Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Critical Vulnerabilities Discovered in Automated Tank Gauge Systems
Bitsight TRACE explores several critical vulnerabilities discovered in ATG systems and their inherent risk when exposed to the Internet.
Delivering medical services involves hundreds of third-party vendors. We explore the criticality of healthcare vendor risk management and how organizations can overcome common challenges.
We dive deeper into a specific area where asset attribution can be particularly nuanced: assessing service providers’ security posture.
Want to know about Yet Another Vulnerability Scoring System (YASS)? Ben Edwards breaks down Stakeholder Specific Vulnerability Categorization and how to make it work.
Security ratings, or cyber security ratings, are a data-driven, objective and dynamic measurement of an organization’s security performance. Thousands of organizations around the world use Bitsight Security Ratings as a tool to address a variety of critical, interconnected internal and external use cases at scale in order to enable more effective decision making throughout the global business ecosystem.
An in-depth look into Web Application Security, and Bitsight's approach to related security metrics.
Our latest research, a collaboration between Bitsight TRACE & the security researcher Gi7w0rm, has uncovered additional details & information about the 7777 Botnet.
This blog follows up with an update on our data engine and the momentum we’re seeing with the second core component: Bitsight Graph of Internet Assets (GIA)
What is cyber resilience vs. cybersecurity and why in today’s digital economy you need a plan for both.
METI announced its intention to implement a cybersecurity rating system for companies by fiscal year 2025. Here are the key aspects of the planned system.
We cover investments that Bitsight is making to greatly scale out our vulnerability coverage in record time through automation.
We will focus on understanding a very specific NIS2 requirement: Coordinated Risk Assessments. Let’s explore what that means.
Network security threats are constantly evolving, and right now we’re in the middle of a particularly challenging time. While big-name breaches like SolarWinds and others grab headlines, multitudes of smaller incidents continue to occur everyday, costing companies millions of dollars.
Many organizations view parked domains as dormant, low-risk, and not worth the investment in robust security measures. This is a misconception. Here's why.
Much of your daily life depends on Industrial Control Systems(ICSs). We’ll cover ICSs unique characteristics and some of the challenges in applying IT security practices or technology to them.
Penetration tests (a.k.a. pen tests) are point-in-time cyber risk assessments. They allow IT and security professionals to assess the adequacy of security controls, including intrusion detection and response systems, and identify weaknesses that need attention.