translates complex security topics into actionable business metrics.

Collaboration

Menu Icon: menu-collaboration.png Collaboration

Track vendor outreach requests made by you or your colleagues and see where your vendor or clients are in the collaboration process.

Portfolio Settings

Menu Icon: menu-risk-program-setup.png Risk Program Setup

The Risk Program Setup contains functionality to set up Bitsight to create a clear picture of cyber risk aligned to your organization’s risk tolerance.

[Portfolio Settings] Alert Settings

Ease your workload with automated and customized notifications. Set up and manage alert settings to best meet the needs of your risk tolerance for when to be notified on changes in risk.

[Portfolio Settings] Folder Management

Folders can be used to organize your portfolio to better understand the security performance of certain groups of companies, such as IT vendors and companies in your organization. Folder Management is where you set up and manage your folders.

[Portfolio Settings] Tier Settings

Tiering is one of the first steps in the TPRM process and it sets the stage for everything that follows. Tiers are used in the Portfolio Risk Matrix to prioritize companies in your portfolio based on their criticality to your organization and their security risk. Tier Settings is where you set up and manage your tiers.

  • November 13, 2025: Reorganized navigation setting to reflect application view
  • August 7, 2025: Fourth party alerts.
  • July 24, 2025: Framework Intelligence page.
  • February 4, 2025: Critical Assets page.
  • January 27, 2025: Added Vendor Access Links page.
Was this article helpful?
9 out of 10 found this helpful
Return to top

Related articles

Feedback

0 comments

Please sign in to leave a comment.