Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![New BitSight Features for Security Performance Management SPM](/sites/default/files/styles/4_3_small/public/2022/02/28/New%20BitSight%20Features%20for%20SPM%20SIZED.png.webp?itok=h8kBvfpy)
New features in Bitsight's Security Performance Management (SPM) solution help you quickly get better insights of your attack surface so you reduce the risk of data breaches, ransomware, and cyber attacks.
![Celebrating 10 Years of BitSight: A Co-Founder Looks Back](/sites/default/files/styles/4_3_small/public/migration/images/bitsight%252010th%2520anniversary%2520banner4-1-1_1.png.webp?itok=AQMq1KiJ)
It’s hard to believe, but Bitsight is celebrating our 10 year anniversary this week! I co-founded Bitsight in 2011 with my friend and grad school classmate, Nagarjuna Venna. When I think back at our original idea of creating a global cybersecurity ratings system, I’m surprised that our original thesis and vision still holds true today. It’s been an incredible journey filled with twists and turns, and I wanted to share some thoughts about where we’ve been and where we’re headed in the next decade.
![Meet Our Customer Success Team: André Mártires Agostinho](/sites/default/files/styles/4_3_small/public/migration/images/Customer-Success-Blog-Full_46.png.webp?itok=8mryN1Um)
Check out this Q&A with a US-based member of Bitsight's Customer Success team to learn about her role as an Bitsight Advisor & Customer Success Manager, her experience, and more.
![Meet Our Customer Success Team: André Mártires Agostinho](/sites/default/files/styles/4_3_small/public/migration/images/Customer-Success-Blog-Full_46.png.webp?itok=8mryN1Um)
Check out this Q&A with a London-based member of Bitsight's Customer Success team to learn about her role as an Customer Success Manager, her experience, and more.
![Meet Our Customer Success Team: André Mártires Agostinho](/sites/default/files/styles/4_3_small/public/migration/images/Customer-Success-Blog-Full_46.png.webp?itok=8mryN1Um)
Check out this Q&A with a Lisbon-based member of Bitsight's Customer Success team to learn about her role as an EMEA Customer Success Manager, her experience, and more.
![Meet Our Customer Success Team: André Mártires Agostinho](/sites/default/files/styles/4_3_small/public/migration/images/Customer-Success-Blog-Full_46.png.webp?itok=8mryN1Um)
Check out this Q&A with a US-based member of Bitsight's Customer Success team to learn about her role as a Customer Success Manager, her experience, and more.
![Meet Our Customer Success Team: André Mártires Agostinho](/sites/default/files/styles/4_3_small/public/migration/images/Customer-Success-Blog-Full_46.png.webp?itok=8mryN1Um)
Check out this Q&A with a Lisbon-based member of Bitsight's Customer Success team to learn about his role as a Senior Customer Success Manager, his experience, and more.
![Joint Effort with Microsoft to Disrupt Massive Criminal Botnet Necurs](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_661115089_1.jpg.webp?itok=XlbsTP-G)
Since 2017 Bitsight has been working together with Microsoft’s Digital Crimes Unit (DCU) to understand the inner workings of the Necurs malware, its botnets and command and control infrastructure in order to take disruptive action against the threat, including reverse engineering, malware analysis, modules updates, infection telemetry and command and control updates and forensic analysis. This week, an action took place to disrupt all Necurs botnets, followed by mitigation and eradication actions.
![Forecasting and Advanced Analytics: Building a Solid Security Strategy For 2020](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_450875209_1.jpg.webp?itok=kS62fC-M)
2020 is not only the beginning of a new year, but the start of a new decade, and with it comes the dawn of a new era for the digital world. We’re now in the midst of the once far-off, “futuristic” time periods old books and movies used to dream about. But does your security performance management strategy match the functionality of today’s technology?
