Rating Methodologies
- How are Bitsight Security Ratings Calculated?
- What is a Bitsight Security Rating?
- Vulnerability Severity: Bitsight Severity & CVSS
- How are Bitsight Security Ratings Calculated Within Parent-Subsidiary Relationships?
- Risk Vector Grading with Insufficient Data
- User Count Thresholds for Grading Desktop and Mobile Software Risk Vectors
- Why Do Bitsight Security Ratings Fluctuate?
- Web Application Header Finding Grades
- What Content-Security-Policy (CSP) Directives are Assessed?
- OS & Browser Version Evaluation
- Software Support Life Cycle & End-of-Life Policy
- Web Application Security Assessment: Cross-Site Scripting
- Web Application Security Assessment: Components with Known Vulnerabilities
- Web Application Security Assessment: Broken Authentication and Access Control
- Web Application Security Assessment: Sensitive Data Exposure
- Web Application Security Assessment: Security Misconfiguration