Skip to main content
Applications
Security Posture Management
Continuous Monitoring
Vendor Risk Management
Trust Management Hub
Cyber Insurance
National Cybersecurity
Bitsight API docs
Bitsight Academy
Viewing as guest:
Log In
Sign in
Submit a request
Bitsight Knowledge Base
Bitsight Data
Bitsight Data
Learn about Bitsight data, including risk types (risk categories & risk vectors), findings, assets.
Risk Category: Compromised Systems
Compromised Systems Risk Category
Compromised System Destination IP Disclosure Policy
Botnet Infections Risk Vector
Spam Propagation Risk Vector
Malware Servers Risk Vector
Unsolicited Communications Risk Vector
See all 7 articles
Risk Category: Diligence
Diligence Risk Category
Understanding the SPF Domains Risk Vector
DKIM Records Risk Vector
TLS/SSL Certificates Risk Vector
TLS/SSL Configurations Risk Vector
Open Ports Risk Vector
See all 27 articles
Risk Category: User Behavior
User Behavior Risk Category
File Sharing Risk Vector
File Sharing Categories
Exposed Credentials Risk Vector
Risk Category: Public Disclosures
Public Disclosures Risk Category
Security Incidents Risk Vector
Other Disclosures Risk Vector
Bitsight Security Ratings Correlate to Breaches
Marsh McLennan Study: Correlation Between Bitsight Analytics and Cybersecurity Incidents
Assets
What is an Asset?
Asset Importance
Asset Types
How Assets are Detected and Identified
Attribution Data
Attribution Explainability
Attribution Relation
Grace Period for Company-Provided Infrastructure
Impacts Risk Vector Grade
The Graph of Internet Assets
Classification Methods
Risk Categories: Overview
Finding Severity
Botnet Infections Finding Considerations
Spam Propagation Finding Considerations
Malware Servers Finding Considerations
Unsolicited Communications Finding Considerations
See all 10 articles
Collaboration & Connections
Collaboration Reasons
Collaboration Status
Connection Email Templates
Vendor Connections
Control Insights Data
Insights to Control Framework Mapping
Insights to Control Framework Mapping: Browser Configurations
Insights to Control Framework Mapping: Detected Services
Insights to Control Framework Mapping: Device Management
Insights to Control Framework Mapping: DNS Configurations
Insights to Control Framework Mapping: Email Configurations
See all 17 articles
Delegated Security Controls
Delegated Security Controls Overview
Findings Impact of Delegated Security Controls
How Companies with Delegated Security Controls are Identified
How Companies with Delegated Security Controls are Presented
Findings
What is a Finding?
Finding Behavior
Findings Search Fields
Compromised System Findings
Botnet Infection Findings
Spam Propagation Findings
See all 28 articles
Finding Messages
SPF Domains Findings Messages and Remediation Tips
DKIM Records Findings Messages and Tips for Remediation
TLS/SSL Certificates Finding Messages
TLS/SSL Configurations Finding Messages
Open Port Finding Messages: Detected Services
Open Port Finding Messages: Typical Services
See all 14 articles
Findings: Troubleshooting
How to Access OCR/HHS Breach Reports
Lifetime and Offline Assets: Frequently Asked Questions
Troubleshooting Insecure Systems Service: NetBios
Why Do I Have a Bad DMARC Finding?
Why Is My DKIM Grade a C When I Have No Findings?
Why Is My SPF Domains Grade an F When I Have No Findings?
See all 9 articles
Data Collection Methods
Priority Scanning
Crawlers
Requesting a New Vulnerability
Compromised Systems Events Proven to be Originating from Testing Environments
Threat Research Process
Reporting a Public Disclosures Event
See all 29 articles
Infrastructure Data
Changes to Shell Companies
Company-Provided Assets: Messages, Reasons, & Statuses
Control and Responsibility for IP Addresses and Domains
Infrastructure Change Types
Normalization
What is a Shell Company?
Network Map & Company Information
Bitsight Inventory Status
Company ID
Company Mapping Scenarios
Company Metadata
Company Relationships
Company Request Statuses
See all 25 articles
Rating Designations
Automated Ratings
Rating Designations
Fourth Parties
Low Confidence Ratings
Primary Ratings
Self-Published Companies
Service Provider Details
Fourth Party Business Functions
Content Management System Products and Their Risks
Customer Relationship Management Products and Their Risks
Enterprise Products and Their Risks
Finance Products and Their Risks
Human Resources Products and Their Risks
See all 9 articles
Standards & Authorities
Accepted Accounting Standards
Certificate Authorities
Cookie Assessment Exclusion
Cross-Domain Subresource Integrity Exclusion
Regional Internet Registries (RIR WHOIS)
Supported Operating Systems
See all 10 articles
Vendor Risk Management & Trust Management Hub Data
Artifacts
Assessment Life Cycle Stages
Data Residency
Finding Criticality
Instant Insights Data and Technologies for VRM and TMH
Multi-Profiles
See all 9 articles
Vendor Information
Bitsight VRM: Company Info Panel
Bitsight VRM: Financials Panel
Bitsight VRM: Internal Information Panel
Vendor Tags
Vulnerabilities & Infections
Apache ActiveMQ Remote Code Execution [CVE-2023-46604]
ArcaneDoor Vulnerabilities [CVE-2024-20353, CVE-2024-20359]
Atlassian Confluence Data Center and Server Template Injection [CVE-2023-22527]
Atlassian Confluence Data Center and Server [CVE-2023-22515]
Barracuda Email Security Gateway [CVE-2023-2868]
Cisco Adaptive Security Appliance (ASA) Software Brute Force [CVE-2023-20269]
See all 33 articles
Glossaries
Diffie-Hellman Primes and Keys
Forms of Attacks
Glossary of Terms
Glossary of Terms - File Sharing
Glossary of Terms - Public Disclosures
Glossary of Terms - Server Software
See all 26 articles