![BitSight Honored as CRN® Tech Innovator Award Winner](/sites/default/files/styles/4_3_small/public/migration/images/2019_CRN%2520Tech%2520Innovators_Winner_Social%2520Image_1.jpg.webp?itok=rUBjuOop)
In recognition of our groundbreaking innovation and true differentiation in serving the IT channel, we’re proud to announce that the Bitsight Peer Analytics solution has been selected as a winner in the CRN 2019 Tech Innovator Awards.
![Third-Party Insight into Triada & Related Families](/sites/default/files/styles/4_3_small/public/migration/images/717%2520Triada%2520Blog%2520Graphic_1.jpg.webp?itok=4crdrXqe)
A few weeks ago Google confirmed that there was malware pre-installed on a number of Android devices due to a supply-chain attack. The latest installment was discovered by security researchers from Dr.Web who have been investigating this situation for several years as it was already theorized by security researchers back in July 2017 that these infections originated as part of a supply-chain attack. In this instance, these devices were pre-installed with Triada, a form of Android malware that has been studied and reported on by Kaspersky and most recently Google in its attempt to surface this critical information to users and the wider community.
![Data Insights on the BlueKeep Vulnerability](/sites/default/files/styles/4_3_small/public/migration/images/bigstock-Close-Up-Laptop-Computer-And-T-290302069_1.jpg.webp?itok=HuQiTlCQ)
On May 14th, Microsoft issued a warning about the BlueKeep vulnerability (CVE-2019-0708) affecting Remote Desktop Services Protocol (RDP), a component common in most versions of Microsoft Windows that allows remote access to its graphical interface. This vulnerability, if exploited by an external attacker, will lead to full system compromise, without requiring any form of authentication or user interaction.
![BitSight Security Ratings Platform Expands Its Visibility in Compromised Systems](/sites/default/files/styles/4_3_small/public/migration/images/bigstock-cybercrime-hacking-and-techno-239309626_1.jpg.webp?itok=vqoYygdC)
Since creating the Security Ratings market in 2011, a core component of Bitsight’s value to users has been providing industry-leading comprehensive visibility into malware communications.
![Fraudulent Android Advertising SDK Installed In Over 15 Million Devices](/sites/default/files/styles/4_3_small/public/migration/images/bigstock-Wroclaw-Poland--Jan------282826726_1.jpg.webp?itok=0JuQVZje)
Every day, Bitsight monitors the global threat landscape in a constant effort to identify software that may be placing users and organizations at risk. The presence of malware — or simply potentially unwanted applications — in an organization is an indicator that some security controls may be failing, or that some additional measures should be taken.
![Advanced Security Benchmarking with BitSight Peer Analytics](/sites/default/files/styles/4_3_small/public/migration/images/Peer%2520Analytics%2520Laptop%2520Blog%2520Header_1.jpg.webp?itok=R2eMRhSX)
Based on security performance data of hundreds of thousands of global organizations, Peer Analytics gives security and risk leaders visibility into the relative performance of their cybersecurity programs against a meaningful set of peers. These analytics help them set achievable performance targets based on their Bitsight Security Rating, effectively allocate limited resources, and efficiently prioritize security efforts with a focus on continuous program improvement.
Peer Analytics provides companies with a more granular view of their security rating. It is based on hundreds or thousands of companies (a broader set of similar organizations) that allow you to see where there are gaps in your security performance: at the ratings level, risk vector grade level, and at the vector detail event level.
Peer Analytics: Analyze, Prioritize, Act
Today, security and risk leaders use Peer Analytics to:
Set achievable security goals based on relative performance withi
Peer Analytics provides companies with a more granular view of their security rating. It is based on hundreds or thousands of companies (a broader set of similar organizations) that allow you to see where there are gaps in your security performance: at the ratings level, risk vector grade level, and at the vector detail event level.
Peer Analytics: Analyze, Prioritize, Act
Today, security and risk leaders use Peer Analytics to:
Set achievable security goals based on relative performance withi