Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![What’s Behind Your Risk Matrix?](/sites/default/files/styles/4_3_small/public/migration/images/bigstock-Matrix-Data-Stream-Design-Ele-270231442_1.jpg.webp?itok=Ufdot2HV)
This quarter, Bitsight released several new product features that enable organizations to more rapidly assess, prioritize and manage cyber risk. These new capabilities — the Portfolio Risk Matrix and Asset Risk Matrix — leverage Bitsight’s market-leading data to provide risk prioritization, helping customers address the most important risks within their own environment as well as their broader third-party ecosystem.
![Cybersecurity in Europe is Improving: Thank You GDPR?](/sites/default/files/styles/4_3_small/public/migration/images/bigstock--219346900_1.jpg.webp?itok=6n15gyLr)
After years of debate over whether to impose new cybersecurity regulations on companies, General Data Protection Regulation (GDPR) laws went into effect in Europe in May 2018. Already we’ve seen several data breach victims ordered to pay fines under the new rules and cookie disclosure notices are popping up on more websites than ever.
![Forecasting: The Missing Link in Your Annual Security Performance Planning Process](/sites/default/files/styles/4_3_small/public/migration/images/11.29-Forecasting-Blog-Header-Image_1.jpg.webp?itok=HB-lM65g)
When it comes to security performance management within your organization, how do your security teams measure performance? If they’re using security ratings, they know that this objective, quantitative measurement is an effective place to start when evaluating performance in certain areas.
![Forrester Recognizes BitSight as a Leader in Cybersecurity Risk Rating Solutions](/sites/default/files/styles/4_3_small/public/migration/images/bigstock--------223858897_2.jpg.webp?itok=bMn39N9F)
This past Tuesday, Bitsight was named a Leader in The Forrester New Wave™: Cybersecurity Risk Rating Solutions, Q4 2018 evaluation. This report evaluates the current offering and strategy of vendors in a particular technology market, such as security ratings. This is significant, as this is the first analyst report that has a core focus on evaluating security ratings services solutions side-by-side.
![5 Reasons Not To Miss BitSight’s Inaugural EXCHANGE Event](/sites/default/files/styles/4_3_small/public/migration/images/18-BITS-1000-Linkedin-1200x627-Tier2-2_1.jpg.webp?itok=Lx2JYOG3)
On October 9th & 10th, Bitsight will host EXCHANGE, the premier event for security and risk professionals, at the Intercontinental New York Times Square. Over the course of this one-day event, distinguished business and technology leaders will discuss the current and evolving state of cybersecurity, best practices for addressing cyber threats, and how to both prioritize and focus risk management efforts within an organization.
![A Forward-Looking View Into Security Performance](/sites/default/files/styles/4_3_small/public/migration/images/bigstock--195359497_1.jpg.webp?itok=SJHgxD5p)
For the last five years, Bitsight Security Ratings have been helping companies gain insight into the efficacy of their security programs, as well as the security performance of third and fourth party vendors. Today, the Bitsight Security Rating platform provides a year’s worth of data on all companies to paint a comprehensive picture of a company’s security posture over time.
![Optimizing Our Test Infrastructure](/sites/default/files/styles/4_3_small/public/migration/images/bigstock-Programmer-Hands-Working-At-Ho-252378223_1.jpg.webp?itok=RRHn_GIo)
Bitsight is moving fast, but we don’t want to sacrifice code quality for speed, which is why tests have always played an important role in our development process. Although we are not doing TDD (Test-driven development), one of the key requirements for doing test heavy development is that the full test suite should be fast. If running all tests takes less than 5 minutes, developers are more likely to run them frequently and keep adding more tests. However, Bitsight's portal application is a bit of a monolith and takes longer than we would like to run test suites.
![BitSight Offers Valuable Insight Into Breach Trends](/sites/default/files/styles/4_3_small/public/migration/images/bigstock-Fintech-Icon-On-Abstract-Fina-226174948_2.jpg.webp?itok=Irj15Jpw)
Over the last several months, members of our product team have been working to aggregate all of Bitsight’s security ratings data and highlight important insights about patterns in data breaches. In fact, Bitsight boasts one of the largest data breach data sets. Of course, this only highlights what data Bitsight has visibility into; with the largest sinkholing infrastructure in the world and the security posture of over 130,000 organizations, we have the most comprehensive view into global breach trends.
![BitSight Competes in Annual Boston Children's Hospital Corporate Cup](/sites/default/files/styles/4_3_small/public/migration/images/display_AAA983__IMG_9981-966957-edited_1.jpg.webp?itok=AovYjX0F)
On July 12th, eighteen Bitsight employees participated in the Boston Children’s Hospital Corporate Cup. This is an annual event where local Boston companies from across all sectors compete against each other for a good cause: raising one million dollars for the children at Boston Children’s Hospital.
![BitSight Releases New VPNFilter & Oracle Weblogic Vulnerability Identification Filters](/sites/default/files/styles/4_3_small/public/migration/images/Woman-Desktop-Security-Ratings-Overview-3_1.png.webp?itok=Dvs5UCQd)
Within the Bitsight Security Ratings platform, we prioritize features that help organizations both identify and manage risks across their own networks and the networks of their third parties. Bitsight now enables users to identify organizations who are potentially vulnerable to VPNFilter malware or Oracle’s WebLogic server problems.
![BitSight Raises $60 Million in Series D Funding To Further Cement Status as Security Ratings Leader](/sites/default/files/styles/4_3_small/public/migration/images/7.2-Blog-BitSight-Series-D_2.jpg.webp?itok=XE-XwYsJ)
Last Thursday, Bitsight announced the closing of our Series D Round of funding. Not only is this important for our company, it is also extremely significant for the security and risk market as a whole.
![BitSight Joins Local Boston Companies Participating in Annual Pride Parade](/sites/default/files/styles/4_3_small/public/migration/images/BitSight-Boston-Pride-2_1.png.webp?itok=850LYmbN)
On June 9th, a Bitsight team participated in the annual Boston Pride parade for the first time. Boston Pride is a celebration of the city's LGBTQ community and its allies that brings thousands of marchers and spectators into the streets. The parade finishes with a festival at City Hall.
![Building Our UI Design System](/sites/default/files/styles/4_3_small/public/migration/images/component%2520specs_1.png.webp?itok=QTVeNmMa)
As the Bitsight front end team grows we are investing in our design infrastructure to enable faster development, better collaboration, and a more unified look and feel in our product.
![How BitSight Helps Drive Quick Risk Reduction Across Third Party Ecosystems](/sites/default/files/styles/4_3_small/public/migration/images/3-27-Contextual-EVA-Blog-Full_1.png.webp?itok=GN5Gidos)
At a recent Bitsight Roadshow, a customer with an advanced third party risk management program declared “assessments are not risk reduction.” The statement was not meant to convey that assessments are useless for third party risk; rather, that assessments themselves don’t inherently drive risk down.
![Filtering Is Easy, Counting Is Hard](/sites/default/files/styles/4_3_small/public/migration/images/2.27-Engineering-Blog-Image-Thumb_1.png.webp?itok=-qPvx0JQ)
A few months back we added a new feature to the heart of our security ratings portal: the ability for users to not only filter companies in their portfolios, but also to see real-time updated counts of how many "filtered" companies match their selected filter criteria. In practice, this allows users to quickly see, for example, all of their vendors in the Technology or Finance industry with an IP footprint in the U.K or Germany that use Amazon or Google as service providers.