Bitsight Reviews

My major interest is in getting signal intelligence, risk vectors, and detailed information that BitSight collects around the attack surface of a company. We integrate this information with our overall cyber detection and counter-response strategy.

All our employees benefit from the information, not directly through BitSight, but through our own security analytics platform. As CISO, one of our objectives was cyber hygiene, and the major provider of metrics for cyber hygiene was BitSight.

The best thing about BitSight is the comprehensive list of risk vectors, covering compromised systems, diligence failures, and behavioral anomalies. The ability to drill down from a score to very detailed factual information about anomalies is valuable. They have a good web portal for users to access, a good API for system integration, and a comprehensive pricing structure.

BitSight could improve the classes and lower-level detections of anomalies that compound the information used to compute the rating. They could evolve to be a more powerful scanner of cyber hygiene for a company's exposed attack surface, allowing them to compete with companies like Qualys and CyCognito. It's important to ensure a correlation between the score and detailed information to avoid confusion.

We have been using this solution since 2016, about eight years.

BitSight is completely stable. As with any platform, when they update or fine-tune the rating algorithm, there may be changes in rating. That said, this is normal.

BitSight is scalable, and there are no issues surrounding its scalability.

The technical support from BitSight was very good. I was a privileged customer as BitSight's technical office was based in Lisbon, allowing personal connections. It was perfect for me, but other customers might not have the same experience.

The initial setup is straightforward for a normal company. For telcos, there is some additional work required to clean up the attack surface, however, it's still pretty easy. You can start almost plug-and-play and then make necessary adjustments through their portal.

I am currently evaluating the possibility of also using SecurityScorecard in a similar manner.

BitSight is still better than SecurityScorecard, and those two are completely separated from the rest of the market. For us, BitSight is better.

I'd rate the solution nine out of ten.

We use the solution for monitoring the supply chain and security performance management.

The solution's most valuable feature is third-party risk management. It provides the best capabilities to retrieve information on the security posture of third-party applications without any impact on our vendors' business processes.

The solution's factor analysis feature could be better.

We have been using the solution since 2020.

I rate the solution's stability a ten.

We have over 150 solution users as our customers. They are SMBs and enterprises.

The solution's customer service team responds quickly.

Positive

The solution's initial setup is easy. I rate it a ten. 

The solution's price is average.

I recommend the solution to others. It is simple to use, is very immediate, and has a return on investment. I rate it a ten.