Insights blog.

Bitsight is moving fast, but we don’t want to sacrifice code quality for speed, which is why tests have always played an important role in our development process. Although we are not doing TDD (Test-driven development), one of the key requirements for doing test heavy development is that the full test suite should be fast. If running all tests takes less than 5 minutes, developers are more likely to run them frequently and keep adding more tests. However, Bitsight's portal application is a bit of a monolith and takes longer than we would like to run test suites.

Over the last several months, members of our product team have been working to aggregate all of Bitsight’s security ratings data and highlight important insights about patterns in data breaches. In fact, Bitsight boasts one of the largest data breach data sets. Of course, this only highlights what data Bitsight has visibility into; with the largest sinkholing infrastructure in the world and the security posture of over 130,000 organizations, we have the most comprehensive view into global breach trends.

On July 12th, eighteen Bitsight employees participated in the Boston Children’s Hospital Corporate Cup. This is an annual event where local Boston companies from across all sectors compete against each other for a good cause: raising one million dollars for the children at Boston Children’s Hospital.

Within the Bitsight Security Ratings platform, we prioritize features that help organizations both identify and manage risks across their own networks and the networks of their third parties. Bitsight now enables users to identify organizations who are potentially vulnerable to VPNFilter malware or Oracle’s WebLogic server problems.

Last Thursday, Bitsight announced the closing of our Series D Round of funding. Not only is this important for our company, it is also extremely significant for the security and risk market as a whole.  

On June 9th, a Bitsight team participated in the annual Boston Pride parade for the first time. Boston Pride is a celebration of the city's LGBTQ community and its allies that brings thousands of marchers and spectators into the streets. The parade finishes with a festival at City Hall.

As the Bitsight front end team grows we are investing in our design infrastructure to enable faster development, better collaboration, and a more unified look and feel in our product.

At a recent Bitsight Roadshow, a customer with an advanced third party risk management program declared “assessments are not risk reduction.” The statement was not meant to convey that assessments are useless for third party risk; rather, that assessments themselves don’t inherently drive risk down.

A few months back we added a new feature to the heart of our security ratings portal: the ability for users to not only filter companies in their portfolios, but also to see real-time updated counts of how many "filtered" companies match their selected filter criteria. In practice, this allows users to quickly see, for example, all of their vendors in the Technology or Finance industry with an IP footprint in the U.K or Germany that use Amazon or Google as service providers.

The federal government relies on tens of thousands of contractors and subcontractors — often referred to as the federal “supply chain” — to provide critical services, hold or maintain sensitive data, deliver technology, and perform key functions. Along with the Federal Government itself, these contractors and subcontractors face a multitude of cyber threats.

New Tinynuke variant with a DGA in the wild

Due to security, reliability, and growth reasons, organizations are constantly upgrading their software to newer releases. Some upgrades are incremental and minor in nature. Others, like the upgrade from Django Rest Framework (DRF) V2 to V3, require coding changes due to incompatibilities between the releases. This article is about Bitsight's upgrade experience, lessons learned, and how we improved because of it.

For the second year in a row, Bitsight gave its engineers, product managers, and data and research scientists the day off from normal work to make something cool. The hackathon day had all the typical stuff: awesome custom-designed t-shirts, pizza for lunch, and a demo day the next day. The only “requirement” for teams was that they produce a working prototype to demo. We wanted actual code (not great code, necessarily, but code), not just design mocks.

As 2017 draws to a close, we can’t help but be grateful for what a banner year this has been for Bitsight.

Over 15 years ago, Shaun McConnon, Bitsight’s former CEO and current Executive Chairman of the Board, became involved with giving back to the local Boston community. Shaun and his wife, Bonnie, sat on the Board for a Sudbury-based charity benefitting children with cancer, which was affiliated with the first Proton Beam at Massachusetts General Hospital (MGH).